docs: IPv6AcceptRA

feat: idols-ai - set ipv6 routes & link-local address
fix: hyprdile - do not suspend the system due to issues with HDR+hyprland
2026-05-28 18:39:31 +02:00 · 2025-06-02 17:41:18 +08:00 · 2025-06-02 17:34:54 +08:00 · 2025-06-02 14:43:38 +08:00 · 2025-06-02 14:17:12 +08:00 · 2025-06-02 11:26:10 +08:00
536 changed files with 92426 additions and 7995 deletions
@@ -0,0 +1,3 @@
 # https://github.com/github-linguist/linguist/blob/master/docs/overrides.md
 home/linux/desktop/i3/conf/polybar/** linguist-vendored
@@ -1,2 +1,3 @@
 github: ryan4yin
 patreon: ryan4yin
-custom:  ['https://buymeacoffee.com/ryan4yin', 'https://afdian.net/a/ryan4yin']
+custom: ["https://buymeacoffee.com/ryan4yin"]
@@ -1,24 +0,0 @@
 name: Nix Flake Check
 on: [push, pull_request, workflow_dispatch]
 jobs:
  checks:
    name: Check expressions
    runs-on: ubuntu-latest
    steps:
      # - name: Checkout repository
      #   uses: actions/checkout@v4
      # - name: Install nix
      #   uses: cachix/install-nix-action@v24
      #   with:
      #     install_url: https://nixos.org/nix/install
      #     extra_nix_config: |
      #       access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
      #       experimental-features = nix-command flakes
      - name: Run Nix Flake Check
        run: |
          echo 'TODO: nix flake check'
          # nix flake check
@@ -0,0 +1,42 @@
 name: Nix Flake Eval Tests
 on:
  push:
    branches:
      - main
    paths-ignore:
      - "scripts/**"
      - "**.md"
      - "**.nu"
      - "Justfile"
  pull_request:
    branches:
      - main
    paths-ignore:
      - "scripts/**"
      - "**.md"
      - "**.nu"
      - "Justfile"
 jobs:
  checks:
    name: Check expressions
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
      - name: Install nix
        uses: cachix/install-nix-action@v24
        with:
          install_url: https://nixos.org/nix/install
          extra_nix_config: |
            access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
            experimental-features = nix-command flakes
      - name: Run Nix Flake Eval Tests
        run: |
          echo 'Flake Eval Tests'
          # stack overflow...
          # nix eval .#checks --show-trace --print-build-logs --verbose
          nix eval .#evalTests --show-trace --print-build-logs --verbose
@@ -1,7 +1,11 @@
 name: Mirror this repo to Gitee
 on:
-  workflow_dispatch: {}
+  push:
-  push: {}
+    branches:
      - main
    tags:
      - "*"
 jobs:
  mirror:
    runs-on: ubuntu-latest
@@ -26,4 +30,3 @@ jobs:
          export GIT_SSH_COMMAND="ssh -v -i ~/.ssh/id_rsa -o StrictHostKeyChecking=no"
          git remote add mirror "$INPUT_TARGET_REPO_URL"
          git push --tags --force --prune mirror "refs/remotes/origin/*:refs/heads/*"
@@ -3,3 +3,7 @@ result/
 .direnv/
 .DS_Store
 .pre-commit-config.yaml
 logs/
 core*
 !core/
 !core.nix
@@ -0,0 +1,8 @@
 LICENSE.md
 dist
 pnpm-lock.yaml
 flake.lock
 vercel.json
 cache
 temp
 .temp
@@ -0,0 +1,6 @@
 # https://prettier.io/docs/en/options
 semi: false
 singleQuote: false
 printWidth: 100
 proseWrap: always # always change wrapping in markdown text
 trailingComma: es5
@@ -0,0 +1,34 @@
 [files]
 ignore-dot = true
 ignore-files = true
 extend-exclude = ["themes/", "data/", "static-surprises/", "resources/"]
 [default]
 binary = false
 # ignore some special identifiers(sha256, mac address, crypto keys, etc)
 extend-ignore-re = [
  "iterm2",
  "iHgEIBYKACAWIQSizQe9ljFEyyclWmtVhZllwnQrSwUCZZ1T9wIdAAAKCRBVhZll", # crypto keys
  "noice",                                                            # noice.nvim
  "crypted-nixos",
  "daed",
  # catppuccin theme colors
  "11111b",
  "1e1e2e",
  "313244",
  "414356",
  "45475a",
  "585b70",
  "89b4fa",
  "94e2d5",
  "a6adc8",
  "a6e3a1",
  "bac2de",
  "cdd6f4",
  "f38ba8",
  "f5c2e7",
  "f5e0dc",
  "f9e2af",
  "fab387",
 ]
@@ -0,0 +1,377 @@
 # just is a command runner, Justfile is very similar to Makefile, but simpler.
 # Use nushell for shell commands
 # To use this justfile, you need to enter a shell with just & nushell installed:
 # 
 #   nix shell nixpkgs#just nixpkgs#nushell
 set shell := ["nu", "-c"]
 utils_nu := absolute_path("utils.nu")
 ############################################################################
 #
 #  Common commands(suitable for all machines)
 #
 ############################################################################
 # List all the just commands
 default:
    @just --list
 # Run eval tests
 [group('nix')]
 test:
  nix eval .#evalTests --show-trace --print-build-logs --verbose
 # Update all the flake inputs
 [group('nix')]
 up:
  nix flake update
 # Update specific input
 # Usage: just upp nixpkgs
 [group('nix')]
 upp input:
  nix flake update {{input}}
 # List all generations of the system profile
 [group('nix')]
 history:
  nix profile history --profile /nix/var/nix/profiles/system
 # Open a nix shell with the flake
 [group('nix')]
 repl:
  nix repl -f flake:nixpkgs
 # remove all generations older than 7 days
 # on darwin, you may need to switch to root user to run this command
 [group('nix')]
 clean:
  sudo nix profile wipe-history --profile /nix/var/nix/profiles/system  --older-than 7d
 # Garbage collect all unused nix store entries
 [group('nix')]
 gc:
  # garbage collect all unused nix store entries(system-wide)
  sudo nix-collect-garbage --delete-older-than 7d
  # garbage collect all unused nix store entries(for the user - home-manager)
  # https://github.com/NixOS/nix/issues/8508
  nix-collect-garbage --delete-older-than 7d
 # Enter a shell session which has all the necessary tools for this flake
 [linux]
 [group('nix')]
 shell:
  nix shell nixpkgs#git nixpkgs#neovim nixpkgs#colmena
 # Enter a shell session which has all the necessary tools for this flake
 [macos]
 [group('nix')]
 shell:
  nix shell nixpkgs#git nixpkgs#neovim
 [group('nix')]
 fmt:
  # format the nix files in this repo
  nix fmt
 # Show all the auto gc roots in the nix store
 [group('nix')]
 gcroot:
  ls -al /nix/var/nix/gcroots/auto/
 # Verify all the store entries
 # Nix Store can contains corrupted entries if the nix store object has been modified unexpectedly.
 # This command will verify all the store entries,
 # and we need to fix the corrupted entries manually via `sudo nix store delete <store-path-1> <store-path-2> ...`
 [group('nix')]
 verify-store:
  nix store verify --all
 # Repair Nix Store Objects
 [group('nix')]
 repair-store *paths:
  nix store repair {{paths}}
 ############################################################################
 #
 #  NixOS Desktop related commands
 #
 ############################################################################
 [linux]
 [group('desktop')]
 hypr mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  nixos-switch ai-hyprland {{mode}}
 [linux]
 [group('desktop')]
 s-hypr mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  nixos-switch shoukei-hyprland {{mode}}
 ############################################################################
 #
 #  Darwin related commands, harmonica is my macbook pro's hostname
 #
 ############################################################################
 [macos]
 [group('desktop')]
 darwin-set-proxy:
  sudo python3 scripts/darwin_set_proxy.py
  sleep 1sec
 [macos]
 [group('desktop')]
 darwin-rollback:
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-rollback
 # Deploy to harmonica(macOS host)
 [macos]
 [group('desktop')]
 ha mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-build "harmonica" {{mode}};
  darwin-switch "harmonica" {{mode}}
 # Depoly to fern(macOS host)
 [macos]
 [group('desktop')]
 fe mode="default": 
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-build "fern" {{mode}};
  darwin-switch "fern" {{mode}}
 # Depoly to frieren(macOS host)
 [macos]
 [group('desktop')]
 fr mode="default": 
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-build "frieren" {{mode}};
  darwin-switch "frieren" {{mode}}
 # Reset launchpad to force it to reindex Applications
 [macos]
 [group('desktop')]
 reset-launchpad:
  defaults write com.apple.dock ResetLaunchPad -bool true
  killall Dock
 ############################################################################
 #
 #  Homelab - Kubevirt Cluster related commands
 #
 ############################################################################
 # Remote deployment via colmena
 [linux]
 [group('homelab')]
 col tag:
  colmena apply --on '@{{tag}}' --verbose --show-trace
 [linux]
 [group('homelab')]
 local name mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  nixos-switch {{name}} {{mode}}
 # Build and upload a vm image
 [linux]
 [group('homelab')]
 upload-vm name mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  upload-vm {{name}} {{mode}}
 # Deploy all the KubeVirt nodes(Physical machines running KubeVirt)
 [linux]
 [group('homelab')]
 lab:
  colmena apply --on '@virt-*' --verbose --show-trace
 [linux]
 [group('homelab')]
 shoryu:
  colmena apply --on '@kubevirt-shoryu' --verbose --show-trace
 [linux]
 [group('homelab')]
 shoryu-local mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kubevirt-shoryu {{mode}}
 [linux]
 [group('homelab')]
 shushou:
  colmena apply --on '@kubevirt-shushou' --verbose --show-trace
 [linux]
 [group('homelab')]
 shushou-local mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kubevirt-shushou {{mode}}
 [linux]
 [group('homelab')]
 youko:
  colmena apply --on '@kubevirt-youko' --verbose --show-trace
 [linux]
 [group('homelab')]
 youko-local mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kubevirt-youko {{mode}}
 ############################################################################
 #
 # Commands for other Virtual Machines
 #
 ############################################################################
 # Build and upload a vm image
 [linux]
 [group('homelab')]
 upload-idols mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  upload-vm aquamarine {{mode}}
  upload-vm ruby {{mode}}
  upload-vm kana {{mode}}
 [linux]
 [group('homelab')]
 aqua:
  colmena apply --on '@aqua' --verbose --show-trace
 [linux]
 [group('homelab')]
 aqua-local mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch aquamarine {{mode}}
 [linux]
 [group('homelab')]
 ruby:
  colmena apply --on '@ruby' --verbose --show-trace
 [linux]
 [group('homelab')]
 ruby-local mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch ruby {{mode}}
 [linux]
 [group('homelab')]
 kana:
  colmena apply --on '@kana' --verbose --show-trace
 [linux]
 [group('homelab')]
 kana-local mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kana {{mode}}
 ############################################################################
 #
 # Kubernetes related commands
 #
 ############################################################################
 # Build and upload a vm image
 [linux]
 [group('homelab')]
 upload-k3s-prod mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  upload-vm k3s-prod-1-master-1 {{mode}}; 
  upload-vm k3s-prod-1-master-2 {{mode}}; 
  upload-vm k3s-prod-1-master-3 {{mode}}; 
  upload-vm k3s-prod-1-worker-1 {{mode}}; 
  upload-vm k3s-prod-1-worker-2 {{mode}}; 
  upload-vm k3s-prod-1-worker-3 {{mode}};
 [linux]
 [group('homelab')]
 upload-k3s-test mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  upload-vm k3s-test-1-master-1 {{mode}}; 
  upload-vm k3s-test-1-master-2 {{mode}}; 
  upload-vm k3s-test-1-master-3 {{mode}};
 [linux]
 [group('homelab')]
 k3s-prod:
  colmena apply --on '@k3s-prod-*' --verbose --show-trace
 [linux]
 [group('homelab')]
 k3s-test:
  colmena apply --on '@k3s-test-*' --verbose --show-trace
 # =================================================
 #
 # Other useful commands
 #
 # =================================================
 [group('common')]
 path:
   $env.PATH | split row ":"
 [group('common')]
 trace-access app *args:
  strace -f -t -e trace=file {{app}} {{args}} | complete | $in.stderr | lines | find -v -r "(/nix/store|/newroot|/proc)" | parse --regex '"(/.+)"' | sort | uniq
 [linux]
 [group('common')]
 penvof pid:
  sudo cat $"/proc/($pid)/environ" | tr '\0' '\n'
 # Remove all reflog entries and prune unreachable objects
 [group('git')]
 ggc:
  git reflog expire --expire-unreachable=now --all
  git gc --prune=now
 # Amend the last commit without changing the commit message
 [group('git')]
 game:
  git commit --amend -a --no-edit
 # Delete all failed pods
 [group('k8s')]
 del-failed:
  kubectl delete pod --all-namespaces --field-selector="status.phase==Failed"
 [linux]
 [group('services')]
 list-inactive:
  systemctl list-units -all --state=inactive
 [linux]
 [group('services')]
 list-failed:
  systemctl list-units -all --state=failed
 [linux]
 [group('services')]
 list-systemd:
  systemctl list-units systemd-*
@@ -1,161 +0,0 @@
 #
 #  NOTE: Makefile's target name should not be the same as one of the file or directory in the current directory, 
 #    otherwise the target will not be executed!
 #
 ############################################################################
 #
 #  Nix commands related to the local machine
 #
 ############################################################################
 i3: 
 	nixos-rebuild switch --flake .#ai_i3 --use-remote-sudo
 hypr:
 	nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo
 i3-debug:
 	nixos-rebuild switch --flake .#ai_i3 --use-remote-sudo --show-trace --verbose
 hypr-debug:
 	nixos-rebuild switch --flake .#ai_hyprland --use-remote-sudo --show-trace --verbose
 up:
 	nix flake update
 # Update specific input
 # usage: make upp i=wallpapers
 upp:
 	nix flake lock --update-input $(i)
 history:
 	nix profile history --profile /nix/var/nix/profiles/system
 repl:
 	nix repl -f flake:nixpkgs
 eye:
 	systemctl --user start gammastep.service
 gc:
 	# remove all generations older than 7 days
 	sudo nix profile wipe-history --profile /nix/var/nix/profiles/system  --older-than 7d
 	# garbage collect all unused nix store entries
 	# sudo nix store gc --debug
 ############################################################################
 #
 #  Darwin related commands, harmonica is my macbook pro's hostname
 #
 ############################################################################
 darwin-set-proxy:
 	sudo python3 scripts/darwin_set_proxy.py
 	sleep 1
 darwin-rollback:
 	./result/sw/bin/darwin-rebuild rollback
 ha: darwin-set-proxy
 	nix build .#darwinConfigurations.harmonica.system
 	./result/sw/bin/darwin-rebuild switch --flake .#harmonica
 ha-debug: darwin-set-proxy
 	nom build .#darwinConfigurations.harmonica.system --show-trace --verbose
 	./result/sw/bin/darwin-rebuild switch --flake .#harmonica --show-trace --verbose
 fe: darwin-set-proxy
 	nix build .#darwinConfigurations.fern.system
 	./result/sw/bin/darwin-rebuild switch --flake .#fern
 fe-debug: darwin-set-proxy
 	nom build .#darwinConfigurations.fern.system --show-trace --verbose
 	./result/sw/bin/darwin-rebuild switch --flake .#fern --show-trace --verbose
 ############################################################################
 #
 #  Idols, Commands related to my remote distributed building cluster
 #
 ############################################################################
 add-idols-ssh-key:
 	ssh-add ~/.ssh/ai-idols
 idols: add-idols-ssh-key
 	colmena apply --on '@dist-build'
 aqua:
 	colmena apply --on '@aqua'
 ruby:
 	colmena apply --on '@ruby'
 kana:
 	colmena apply --on '@kana'
 idols-debug: add-idols-ssh-key
 	colmena apply --on '@dist-build' --verbose --show-trace
 # only used once to setup the virtual machines
 idols-image:
 	# take image for idols, and upload the image to proxmox nodes.
 	nom build .#aquamarine
 	scp result root@gtr5:/var/lib/vz/dump/vzdump-qemu-aquamarine.vma.zst
 	nom build .#ruby
 	scp result root@s500plus:/var/lib/vz/dump/vzdump-qemu-ruby.vma.zst
 	nom build .#kana
 	scp result root@um560:/var/lib/vz/dump/vzdump-qemu-kana.vma.zst
 ############################################################################
 #
 #	RISC-V related commands
 #		
 ############################################################################
 roll: add-idols-ssh-key
 	colmena apply --on '@riscv' 
 roll-debug: add-idols-ssh-key
 	colmena apply --on '@dist-build' --verbose --show-trace
 nozomi:
 	colmena apply --on '@nozomi'
 yukina:
 	colmena apply --on '@yukina'
 ############################################################################
 #
 # Aarch64 related commands
 #
 ############################################################################
 aarch:
 	colmena apply --on '@aarch'
 suzu:
 	colmena apply --on '@suzu'
 suzu-debug:
 	colmena apply --on '@suzu' --verbose --show-trace
 ############################################################################
 #
 #  Misc, other useful commands
 #
 ############################################################################
 fmt:
 	# format the nix files in this repo
 	nix fmt
 .PHONY: clean  
 clean:  
 	rm -rf result
@@ -8,49 +8,74 @@
 	<a href="https://github.com/ryan4yin/nix-config/stargazers">
 		<img alt="Stargazers" src="https://img.shields.io/github/stars/ryan4yin/nix-config?style=for-the-badge&logo=starship&color=C9CBFF&logoColor=D9E0EE&labelColor=302D41"></a>
    <a href="https://nixos.org/">
-        <img src="https://img.shields.io/badge/NixOS-23.05-informational.svg?style=for-the-badge&logo=nixos&color=F2CDCD&logoColor=D9E0EE&labelColor=302D41"></a>
+        <img src="https://img.shields.io/badge/NixOS-25.05-informational.svg?style=for-the-badge&logo=nixos&color=F2CDCD&logoColor=D9E0EE&labelColor=302D41"></a>
    <a href="https://github.com/ryan4yin/nixos-and-flakes-book">
        <img src="https://img.shields.io/static/v1?label=Nix Flakes&message=learning&style=for-the-badge&logo=nixos&color=DDB6F2&logoColor=D9E0EE&labelColor=302D41"></a>
  </a>
 </p>
-This repository is home to the nix code that builds my systems.
+> My configuration is becoming more and more complex, and **it will be difficult for beginners to
 > read**. If you are new to NixOS and want to know how I use NixOS, I would recommend you to take a
 > look at the [ryan4yin/nix-config/releases](https://github.com/ryan4yin/nix-config/releases) first,
 > **check out to some simpler older versions, such as
 > [i3-kickstarter](https://github.com/ryan4yin/nix-config/tree/i3-kickstarter), which will be much
 > easier to understand**.
 This repository is home to the nix code that builds my systems:
 1. NixOS Desktops: NixOS with home-manager, hyprland, agenix, etc.
 2. macOS Desktops: nix-darwin with home-manager, share the same home-manager configuration with
   NixOS Desktops.
 3. NixOS Servers: virtual machines running on Proxmox/KubeVirt, with various services, such as
   kubernetes, homepage, prometheus, grafana, etc.
 See [./hosts](./hosts) for details of each host.
 See [./Virtual-Machine.md](./Virtual-Machine.md) for details of how to create & manage KubeVirt's
 Virtual Machine from this flake.
 ## Why NixOS & Flakes?
-Nix allows for easy-to-manage, collaborative, reproducible deployments. This means that once something is setup and configured once, it works (almost) forever. If someone else shares their configuration, anyone can make use of it(if you really understand what you're copying/refering now).
+Nix allows for easy-to-manage, collaborative, reproducible deployments. This means that once
 something is setup and configured once, it works (almost) forever. If someone else shares their
 configuration, anyone else can just use it (if you really understand what you're copying/referring
 now).
-As for Flakes, refer to [Introduction to Flakes - NixOS & Nix Flakes Book](https://nixos-and-flakes.thiscute.world/nixos-with-flakes/introduction-to-flakes)
+As for Flakes, refer to
 [Introduction to Flakes - NixOS & Nix Flakes Book](https://nixos-and-flakes.thiscute.world/nixos-with-flakes/introduction-to-flakes)
-**Want to know NixOS & Flaks in detail? Looking for a beginner-friendly tutorial or best practices? You don't have to go through the pain I've experienced again! Check out  my [NixOS & Nix Flakes Book - 🛠️ ❤️ An unofficial & opinionated :book: for beginners](https://github.com/ryan4yin/nixos-and-flakes-book)!**
+**Want to know NixOS & Flakes in detail? Looking for a beginner-friendly tutorial or best practices?
 You don't have to go through the pain I've experienced again! Check out my
 [NixOS & Nix Flakes Book - 🛠️ ❤️ An unofficial & opinionated :book: for beginners](https://github.com/ryan4yin/nixos-and-flakes-book)!**
-> If you're using macOS, check out [ryan4yin/nix-darwin-kickstarter](https://github.com/ryan4yin/nix-darwin-kickstarter) for a quick start.
+> If you're using macOS, check out
 > [ryan4yin/nix-darwin-kickstarter](https://github.com/ryan4yin/nix-darwin-kickstarter) for a quick
 > start.
 ## Components
-|                             | NixOS(Wayland)                                                                                                    | NixOS(Xorg)                                                                                                       |
+|                             | NixOS(Wayland)                                                                                                      |
-| --------------------------- | :---------------------------------------------------------------------------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- |
+| --------------------------- | ------------------------------------------------------------------------------------------------------------------- |
-| **Window Manager**          | [Hyprland][Hyprland]                                                                                              | [i3][i3]                                                                                                          |
+| **Window Manager**          | [Hyprland][Hyprland]                                                                                                |
-| **Terminal Emulator**       | [Kitty][Kitty]                                                                                                    | [Kitty][Kitty]                                                                                                    |
+| **Terminal Emulator**       | [Zellij][Zellij] + [Kitty][Kitty]                                                                                   |
-| **Bar**                     | [Waybar][Waybar]                                                                                                  | [i3block][i3block]                                                                                                |
+| **Bar**                     | [Waybar][Waybar]                                                                                                    |
-| **Application Launcher**    | [anyrun][anyrun]                                                                                                  | [rofi][rofi]                                                                                                      |
+| **Application Launcher**    | [anyrun][anyrun]                                                                                                    |
-| **Notification Daemon**     | [Mako][Mako]                                                                                                      | [Dunst][Dunst]                                                                                                    |
+| **Notification Daemon**     | [Mako][Mako]                                                                                                        |
-| **Display Manager**         | [GDM][GDM]                                                                                                        | [GDM][GDM]                                                                                                        |
+| **Display Manager**         | [GDM][GDM]                                                                                                          |
-| **Color Scheme**            | [Catppuccin][Catppuccin]                                                                                          | [Catppuccin][Catppuccin]                                                                                          |
+| **Color Scheme**            | [Catppuccin][Catppuccin]                                                                                            |
-| **network management tool** | [NetworkManager][NetworkManager]                                                                                  | [NetworkManager][NetworkManager]                                                                                  |
+| **network management tool** | [NetworkManager][NetworkManager]                                                                                    |
-| **Input method framework**  | [Fcitx5][Fcitx5]                                                                                                  | [Fcitx5][Fcitx5]                                                                                                  |
+| **Input method framework**  | [Fcitx5][Fcitx5]                                                                                                    |
-| **System resource monitor** | [Btop][Btop]                                                                                                      | [Btop][Btop]                                                                                                      |
+| **System resource monitor** | [Btop][Btop]                                                                                                        |
-| **File Manager**            | [ranger][ranger] + [thunar][thunar]                                                                               | [ranger][ranger] + [thunar][thunar]                                                                               |
+| **File Manager**            | [Yazi][Yazi] + [thunar][thunar]                                                                                     |
-| **Shell**                   | [Nushell][Nushell] + [Starship][Starship]                                                                         | [Nushell][Nushell] + [Starship][Starship]                                                                         |
+| **Shell**                   | [Nushell][Nushell] + [Starship][Starship]                                                                           |
-| **Music Player**            | [mpd][mpd], [ncmpcpp][ncmpcpp], [mpc][mpc], [Netease-cloud-music-gtk][netease-cloud-music-gtk]                    | [Netease-cloud-music-gtk][netease-cloud-music-gtk]                                                                |
+| **Media Player**            | [mpv][mpv]                                                                                                          |
-| **Media Player**            | [mpv][mpv]                                                                                                        | [mpv][mpv]                                                                                                        |
+| **Text Editor**             | [Neovim][Neovim]                                                                                                    |
-| **Text Editor**             | [Neovim][Neovim]                                                                                                  | [Neovim][Neovim]                                                                                                  |
+| **Fonts**                   | [Nerd fonts][Nerd fonts]                                                                                            |
-| **Fonts**                   | [Nerd fonts][Nerd fonts]                                                                                          | [Nerd fonts][Nerd fonts]                                                                                          |
+| **Image Viewer**            | [imv][imv]                                                                                                          |
-| **Image Viewer**            | [imv][imv]                                                                                                        | [imv][imv]                                                                                                        |
+| **Screenshot Software**     | [hyprshot][hyprshot]                                                                               |
-| **Screenshot Software**     | [grim][grim]                                                                                                      | [flameshot](https://github.com/flameshot-org/flameshot)                                                           |
+| **Screen Recording**        | [OBS][OBS]                                                                                                          |
-| **Screen Recording**        | [OBS][OBS]                                                                                                        | [OBS][OBS]                                                                                                        |
+| **Filesystem & Encryption** | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] encrypted partition for persistent, unlock via passphrase |
-| **Filesystem & Encryption** | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] crypted partition for persistent, unlock via passphrase | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] crypted partition for persistent, unlock via passphrase |
+| **Secure Boot**             | [lanzaboote][lanzaboote]                                                                                            |
 | **Secure Boot**             | [lanzaboote][lanzaboote]                                                                                          | [lanzaboote][lanzaboote]                                                                                          |
 Wallpapers: https://github.com/ryan4yin/wallpapers
@@ -60,18 +85,9 @@ Wallpapers: https://github.com/ryan4yin/wallpapers
 ![](./_img/hyprland_2023-07-29_2.webp)
 ## I3 + AstroNvim
 ![](./_img/i3_2023-07-29_1.webp)
 ![](./_img/i3_2023-07-29_2.webp)
 ## Neovim
-See [./home/base/desktop/neovim](./home/base/desktop/neovim) for details.
+See [./home/base/tui/editors/neovim/](./home/base/tui/editors/neovim/) for details.
 ## Hosts
 See [./hosts](./hosts) for details.
 ## Secrets Management
@@ -79,71 +95,56 @@ See [./secrets](./secrets) for details.
 ## How to Deploy this Flake?
-> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine:exclamation: It will not succeed.** this flake contains my hardware configuration(such as [hardware-configuration.nix](hosts/idols/ai/hardware-configuration.nix), [cifs-mount.nix](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols/ai/cifs-mount.nix), [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols/ai/default.nix#L77-L91), etc.) which is not suitable for your hardware, and my private secrets repository [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) that only I have access to. You may use this repo as a reference to build your own configuration.
+<!-- prettier-ignore -->
 > :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine :exclamation:
 > It will not succeed.** This flake contains my hardware configuration(such as
 > [hardware-configuration.nix](hosts/idols-ai/hardware-configuration.nix),
 > [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols-ai/default.nix#L77-L91),
 > etc.) which is not suitable for your hardware, and requires my private secrets repository
 > [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) to deploy. You
 > may use this repo as a reference to build your own configuration.
 For NixOS:
-> To deploy this flake from NixOS's official ISO image(purest installation method), please refer to [./hosts/idols/ai/nixos-installer/](./hosts/idols/ai/nixos-installer/)
+> To deploy this flake from NixOS's official ISO image (purest installation method), please refer to
 > [./nixos-installer/](./nixos-installer/)
 > Need to restart the machine when switching between `wayland` and `xorg`.
 ```bash
 # deploy one of the configuration based on the hostname
-sudo nixos-rebuild switch --flake .#ai_i3
+sudo nixos-rebuild switch --flake .#ai-hyprland
 # sudo nixos-rebuild switch --flake .#ai_hyprland
-# we can also deploy using `make`, which is defined in Makefile
+# deploy via `just`(a command runner with similar syntax to make) & Justfile
-make i3    # deploy my pc with i3 window manager
+just hypr  # deploy my pc with hyprland compositor
 # make hypr  # deploy my pc with hyprland compositor
 # or we can deploy with details
-make i3-debug
+just hypr debug
 # make hypr-debug
 ```
 For macOS:
 ```bash
-# deploy harmonicia's configuration(macOS Intel)
+# If you are deploying for the first time,
-make ha
+# 1. install nix & homebrew manually.
 # 2. prepare the deployment environment with essential packages available
 nix-shell -p just nushell
 # 3. comment home-manager's code in lib/macosSystem.nix to speed up the first deployment.
 # 4. comment out the proxy settings in scripts/darwin_set_proxy.py if the proxy is not ready yet.
 # 4. deploy harmonica's configuration(macOS Intel)
 just ha
 # deploy fern's configuration(Apple Silicon)
-make fe
+just fe
 # deploy with details
-make ha-debug
+just ha debug
-# make fe
+# just fe debug
 ```
-> [What y'all will need when Nix drives you to drink.](https://www.youtube.com/watch?v=Eni9PPPPBpg) (copy from hlissner's dotfiles, it really matches my feelings when I first started using NixOS...)
+> [What y'all will need when Nix drives you to drink.](https://www.youtube.com/watch?v=Eni9PPPPBpg)
-
+> (copy from hlissner's dotfiles, it really matches my feelings when I first started using NixOS...)
 ## How to create & managage VM from this flake?
 use `aquamarine` as an example, we can create a virtual machine with the following command:
 ```shell
 # 1. generate a proxmox vma image file
 nom build .#aquamarine  # `nom`(nix-output-monitor) can be replaced by the standard command `nix`
 # 2. upload the genereated image to proxmox server's backup directory `/var/lib/vz/dump`
 #    please replace the vma file name with the one you generated in step 1.
 scp result/vzdump-qemu-aquamarine-nixos-23.11.20230603.dd49825.vma.zst root@192.168.5.174:/var/lib/vz/dump
 # 3. the image we uploaded will be listed in proxmox web ui's this page: [storage 'local'] -> [backups], we can restore a vm from it via the web ui now.
 ```
 Once the virtual machine `aquamarine` is created, we can deploy updates to it with the following commands:
 ```shell
 # 1. add the ssh key to ssh-agent
 ssh-add ~/.ssh/ai-idols
 # 2. deploy the configuration to all the remote host with tag `@dist-build`
 # using the ssh key we added in step 1
 colmena apply --on '@dist-build' --show-trace
 ```
 If you're not familiar with remote deployment, please read this tutorial first: [Remote Deployment - NixOS & Flakes Book](https://nixos-and-flakes.thiscute.world/best-practices/remote-deployment)
 ## References
@@ -158,52 +159,51 @@ Other dotfiles that inspired me:
  - [davidtwco/veritas](https://github.com/davidtwco/veritas)
  - [gvolpe/nix-config](https://github.com/gvolpe/nix-config)
  - [Ruixi-rebirth/flakes](https://github.com/Ruixi-rebirth/flakes)
-  - [fufexan/dotfiles](https://github.com/fufexan/dotfiles): gtk theme, xdg, git, media, anyrun, etc.
+  - [fufexan/dotfiles](https://github.com/fufexan/dotfiles): gtk theme, xdg, git, media, anyrun,
    etc.
  - [nix-community/srvos](https://github.com/nix-community/srvos): a collection of opinionated and
    sharable NixOS configurations for servers
 - Modularized NixOS Configuration
  - [hlissner/dotfiles](https://github.com/hlissner/dotfiles)
  - [viperML/dotfiles](https://github.com/viperML/dotfiles)
 - Hyprland(wayland)
-  - [notwidow/hyprland](https://github.com/notwidow/hyprland): This is where I start my hyprland journey.
+  - [notwidow/hyprland](https://github.com/notwidow/hyprland): This is where I start my hyprland
-  - [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles): Refer to the waybar configuration here.
+    journey.
  - [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles): Refer to the waybar
    configuration here.
  - [Zeioth/zeioth-hyprland-config](https://github.com/Zeioth/zeioth-hyprland-config)
  - [linuxmobile/kaku](https://github.com/linuxmobile/kaku)
 - I3 Window Manager
  - [endeavouros-i3wm-setup](https://github.com/endeavouros-team/endeavouros-i3wm-setup): I started using i3 here, and my i3 configuration is also based on it, but made a lot of changes.
  - [denisse-dev/dotfiles](https://github.com/denisse-dev/dotfiles)
 - Neovim/AstroNvim
  - [maxbrunet/dotfiles](https://github.com/maxbrunet/dotfiles): astronvim with nix flakes.
 - Misc
  - [1amSimp1e/dots](https://github.com/1amSimp1e/dots)
 [Hyprland]: https://github.com/hyprwm/Hyprland
 [i3]: https://github.com/i3/i3
 [Kitty]: https://github.com/kovidgoyal/kitty
 [Nushell]: https://github.com/nushell/nushell
 [Starship]: https://github.com/starship/starship
 [Waybar]: https://github.com/Alexays/Waybar
-[i3block]: https://github.com/vivien/i3blocks
+[polybar]: https://github.com/polybar/polybar
 [rofi]: https://github.com/davatorium/rofi
 [anyrun]: https://github.com/Kirottu/anyrun
 [Dunst]: https://github.com/dunst-project/dunst
 [Fcitx5]: https://github.com/fcitx/fcitx5
 [Btop]: https://github.com/aristocratos/btop
 [mpv]: https://github.com/mpv-player/mpv
 [Zellij]: https://github.com/zellij-org/zellij
 [Neovim]: https://github.com/neovim/neovim
 [AstroNvim]: https://github.com/AstroNvim/AstroNvim
-[flameshot]: https://github.com/flameshot-org/flameshot
+[Hyprshot]: https://github.com/Gustash/Hyprshot
 [grim]: https://github.com/emersion/grim
 [imv]: https://sr.ht/~exec64/imv/
 [OBS]: https://obsproject.com
 [Mako]: https://github.com/emersion/mako
 [Nerd fonts]: https://github.com/ryanoasis/nerd-fonts
 [catppuccin]: https://github.com/catppuccin/catppuccin
 [mpd]: https://github.com/MusicPlayerDaemon/MPD
 [ncmpcpp]: https://github.com/ncmpcpp/ncmpcpp
 [mpc]: https://github.com/MusicPlayerDaemon/mpc
 [Netease-cloud-music-gtk]: https://github.com/gmg137/netease-cloud-music-gtk
 [NetworkManager]: https://wiki.gnome.org/Projects/NetworkManager
 [wl-clipboard]: https://github.com/bugaevc/wl-clipboard
 [GDM]: https://wiki.archlinux.org/title/GDM
 [thunar]: https://gitlab.xfce.org/xfce/thunar
-[ranger]: https://github.com/ranger/ranger
+[Yazi]: https://github.com/sxyazi/yazi
 [Catppuccin]: https://github.com/catppuccin/catppuccin
 [Btrfs]: https://btrfs.readthedocs.io
 [LUKS]: https://wiki.archlinux.org/title/Dm-crypt/Encrypting_an_entire_system
@@ -0,0 +1,26 @@
 ## How to create & managage KubeVirt's Virtual Machine from this flake?
 Use `aquamarine` as an example, first build and upload the virtual machine's qcow2 image to the file
 server:
 ```shell
 just upload-vm aquamarine
 ```
 Then create the virtual machine by creating a yaml file at
 [ryan4yin/k8s-gitops](https://github.com/ryan4yin/k8s-gitops/tree/main/vms), set the
 `spec.dataVolumeTemplates[0].source.http.url` to the uploaded file's URL, and fluxcd will
 automatically apply the changes, then a virtual machine named `aquamarine` will be created in the
 KubeVirt cluster.
 Once the virtual machine `aquamarine` is created, we can deploy updates to it with the following
 commands:
 ```shell
 just col aquamarine
 just col kubevirt-shoryu
 just col k3s-test-1-master-1
 ```
 If you're not familiar with remote deployment, please read this tutorial first:
 [Remote Deployment - NixOS & Flakes Book](https://nixos-and-flakes.thiscute.world/best-practices/remote-deployment)
@@ -0,0 +1,2 @@
 *.key
 *.csr
@@ -0,0 +1,7 @@
 # My Private PKI / CA
 This is my private Private Key Infrastructure (PKI) / Certificate Authority (CA) for my personal
 use. It is used to issue certificates for my own servers and services.
 All the private keys are ignored by git, and will be stored in my private secrets repo
 [../secrets](../secrets/)
@@ -0,0 +1,10 @@
 -----BEGIN CERTIFICATE-----
 MIIBajCB8QIJAIwL98is2nQPMAoGCCqGSM49BAMEMB8xHTAbBgNVBAMMFFJ5YW40
 WWluJ3MgUm9vdCBDQSAxMB4XDTI0MDQwMzA4NDgzM1oXDTM0MDQwMTA4NDgzM1ow
 HzEdMBsGA1UEAwwUUnlhbjRZaW4ncyBSb290IENBIDEwdjAQBgcqhkjOPQIBBgUr
 gQQAIgNiAAQ6ixMbsGZ/u/ZnwzOZ49naVL7rQxm9C74SboGytKcYBH03JjC7tgZ3
 DylirxSLcTYHHtCz9ajdamP6+sgiGVpUODtfGSO+WmS+gAbLjCS37T41bkUhkx88
 JU4NsGhjPXcwCgYIKoZIzj0EAwQDaAAwZQIwDrGLSdO+p/1uywkzqzdM/OnZs8bp
 n60uBhUI7EZzDmrouOFeGx+dXYI5yy5AD/qDAjEA7fTQx+jccyOj4dimq1iU9+71
 e/gWYg0rexfy/+9dQY6kvwMzv8Lnm6URaRMbE1Q/
 -----END CERTIFICATE-----
@@ -0,0 +1 @@
 C050420A8E5A3C1E
@@ -0,0 +1,22 @@
 [ req ]
 prompt = no
 req_extensions = v3_ext
 distinguished_name = req_distinguished_name
 [ req_distinguished_name ]
 countryName            = US
 stateOrProvinceName    = NYK
 localityName           = NYK
 organizationName       = Ryan4Yin
 organizationalUnitName = Ryan4Yin
 commonName             = writefor.fun # deprecated, use subjectAltName(SAN) instead
 emailAddress           = rayn4yin@linux.com
 [ alt_names ]
 DNS.1 = writefor.fun
 DNS.2 = *.writefor.fun
 [ v3_ext ]
 subjectAltName=@alt_names
 basicConstraints       = CA:false
 extendedKeyUsage       = serverAuth
@@ -0,0 +1,14 @@
 -----BEGIN CERTIFICATE-----
 MIICKTCCAa6gAwIBAgIJAMBQQgqOWjweMAoGCCqGSM49BAMEMB8xHTAbBgNVBAMM
 FFJ5YW40WWluJ3MgUm9vdCBDQSAxMB4XDTI0MDQwMzA4NDgzM1oXDTM0MDQwMTA4
 NDgzM1owgYkxCzAJBgNVBAYTAlVTMQwwCgYDVQQIDANOWUsxDDAKBgNVBAcMA05Z
 SzERMA8GA1UECgwIUnlhbjRZaW4xETAPBgNVBAsMCFJ5YW40WWluMRUwEwYDVQQD
 DAx3cml0ZWZvci5mdW4xITAfBgkqhkiG9w0BCQEWEnJheW40eWluQGxpbnV4LmNv
 bTB2MBAGByqGSM49AgEGBSuBBAAiA2IABCNTYKDq/I99NltQR5eKrrovQXp9BbLV
 iuUdYmzFrAh+NC9ikiIqTfDwP+c+7QvDyI3KXu3KI2qPSPdxktZKDUPHK4p2Y2kZ
 xKOI2IFTgTqV3uBciyx7ayWPTwBYxsTDmqNLMEkwJwYDVR0RBCAwHoIMd3JpdGVm
 b3IuZnVugg4qLndyaXRlZm9yLmZ1bjAJBgNVHRMEAjAAMBMGA1UdJQQMMAoGCCsG
 AQUFBwMBMAoGCCqGSM49BAMEA2kAMGYCMQCHw9YkDo15P9mqEObvxSUak8tQmhBB
 9wB81Qg4c+JsMCZA1rMUB7GkNJj1Dr9rWLoCMQDSituLzmo/yPLEOrbNV83bj3/I
 ikKgobSie3pMXm5ZG7krOXaunyFRR/bIkih2V2Q=
 -----END CERTIFICATE-----
@@ -0,0 +1,22 @@
 # 1. Generate the private key for Root CA
 openssl ecparam -genkey -name secp384r1 -out ecc-ca.key
 # 2. Generate the certificate for Root CA with the validity period of 10 years
 # using the private key and some basic information
 # NOTE: we specify sha512 as the signature algorithm, which is the key point
 openssl req -x509 -new -SHA512 -key ecc-ca.key -subj "/CN=Ryan4Yin's Root CA 1" -days 3650 -out ecc-ca.crt
 # 3. Generate the private key for web server
 openssl ecparam -genkey -name secp384r1 -out ecc-server.key
 # 4. Generate the certificate signing request (CSR) for the server certificate
 # using the private key and the configuration file ecc-csr.conf
 openssl req -new -SHA512 -key ecc-server.key -out ecc-server.csr -config ecc-csr.conf
 # 5. Sign the server certificate with the Root CA's certificate and private key
 # NOTE: we specify sha512 as the signature algorithm, which is the key point
 openssl x509 -req -SHA512 -in ecc-server.csr -CA ecc-ca.crt -CAkey ecc-ca.key \
  -CAcreateserial -out ecc-server.crt -days 3650 \
  -extensions v3_ext -extfile ecc-csr.conf
 # 6. Display the information of the certificates
 openssl x509 -noout -text -in ecc-ca.crt
 openssl x509 -noout -text -in ecc-server.crt
@@ -1,17 +0,0 @@
 rec {
  # user information
  username = "ryan";
  userfullname = "Ryan Yin";
  useremail = "xiaoyin_c@qq.com";
  allSystemAttrs = {
    # linux systems
    x64_system = "x86_64-linux";
    riscv64_system = "riscv64-linux";
    aarch64_system = "aarch64-linux";
    # darwin systems
    x64_darwin = "x86_64-darwin";
    aarch64_darwin = "aarch64-darwin";
  };
  allSystems = builtins.attrValues allSystemAttrs;
 }
@@ -1,5 +1,5 @@
 {
-  description = "NixOS & macOS configuration of Ryan Yin";
+  description = "Ryan Yin's nix configuration for both NixOS & macOS";
  ##################################################################################################################
  #
@@ -8,78 +8,21 @@
  #
  ##################################################################################################################
-  # The `outputs` function will return all the build results of the flake.
+  outputs = inputs: import ./outputs inputs;
  # A flake can have many use cases and different types of outputs,
  # parameters in `outputs` are defined in `inputs` and can be referenced by their names.
  # However, `self` is an exception, this special parameter points to the `outputs` itself (self-reference)
  # The `@` syntax here is used to alias the attribute set of the inputs's parameter, making it convenient to use inside the function.
  outputs = inputs @ {
    self,
    nixpkgs,
    pre-commit-hooks,
    ...
  }: let
    constants = import ./constants.nix;
    # `lib.genAttrs [ "foo" "bar" ] (name: "x_" + name)` => `{ foo = "x_foo"; bar = "x_bar"; }`
    forEachSystem = func: (nixpkgs.lib.genAttrs constants.allSystems func);
    allSystemConfigurations = import ./systems {inherit self inputs constants;};
  in
    allSystemConfigurations
    // {
      # format the nix code in this flake
      # alejandra is a nix formatter with a beautiful output
      formatter = forEachSystem (
        system: nixpkgs.legacyPackages.${system}.alejandra
      );
      # pre-commit hooks for nix code
      checks = forEachSystem (
        system: {
          pre-commit-check = pre-commit-hooks.lib.${system}.run {
            src = ./.;
            hooks = {
              alejandra.enable = true; # formatter
              # deadnix.enable = true; # detect unused variable bindings in `*.nix`
              statix.enable = true; # lints and suggestions for Nix code(auto suggestions)
              prettier = {
                enable = true;
                excludes = [".js" ".md" ".ts"];
              };
            };
          };
        }
      );
      devShells = forEachSystem (
        system: {
          default = nixpkgs.legacyPackages.${system}.mkShell {
            packages = [
              # fix https://discourse.nixos.org/t/non-interactive-bash-errors-from-flake-nix-mkshell/33310
              nixpkgs.legacyPackages.${system}.bashInteractive
            ];
            name = "dots";
            shellHook = ''
              ${self.checks.${system}.pre-commit-check.shellHook}
            '';
          };
        }
      );
    };
  # the nixConfig here only affects the flake itself, not the system configuration!
  # for more information, see:
-  #     https://nixos-and-flakes.thiscute.world/nixos-with-flakes/add-custom-cache-servers
+  #     https://nixos-and-flakes.thiscute.world/nix-store/add-binary-cache-servers
  nixConfig = {
    # substituers will be appended to the default substituters when fetching packages
    extra-substituters = [
      "https://anyrun.cachix.org"
-      "https://hyprland.cachix.org"
+      # "https://nix-gaming.cachix.org"
      # "https://nixpkgs-wayland.cachix.org"
    ];
    extra-trusted-public-keys = [
      "anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
-      "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+      # "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
      # "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
    ];
  };
@@ -90,28 +33,27 @@
    # There are many ways to reference flake inputs. The most widely used is github:owner/name/reference,
    # which represents the GitHub repository URL + branch/commit-id/tag.
-    # Official NixOS package source, using nixos's stable branch by default
+    # Official NixOS package source, using nixos's unstable branch by default
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
-    # nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+    # nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
-    # add git hooks to format nix code before commit
+    nixpkgs-ollama.url = "github:nixos/nixpkgs/nixos-unstable";
    pre-commit-hooks = {
      url = "github:cachix/pre-commit-hooks.nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # for macos
-    nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-23.11-darwin";
+    # nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-25.05-darwin";
    nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-unstable";
    nix-darwin = {
      url = "github:lnl7/nix-darwin";
      inputs.nixpkgs.follows = "nixpkgs-darwin";
    };
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    # home-manager, used for managing user configuration
    home-manager = {
-      url = "github:nix-community/home-manager/release-23.11";
+      url = "github:nix-community/home-manager/master";
-      # url = "github:nix-community/home-manager/master";
+      # url = "github:nix-community/home-manager/release-25.05";
      # The `follows` keyword in inputs is used for inheritance.
      # Here, `inputs.nixpkgs` of home-manager is kept consistent with the `inputs.nixpkgs` of the current flake,
@@ -120,17 +62,12 @@
    };
    lanzaboote = {
-      url = "github:nix-community/lanzaboote/v0.3.0";
+      url = "github:nix-community/lanzaboote/v0.4.2";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    impermanence.url = "github:nix-community/impermanence";
    hyprland = {
      url = "github:hyprwm/Hyprland/v0.33.1";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # community wayland nixpkgs
    # nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
    # anyrun - a wayland launcher
@@ -146,24 +83,48 @@
    };
    # secrets management
    agenix = {
-      # lock with git commit at 0.14.0
+      # lock with git commit at May 18, 2025
-      url = "github:ryantm/agenix/54693c91d923fecb4cf04c4535e3d84f8dec7919";
+      url = "github:ryantm/agenix/4835b1dc898959d8547a871ef484930675cb47f1";
      # replaced with a type-safe reimplementation to get a better error message and less bugs.
      # url = "github:ryan4yin/ragenix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    ########################  Some non-flake repositories  #########################################
+    nix-gaming.url = "github:fufexan/nix-gaming";
-    # AstroNvim is an aesthetic and feature-rich neovim config.
+    disko = {
-    astronvim = {
+      url = "github:nix-community/disko/v1.11.0";
-      url = "github:AstroNvim/AstroNvim/v3.40.3";
+      inputs.nixpkgs.follows = "nixpkgs";
      flake = false;
    };
-    # useful nushell scripts, such as auto_completion
+    # add git hooks to format nix code before commit
-    nushell-scripts = {
+    pre-commit-hooks = {
-      url = "github:nushell/nu_scripts/main";
+      url = "github:cachix/pre-commit-hooks.nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nuenv.url = "github:DeterminateSystems/nuenv";
    haumea = {
      url = "github:nix-community/haumea/v0.2.2";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nixpak = {
      url = "github:nixpak/nixpak";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    ghostty = {
      url = "github:ghostty-org/ghostty";
    };
    blender-bin.url = "github:edolstra/nix-warez?dir=blender";
    ########################  Some non-flake repositories  #########################################
    polybar-themes = {
      url = "github:adi1090x/polybar-themes";
      flake = false;
    };
@@ -182,16 +143,9 @@
      flake = false;
    };
-    nur-ryan4yin = {
+    nur-ryan4yin.url = "github:ryan4yin/nur-packages";
      url = "github:ryan4yin/nur-packages";
      # inputs.nixpkgs.follows = "nixpkgs";
    };
-    # riscv64 SBCs
+    # for waydroid
-    nixos-licheepi4a.url = "github:ryan4yin/nixos-licheepi4a";
+    # nur-ataraxiasjel.url = "github:AtaraxiaSjel/nur";
    # nixos-jh7110.url = "github:ryan4yin/nixos-jh7110";
    # aarch64 SBCs
    nixos-rk3588.url = "github:ryan4yin/nixos-rk3588";
  };
 }
@@ -0,0 +1,87 @@
 # Linux Hardening
 > Work in progress.
 ## Goal
 - **System Level**: Protect critical files from being accessed by untrusted applications.
  1. Such as browser cookies, SSH keys, etc.
 - **Per-App Level**: Prevent untrusted applications(such as closed-source apps) from:
  1.  Accessing files they shouldn't.
      - Such as a malicious application accessing your browser's cookies, SSH Keys, etc.
  1.  Accessing the network when they don't need to.
  1.  Accessing hardware devices they don't need.
 ## Current Status
 1. **System Level**:
   - [ ] AppArmor
   - [ ] Kernel & System Hardening
 1. **Per-App Level**:
   - Nixpak (Bubblewrap)
     - [x] QQ
     - [x] Firefox
   - [ ] Firejail (risk? not enabled yet)
 ## Kernel Hardening
 - NixOS Kernel Config:
  https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/os-specific/linux/kernel/hardened/config.nix
 ## System Hardening
 - NixOS Profile:
  https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/profiles/hardened.nix
 - Apparmor: [roddhjav/apparmor.d)](https://github.com/roddhjav/apparmor.d)
  - https://gitlab.com/apparmor/apparmor/-/wikis/Documentation
  - AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based
    applications and processes.
  - Nix Package:
    [roddhjav-apparmor-rules](https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/ro/roddhjav-apparmor-rules/package.nix#L33)
  - https://github.com/NixOS/nixpkgs/issues/331645
  - https://github.com/LordGrimmauld/aa-alias-manager
 - SELinux: too complex, not recommended for personal use.
 ## Application Sandboxing
 - [Firejail](https://github.com/netblue30/firejail/tree/master/etc): A SUID security sandbox with
  hundreds of security profiles for many common applications in the default installation.
  - https://wiki.nixos.org/wiki/Firejail
  - Firejail needs SUID to work, which is considered a security risk -
    [Does firejail improve the security of my system?](https://github.com/netblue30/firejail/discussions/4601)
 - [Bubblewrap](https://github.com/containers/bubblewrap):
  [nixpak](https://github.com/nixpak/nixpak), more secure than firejail, but no batteries included.
  - NixOS's FHSEnv is implemented using bubblewrap by default.
 - [Systemd/Hardening](https://wiki.nixos.org/wiki/Systemd/Hardening): Systemd also provides some
  sandboxing features.
 ## NOTE
 **Running untrusted code is never safe, kernel hardening & sandboxing cannot change this**.
 If you want to run untrusted code, please use a VM & an isolated network environment, which will
 provide a much higher level of security.
 ## References
 - [Harden your NixOS workstation - dataswamp](https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html)
 - [Linux Insecurities - Madaidans](https://madaidans-insecurities.github.io/linux.html)
 - [Sandboxing all programs by default - NixOS Discourse](https://discourse.nixos.org/t/sandboxing-all-programs-by-default/7792)
 - [在 Firejail 中运行 Steam](https://imbearchild.cyou/archives/2021/11/steam-in-firejail/)
 - [Firejail - Arch Linux Wiki](https://wiki.archlinux.org/title/Firejail)
 - [Paranoid NixOS Setup - xeiaso](https://xeiaso.net/blog/paranoid-nixos-2021-07-18/)
 - [nix-mineral](https://github.com/cynicsketch/nix-mineral): NixOS module for convenient system
  hardening.
 - nixpak configs:
  - https://github.com/pokon548/OysterOS/tree/b97604d89953373d6316286b96f6a964af2c398d/desktop/application
  - https://github.com/segment-tree/my-nixos/tree/ceb6041f73bd9edcb78a8818b27a28f7c629193b/hm/me/apps/nixpak
  - https://github.com/Keksgesicht/nixos-config/tree/91cc77d8d6b598da7c4dbed143e0009c2dea6940/packages/nixpak
  - https://github.com/bluskript/nix-config/blob/7ecb6a7254c1ac4969072f4c4febdc19f8b83b30/pkgs/nixpak/default.nix
 - firejail configs:
  - https://github.com/stelcodes/nixos-config/blob/f8967c82a5e5f3d128eb1aaf7498b5f918f719ec/packages/overlay.nix#L261
 - apparmor configs:
  - https://github.com/sukhmancs/nixos-configs/blob/7fcf737c506ad843113cd5b94796b49d4d4dfad2/modules/shared/security/apparmor/default.nix#L8
  - https://github.com/zramctl/dotfiles/blob/4fe177f6984154960942bb47d5a375098ec6ed6a/modules/nixos/security/apparmor.nix#L4
 - Others:
  - Directly via `buildFHSUserEnvBubblewrap`:
    https://github.com/xddxdd/nur-packages/blob/master/pkgs/uncategorized/wechat-uos/default.nix
@@ -0,0 +1,58 @@
 {
  config,
  pkgs,
  ...
 }: {
  services.dbus.apparmor = "enabled";
  security.apparmor = {
    enable = true;
    # kill process that are not confined but have apparmor profiles enabled
    killUnconfinedConfinables = true;
    packages = with pkgs; [
      apparmor-utils
      apparmor-profiles
    ];
    # apparmor policies
    policies = {
      "default_deny" = {
        enforce = false;
        enable = false;
        profile = ''
          profile default_deny /** { }
        '';
      };
      "sudo" = {
        enforce = false;
        enable = false;
        profile = ''
          ${pkgs.sudo}/bin/sudo {
            file /** rwlkUx,
          }
        '';
      };
      "nix" = {
        enforce = false;
        enable = false;
        profile = ''
          ${config.nix.package}/bin/nix {
            unconfined,
          }
        '';
      };
    };
  };
  environment.systemPackages = with pkgs; [
    apparmor-bin-utils
    apparmor-profiles
    apparmor-parser
    libapparmor
    apparmor-kernel-patches
    apparmor-pam
    apparmor-utils
  ];
 }
@@ -0,0 +1,71 @@
 {pkgs, ...}: let
  firejailWrapper = import ./firejailWrapper.nix pkgs;
 in {
  programs.firejail.enable = true;
  # Add firejailed Apps into nixsuper, and reference them in home-manager or other nixos modules
  nixpkgs.overlays = [
    (_: super: {
      firejailed = {
        steam = firejailWrapper {
          name = "steam-firejailed";
          executable = "${super.steam}/bin/steam";
          profile = "${super.firejail}/etc/firejail/steam.profile";
        };
        steam-run = firejailWrapper {
          name = "steam-run-firejailed";
          executable = "${super.steam}/bin/steam-run";
          profile = "${super.firejail}/etc/firejail/steam.profile";
        };
        # firefox = firejailWrapper {
        #   name = "firefox-firejailed";
        #   executable = "${super.lib.getBin super.firefox-wayland}/bin/firefox";
        #   profile = "${super.firejail}/etc/firejail/firefox.profile";
        # };
        # chromium = firejailWrapper {
        #   name = "chromium-firejailed";
        #   executable = "${super.lib.getBin super.ungoogled-chromium}/bin/chromium";
        #   profile = "${super.firejail}/etc/firejail/chromium.profile";
        # };
        mpv = firejailWrapper {
          executable = "${super.lib.getBin super.mpv}/bin/mpv";
          profile = "${super.firejail}/etc/firejail/mpv.profile";
        };
        imv = firejailWrapper {
          executable = "${super.lib.getBin super.imv}/bin/imv";
          profile = "${super.firejail}/etc/firejail/imv.profile";
        };
        zathura = firejailWrapper {
          executable = "${super.lib.getBin super.zathura}/bin/zathura";
          profile = "${super.firejail}/etc/firejail/zathura.profile";
        };
        slack = firejailWrapper {
          executable = "${super.lib.getBin super.slack}/bin/slack";
          profile = "${super.firejail}/etc/firejail/slack.profile";
        };
        telegram-desktop = firejailWrapper {
          executable = "${super.lib.getBin super.tdesktop}/bin/telegram-desktop";
          profile = "${super.firejail}/etc/firejail/telegram-desktop.profile";
        };
        brave = firejailWrapper {
          executable = "${super.lib.getBin super.brave}/bin/brave";
          profile = "${super.firejail}/etc/firejail/brave.profile";
        };
        qutebrowser = firejailWrapper {
          executable = "${super.lib.getBin super.qutebrowser}/bin/qutebrowser";
          profile = "${super.firejail}/etc/firejail/qutebrowser.profile";
        };
        thunar = firejailWrapper {
          executable = "${super.lib.getBin super.xfce.thunar}/bin/thunar";
          profile = "${super.firejail}/etc/firejail/thunar.profile";
        };
        vscodium = firejailWrapper {
          executable = "${super.lib.getBin super.vscodium}/bin/vscodium";
          profile = "${super.firejail}/etc/firejail/vscodium.profile";
        };
      };
    })
  ];
 }
@@ -0,0 +1,35 @@
 # https://www.reddit.com/r/NixOS/comments/1b56jdx/simple_nix_function_for_wrapping_executables_with/
 pkgs: {
  name ? "firejail-wrapper",
  executable,
  desktop ? null,
  profile ? null,
  extraArgs ? [],
 }:
 pkgs.runCommand name
 {
  preferLocalBuild = true;
  allowSubstitutes = false;
  meta.priority = -1; # take precedence over non-firejailed versions
 }
 (
  let
    firejailArgs = pkgs.lib.concatStringsSep " " (
      extraArgs ++ (pkgs.lib.optional (profile != null) "--profile=${toString profile}")
    );
  in
    ''
      command_path="$out/bin/$(basename ${executable})-jailed"
      mkdir -p $out/bin
      mkdir -p $out/share/applications
      cat <<'_EOF' >"$command_path"
      #! ${pkgs.runtimeShell} -e
      exec /run/wrappers/bin/firejail ${firejailArgs} -- ${toString executable} "\$@"
      _EOF
      chmod 0755 "$command_path"
    ''
    + pkgs.lib.optionalString (desktop != null) ''
      substitute ${desktop} $out/share/applications/$(basename ${desktop}) \
        --replace ${executable} "$command_path"
    ''
 )
@@ -0,0 +1,33 @@
 {
  pkgs,
  nixpak,
  ...
 }: let
  callArgs = {
    mkNixPak = nixpak.lib.nixpak {
      inherit (pkgs) lib;
      inherit pkgs;
    };
    safeBind = sloth: realdir: mapdir: [
      (sloth.mkdir (sloth.concat' sloth.appDataDir realdir))
      (sloth.concat' sloth.homeDir mapdir)
    ];
  };
  wrapper = _pkgs: path: (_pkgs.callPackage path callArgs).config.script;
 in {
  # Add nixpaked Apps into nixpkgs, and reference them in home-manager or other nixos modules
  nixpkgs.overlays = [
    (_: super: {
      nixpaks = {
        qq = wrapper super ./qq.nix;
        qq-desktop-item = super.callPackage ./qq-desktop-item.nix {};
        wechat-uos = wrapper super ./wechat-uos.nix;
        wechat-uos-desktop-item = super.callPackage ./wechat-uos-desktop-item.nix {};
        firefox = wrapper super ./firefox.nix;
        firefox-desktop-item = super.callPackage ./firefox-desktop-item.nix {};
      };
    })
  ];
 }
@@ -0,0 +1,11 @@
 {makeDesktopItem}:
 makeDesktopItem {
  name = "firefox";
  desktopName = "firefox";
  exec = "firefox %U";
  terminal = false;
  icon = "firefox";
  type = "Application";
  categories = ["Network"];
  comment = "firefox boxed";
 }
@@ -0,0 +1,76 @@
 # Refer:
 # - Flatpak manifest's docs:
 #   - https://docs.flatpak.org/en/latest/manifests.html
 #   - https://docs.flatpak.org/en/latest/sandbox-permissions.html
 # - Firefox's flatpak manifest: https://hg.mozilla.org/mozilla-central/file/tip/taskcluster/docker/firefox-flatpak/runme.sh#l151
 {
  lib,
  pkgs,
  mkNixPak,
  ...
 }:
 mkNixPak {
  config = {
    config,
    sloth,
    ...
  }: {
    app = {
      package = pkgs.firefox-wayland;
      binPath = "bin/firefox";
    };
    flatpak.appId = "org.mozilla.firefox";
    imports = [
      ./modules/gui-base.nix
      ./modules/network.nix
    ];
    # list all dbus services:
    #   ls -al /run/current-system/sw/share/dbus-1/services/
    #   ls -al /etc/profiles/per-user/ryan/share/dbus-1/services/
    dbus.policies = {
      "org.mozilla.firefox.*" = "own"; # firefox
      "org.mozilla.firefox_beta.*" = "own"; # firefox beta
      "org.mpris.MediaPlayer2.firefox.*" = "own";
      "org.freedesktop.NetworkManager" = "talk";
    };
    bubblewrap = {
      # To trace all the home files QQ accesses, you can use the following nushell command:
      #   just trace-access firefox
      # See the Justfile in the root of this repository for more information.
      bind.rw = [
        # given the read write permission to the following directories.
        # NOTE: sloth.mkdir is used to create the directory if it does not exist!
        (sloth.mkdir (sloth.concat' sloth.homeDir "/.mozilla"))
        # ================ for externsions ===============================
        # required by https://github.com/browserpass/browserpass-extension
        (sloth.concat' sloth.homeDir "/.local/share/password-store") # pass
        sloth.xdgDownloadDir
        sloth.xdgDocumentsDir
      ];
      bind.ro = [
        # To actually make Firefox run
        "/sys/bus/pci"
        ["${config.app.package}/lib/firefox" "/app/etc/firefox"]
        # Unsure
        (sloth.concat' sloth.xdgConfigHome "/dconf")
      ];
      sockets = {
        x11 = false;
        wayland = true;
        pipewire = true;
      };
      bind.dev = [
        "/dev/shm" # Shared Memory
      ];
      tmpfs = [
        "/tmp"
      ];
    };
  };
 }
@@ -0,0 +1,95 @@
 # https://github.com/nixpak/pkgs/blob/master/pkgs/modules/gui-base.nix
 {
  config,
  lib,
  pkgs,
  sloth,
  ...
 }: let
  envSuffix = envKey: suffix: sloth.concat' (sloth.env envKey) suffix;
  # cursor & icon's theme should be the same as the host's one.
  cursorTheme = pkgs.bibata-cursors;
  iconTheme = pkgs.papirus-icon-theme;
 in {
  config = {
    dbus.policies = {
      "${config.flatpak.appId}" = "own";
      "org.freedesktop.DBus" = "talk";
      "org.gtk.vfs.*" = "talk";
      "org.gtk.vfs" = "talk";
      "ca.desrt.dconf" = "talk";
      "org.freedesktop.portal.*" = "talk";
      "org.a11y.Bus" = "talk";
    };
    # https://github.com/nixpak/nixpak/blob/master/modules/gpu.nix
    # 1. bind readonly - /run/opengl-driver
    # 2. bind device   - /dev/dri
    gpu = {
      enable = lib.mkDefault true;
      provider = "nixos";
      bundlePackage = pkgs.mesa.drivers; # for amd & intel
    };
    # https://github.com/nixpak/nixpak/blob/master/modules/gui/fonts.nix
    # it works not well, bind system's /etc/fonts directly instead
    fonts.enable = false;
    # https://github.com/nixpak/nixpak/blob/master/modules/locale.nix
    locale.enable = true;
    bubblewrap = {
      network = lib.mkDefault false;
      bind.rw = [
        [
          (envSuffix "HOME" "/.var/app/${config.flatpak.appId}/cache")
          sloth.xdgCacheHome
        ]
        (sloth.concat' sloth.xdgCacheHome "/fontconfig")
        (sloth.concat' sloth.xdgCacheHome "/mesa_shader_cache")
        (sloth.concat [
          (sloth.env "XDG_RUNTIME_DIR")
          "/"
          (sloth.envOr "WAYLAND_DISPLAY" "no")
        ])
        (envSuffix "XDG_RUNTIME_DIR" "/at-spi/bus")
        (envSuffix "XDG_RUNTIME_DIR" "/gvfsd")
        (envSuffix "XDG_RUNTIME_DIR" "/pulse")
        "/run/dbus"
      ];
      bind.ro = [
        (envSuffix "XDG_RUNTIME_DIR" "/doc")
        (sloth.concat' sloth.xdgConfigHome "/gtk-2.0")
        (sloth.concat' sloth.xdgConfigHome "/gtk-3.0")
        (sloth.concat' sloth.xdgConfigHome "/gtk-4.0")
        (sloth.concat' sloth.xdgConfigHome "/fontconfig")
        "/etc/fonts" # for fontconfig
        "/etc/machine-id"
        "/etc/localtime"
        # Fix: libEGL warning: egl: failed to create dri2 screen
        "/etc/egl"
        "/etc/static/egl"
      ];
      bind.dev = [
        # seems required when using nvidia as primary gpu
        "/dev/nvidia0"
        "/dev/nvidiactl"
        "/dev/nvidia-modeset"
        "/dev/nvidia-uvm"
      ];
      env = {
        XDG_DATA_DIRS = lib.mkForce (lib.makeSearchPath "share" [
          iconTheme
          cursorTheme
          pkgs.shared-mime-info
        ]);
        XCURSOR_PATH = lib.mkForce (lib.concatStringsSep ":" [
          "${cursorTheme}/share/icons"
          "${cursorTheme}/share/pixmaps"
        ]);
      };
    };
  };
 }
@@ -0,0 +1,8 @@
 # https://github.com/nixpak/pkgs/blob/master/pkgs/modules/network.nix
 {
  etc.sslCertificates.enable = true;
  bubblewrap = {
    bind.ro = ["/etc/resolv.conf"];
    network = true;
  };
 }
@@ -0,0 +1,17 @@
 {
  makeDesktopItem,
  qq,
 }:
 makeDesktopItem {
  name = "qq";
  desktopName = "QQ";
  exec = "qq %U";
  terminal = false;
  # To find the icon name(nushell):
  #   let p = NIXPKGS_ALLOW_UNFREE=1 nix eval --impure nixpkgs#qq.outPath | str trim --char '"'
  #   tree $"($p)/share/icons"
  icon = "${qq}/share/icons/hicolor/512x512/apps/qq.png";
  type = "Application";
  categories = ["Network"];
  comment = "QQ boxed";
 }
@@ -0,0 +1,60 @@
 # Refer:
 # - Flatpak manifest's docs:
 #   - https://docs.flatpak.org/en/latest/manifests.html
 #   - https://docs.flatpak.org/en/latest/sandbox-permissions.html
 # - QQ's flatpak manifest: https://github.com/flathub/com.qq.QQ/blob/master/com.qq.QQ.yaml
 {
  lib,
  pkgs,
  mkNixPak,
  ...
 }:
 mkNixPak {
  config = {sloth, ...}: {
    app = {
      package = pkgs.qq.override {
        # fix fcitx5 input method
        commandLineArgs = lib.concatStringsSep " " ["--enable-wayland-ime"];
      };
      binPath = "bin/qq";
    };
    flatpak.appId = "com.tencent.qq";
    imports = [
      ./modules/gui-base.nix
      ./modules/network.nix
    ];
    # list all dbus services:
    #   ls -al /run/current-system/sw/share/dbus-1/services/
    #   ls -al /etc/profiles/per-user/ryan/share/dbus-1/services/
    dbus.policies = {
      "org.gnome.Shell.Screencast" = "talk";
      "org.freedesktop.Notifications" = "talk";
      "org.kde.StatusNotifierWatcher" = "talk";
    };
    bubblewrap = {
      # To trace all the home files QQ accesses, you can use the following nushell command:
      #   just trace-access qq
      # See the Justfile in the root of this repository for more information.
      bind.rw = [
        # given the read write permission to the following directories.
        # NOTE: sloth.mkdir is used to create the directory if it does not exist!
        (sloth.mkdir (sloth.concat [sloth.xdgConfigHome "/QQ"]))
        (sloth.mkdir (sloth.concat [sloth.xdgDocumentsDir "/QQ"]))
        sloth.xdgDownloadDir
      ];
      sockets = {
        x11 = false;
        wayland = true;
        pipewire = true;
      };
      bind.dev = [
        "/dev/shm" # Shared Memory
      ];
      tmpfs = [
        "/tmp"
      ];
    };
  };
 }
@@ -0,0 +1,17 @@
 {
  makeDesktopItem,
  wechat-uos,
 }:
 makeDesktopItem {
  name = "wechat";
  desktopName = "WeChat";
  exec = "wechat-uos %U";
  terminal = false;
  # To find the icon name(nushell):
  #   let p = NIXPKGS_ALLOW_UNFREE=1 nix eval --impure nixpkgs#wechat-uos.outPath | str trim --char '"'
  #   tree $"($p)/share/icons"
  icon = "${wechat-uos}/share/icons/hicolor/256x256/apps/com.tencent.wechat.png";
  type = "Application";
  categories = ["Network"];
  comment = "Wechat boxed";
 }
@@ -0,0 +1,73 @@
 # TODO: wechat-uos is running in FHS sandbox by default, it's problematic
 #   to wrap it again via flatpak. We need to find a way to fix it.
 #   https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/we/wechat-uos/package.nix
 # Refer:
 # - Flatpak manifest's docs:
 #   - https://docs.flatpak.org/en/latest/manifests.html
 #   - https://docs.flatpak.org/en/latest/sandbox-permissions.html
 # - wechat-uos's flatpak manifest: https://github.com/flathub/com.tencent.WeChat/blob/master/com.tencent.WeChat.yaml
 {
  lib,
  pkgs,
  mkNixPak,
  ...
 }:
 mkNixPak {
  config = {sloth, ...}: {
    app = {
      package = pkgs.wechat-uos;
      binPath = "bin/wechat-uos";
    };
    flatpak.appId = "com.tencent.WeChat";
    imports = [
      ./modules/gui-base.nix
      ./modules/network.nix
    ];
    # list all dbus services:
    #   ls -al /run/current-system/sw/share/dbus-1/services/
    #   ls -al /etc/profiles/per-user/ryan/share/dbus-1/services/
    dbus.policies = {
      "org.gnome.Shell.Screencast" = "talk";
      # System tray icon
      "org.freedesktop.Notifications" = "talk";
      "org.kde.StatusNotifierWatcher" = "talk";
      # File Manager
      "org.freedesktop.FileManager1" = "talk";
      # Uses legacy StatusNotifier implementation
      "org.kde.*" = "own";
    };
    bubblewrap = {
      # To trace all the home files QQ accesses, you can use the following nushell command:
      #   just trace-access wechat-uos
      # See the Justfile in the root of this repository for more information.
      bind.rw = [
        # given the read write permission to the following directories.
        # NOTE: sloth.mkdir is used to create the directory if it does not exist!
        (sloth.mkdir (sloth.concat [sloth.homeDir "/.xwechat"]))
        (sloth.mkdir (sloth.concat [sloth.xdgDocumentsDir "/xwechat_files"]))
        (sloth.mkdir (sloth.concat [sloth.xdgDocumentsDir "/WeChat_Data/"]))
        sloth.xdgDownloadDir
      ];
      sockets = {
        x11 = false;
        wayland = true;
        pipewire = true;
      };
      bind.dev = [
        "/dev/shm" # Shared Memory
      ];
      tmpfs = [
        "/tmp"
      ];
      env = {
        # Hidpi scale
        "QT_AUTO_SCREEN_SCALE_FACTOR" = "1";
        # Only supports xcb
        "QT_QPA_PLATFORM" = "kcb";
      };
    };
  };
 }
@@ -0,0 +1,9 @@
 {modulesPath, ...}: {
  imports = [
    (modulesPath + "/profiles/hardened.nix")
  ];
  # disable coredump that could be exploited later
  # and also slow down the system when something crash
  systemd.coredump.enable = false;
 }
@@ -3,4 +3,3 @@
 1. `base`: The base module that is suitable for both Linux and macOS.
 2. `linux`: Linux-specific configuration.
 3. `darwin`: macOS-specific configuration.
@@ -1,6 +1,5 @@
 # Home Manager's Base Submodules
-2. `server`: Configuration which is suitable for both servers and desktops.
+1. `server`: Configuration which is suitable for both servers and desktops.
 1. `desktop`: Configuration for desktop environments, such as Hyprland, I3, etc.
-    1. it import `server` as its submodule.
+1. `core.nix`: Minimal home-manager's config
@@ -0,0 +1,155 @@
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  home.packages = with pkgs; [
    # Misc
    cowsay
    gnupg
    gnumake
    # Modern cli tools, replacement of grep/sed/...
    # Interactively filter its input using fuzzy searching, not limit to filenames.
    fzf
    # search for files by name, faster than find
    fd
    # search for files by its content, replacement of grep
    (ripgrep.override {withPCRE2 = true;})
    # A fast and polyglot tool for code searching, linting, rewriting at large scale
    # supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
    ast-grep
    sad # CLI search and replace, just like sed, but with diff preview.
    yq-go # yaml processor https://github.com/mikefarah/yq
    just # a command runner like make, but simpler
    delta # A viewer for git and diff output
    lazygit # Git terminal UI.
    hyperfine # command-line benchmarking tool
    gping # ping, but with a graph(TUI)
    doggo # DNS client for humans
    duf # Disk Usage/Free Utility - a better 'df' alternative
    du-dust # A more intuitive version of `du` in rust
    gdu # disk usage analyzer(replacement of `du`)
    # nix related
    #
    # it provides the command `nom` works just like `nix
    # with more details log output
    nix-output-monitor
    hydra-check # check hydra(nix's build farm) for the build status of a package
    nix-index # A small utility to index nix store paths
    nix-init # generate nix derivation from url
    # https://github.com/nix-community/nix-melt
    nix-melt # A TUI flake.lock viewer
    # https://github.com/utdemir/nix-tree
    nix-tree # A TUI to visualize the dependency graph of a nix derivation
    # productivity
    caddy # A webserver with automatic HTTPS via Let's Encrypt(replacement of nginx)
    croc # File transfer between computers securely and easily
    ncdu # analyzer your disk usage Interactively, via TUI(replacement of `du`)
  ];
  programs = {
    # A modern replacement for ‘ls’
    # useful in bash/zsh prompt, not in nushell.
    eza = {
      enable = true;
      # do not enable aliases in nushell!
      enableNushellIntegration = false;
      git = true;
      icons = "auto";
    };
    # a cat(1) clone with syntax highlighting and Git integration.
    bat = {
      enable = true;
      config = {
        pager = "less -FR";
        theme = "catppuccin-mocha";
      };
      themes = {
        # https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme
        catppuccin-mocha = {
          src = nur-ryan4yin.packages.${pkgs.system}.catppuccin-bat;
          file = "Catppuccin-mocha.tmTheme";
        };
      };
    };
    # A command-line fuzzy finder
    fzf = {
      enable = true;
      # https://github.com/catppuccin/fzf
      # catppuccin-mocha
      colors = {
        "bg+" = "#313244";
        "bg" = "#1e1e2e";
        "spinner" = "#f5e0dc";
        "hl" = "#f38ba8";
        "fg" = "#cdd6f4";
        "header" = "#f38ba8";
        "info" = "#cba6f7";
        "pointer" = "#f5e0dc";
        "marker" = "#f5e0dc";
        "fg+" = "#cdd6f4";
        "prompt" = "#cba6f7";
        "hl+" = "#f38ba8";
      };
    };
    # very fast version of tldr in Rust
    tealdeer = {
      enable = true;
      enableAutoUpdates = true;
      settings = {
        display = {
          compact = false;
          use_pager = true;
        };
        updates = {
          auto_update = false;
          auto_update_interval_hours = 720;
        };
      };
    };
    # zoxide is a smarter cd command, inspired by z and autojump.
    # It remembers which directories you use most frequently,
    # so you can "jump" to them in just a few keystrokes.
    # zoxide works on all major shells.
    #
    #   z foo              # cd into highest ranked directory matching foo
    #   z foo bar          # cd into highest ranked directory matching foo and bar
    #   z foo /            # cd into a subdirectory starting with foo
    #
    #   z ~/foo            # z also works like a regular cd command
    #   z foo/             # cd into relative path
    #   z ..               # cd one level up
    #   z -                # cd into previous directory
    #
    #   zi foo             # cd with interactive selection (using fzf)
    #
    #   z foo<SPACE><TAB>  # show interactive completions (zoxide v0.8.0+, bash 4.4+/fish/zsh only)
    zoxide = {
      enable = true;
      enableBashIntegration = true;
      enableZshIntegration = true;
      enableNushellIntegration = true;
    };
    # Atuin replaces your existing shell history with a SQLite database,
    # and records additional context for your commands.
    # Additionally, it provides optional and fully encrypted
    # synchronisation of your history between machines, via an Atuin server.
    atuin = {
      enable = true;
      enableBashIntegration = true;
      enableZshIntegration = true;
      enableNushellIntegration = true;
    };
  };
 }
@@ -0,0 +1,3 @@
 {mylib, ...}: {
  imports = mylib.scanPaths ./.;
 }
@@ -0,0 +1,3 @@
 # Editors
 See [desktop/editors/](../../desktop/editors/) for more details.
@@ -0,0 +1,3 @@
 {mylib, ...}: {
  imports = mylib.scanPaths ./.;
 }
@@ -0,0 +1,5 @@
 {pkgs, ...}: {
  programs.helix = {
    enable = true;
  };
 }
@@ -0,0 +1,10 @@
 {pkgs, ...}: {
  programs = {
    neovim = {
      enable = true;
      viAlias = true;
      vimAlias = true;
    };
  };
 }
@@ -2,8 +2,7 @@
  config,
  lib,
  pkgs,
-  userfullname,
+  myvars,
  useremail,
  ...
 }: {
  # `programs.git` will generate the config file: ~/.config/git/config
@@ -21,12 +20,12 @@
    enable = true;
    lfs.enable = true;
-    userName = userfullname;
+    userName = myvars.userfullname;
-    userEmail = useremail;
+    userEmail = myvars.useremail;
    includes = [
      {
-        # use diffrent email & name for work
+        # use different email & name for work
        path = "~/work/.gitconfig";
        condition = "gitdir:~/work/";
      }
@@ -34,6 +33,7 @@
    extraConfig = {
      init.defaultBranch = "main";
      trim.bases = "develop,master,main"; # for git-trim
      push.autoSetupRemote = true;
      pull.rebase = true;
@@ -0,0 +1,19 @@
 _: {
  # use mirror for pip install
  xdg.configFile."pip/pip.conf".text = ''
    [global]
    index-url = https://mirror.nju.edu.cn/pypi/web/simple
    format = columns
  '';
  # xdg.configFile."pip/pip.conf".text = ''
  #   [global]
  #   index-url = https://mirror.nju.edu.cn/pypi/web/simple
  #   format = columns
  # '';
  # xdg.configFile."pip/pip.conf".text = ''
  #   [global]
  #   index-url = https://mirrors.bfsu.edu.cn/pypi/web/simple
  # '';
 }
@@ -0,0 +1,170 @@
 # Nushell Config File Documentation
 #
 # Warning: This file is intended for documentation purposes only and
 # is not intended to be used as an actual configuration file as-is.
 #
 # version = "0.103.0"
 #
 # A `config.nu` file is used to override default Nushell settings,
 # define (or import) custom commands, or run any other startup tasks.
 # See https://www.nushell.sh/book/configuration.html
 #
 # Nushell sets "sensible defaults" for most configuration settings, so
 # the user's `config.nu` only needs to override these defaults if
 # desired.
 #
 # This file serves as simple "in-shell" documentation for these
 # settings, or you can view a more complete discussion online at:
 # https://nushell.sh/book/configuration
 #
 # You can pretty-print and page this file using:
 # config nu --doc | nu-highlight | less -R
 # $env.config
 # -----------
 # The $env.config environment variable is a record containing most Nushell
 # configuration settings. Keep in mind that, as a record, setting it to a
 # new record will remove any keys which aren't in the new record. Nushell
 # will then automatically merge in the internal defaults for missing keys.
 #
 # The same holds true for keys in the $env.config which are also records
 # or lists.
 #
 # For this reason, settings are typically changed by updating the value of
 # a particular key. Merging a new config record is also possible. See the
 # Configuration chapter of the book for more information.
 $env.config.history.file_format = "sqlite"
 $env.config.history.max_size = 5_000_000
 # isolation (bool):
 # `true`: New history from other currently-open Nushell sessions is not
 # seen when scrolling through the history using PrevHistory (typically
 # the Up key) or NextHistory (Down key)
 # `false`: All commands entered in other Nushell sessions will be mixed with
 # those from the current shell.
 # Note: Older history items (from before the current shell was started) are
 # always shown.
 # This setting only applies to SQLite-backed history
 $env.config.history.isolation = true
 # ----------------------
 # Miscellaneous Settings
 # ----------------------
 # show_banner (bool): Enable or disable the welcome banner at startup
 $env.config.show_banner = false
 # rm.always_trash (bool):
 # true: rm behaves as if the --trash/-t option is specified
 # false: rm behaves as if the --permanent/-p option is specified (default)
 $env.config.rm.always_trash = true
 # recursion_limit (int): how many times a command can call itself recursively
 # before an error will be generated.
 $env.config.recursion_limit = 50
 # ---------------------------
 # Commandline Editor Settings
 # ---------------------------
 # edit_mode (string) "vi" or "emacs" sets the editing behavior of Reedline
 $env.config.edit_mode = "vi"
 # Command that will be used to edit the current line buffer with Ctrl+O.
 # If unset, uses $env.VISUAL and then $env.EDITOR
 #
 $env.config.buffer_editor = ["nvim", "--clean"]
 # cursor_shape_* (string)
 # -----------------------
 # The following variables accept a string from the following selections:
 # "block", "underscore", "line", "blink_block", "blink_underscore", "blink_line", or "inherit"
 # "inherit" skips setting cursor shape and uses the current terminal setting.
 $env.config.cursor_shape.emacs = "inherit"         # Cursor shape in emacs mode
 $env.config.cursor_shape.vi_insert = "block"       # Cursor shape in vi-insert mode
 $env.config.cursor_shape.vi_normal = "underscore"  # Cursor shape in normal vi mode
 # --------------------
 # Terminal Integration
 # --------------------
 # Nushell can output a number of escape codes to enable advanced features in Terminal Emulators
 # that support them. Settings in this section enable or disable these features in Nushell.
 # Features aren't supported by your Terminal can be disabled. Features can also be disabled,
 #  of course, if there is a conflict between the Nushell and Terminal's implementation.
 # use_kitty_protocol (bool):
 # A keyboard enhancement protocol supported by the Kitty Terminal. Additional keybindings are
 # available when using this protocol in a supported terminal. For example, without this protocol,
 # Ctrl+I is interpreted as the Tab Key. With this protocol, Ctrl+I and Tab can be mapped separately.
 $env.config.use_kitty_protocol = false
 # osc2 (bool):
 # When true, the current directory and running command are shown in the terminal tab/window title.
 # Also abbreviates the directory name by prepending ~ to the home directory and its subdirectories.
 $env.config.shell_integration.osc2 = true
 # osc7 (bool):
 # Nushell will report the current directory to the terminal using OSC 7. This is useful when
 # spawning new tabs in the same directory.
 $env.config.shell_integration.osc7 = true
 # osc9_9 (bool):
 # Enables/Disables OSC 9;9 support, originally a ConEmu terminal feature. This is an
 # alternative to OSC 7 which also communicates the current path to the terminal.
 $env.config.shell_integration.osc9_9 = false
 # osc8 (bool):
 # When true, the `ls` command will generate clickable links that can be launched in another
 # application by the terminal.
 # Note: This setting replaces the now deprecated `ls.clickable_links`
 $env.config.shell_integration.osc8 = true
 # osc133 (bool):
 # true/false to enable/disable OSC 133 support, a set of several escape sequences which
 # report the (1) starting location of the prompt, (2) ending location of the prompt,
 # (3) starting location of the command output, and (4) the exit code of the command.
 # originating with Final Term. These sequences report information regarding the prompt
 # location as well as command status to the terminal. This enables advanced features in
 # some terminals, including the ability to provide separate background colors for the
 # command vs. the output, collapsible output, or keybindings to scroll between prompts.
 $env.config.shell_integration.osc133 = true
 # osc633 (bool):
 # true/false to enable/disable OSC 633, an extension to OSC 133 for Visual Studio Code
 $env.config.shell_integration.osc633 = true
 # NU_LIB_DIRS
 # -----------
 # Directories in this constant are searched by the
 # `use` and `source` commands.
 #
 # By default, the `scripts` subdirectory of the default configuration
 # directory is included:
 const NU_LIB_DIRS = [
    ($nu.default-config-dir | path join 'scripts') # add <nushell-config-dir>/scripts
    ($nu.data-dir | path join 'completions') # default home for nushell completions
 ]
 # NU_PLUGIN_DIRS
 # --------------
 # Directories to search for plugin binaries when calling add.
 # By default, the `plugins` subdirectory of the default configuration
 # directory is included:
 const NU_PLUGIN_DIRS = [
    ($nu.default-config-dir | path join 'plugins') # add <nushell-config-dir>/plugins
 ]
 # As with NU_LIB_DIRS, an $env.NU_PLUGIN_DIRS is searched after the constant version
 # The `path add` function from the Standard Library also provides
 # a convenience method for prepending to the path:
 use std/util "path add"
 path add "~/.local/bin"
 # You can remove duplicate directories from the path using:
 $env.PATH = ($env.PATH | uniq)
@@ -1,25 +1,34 @@
-let
+{
  config,
  pkgs-unstable,
  ...
 }: let
  shellAliases = {
    k = "kubectl";
    urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
    urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
  };
  localBin = "${config.home.homeDirectory}/.local/bin";
  goBin = "${config.home.homeDirectory}/go/bin";
  rustBin = "${config.home.homeDirectory}/.cargo/bin";
 in {
  # only works in bash/zsh, not nushell
  home.shellAliases = shellAliases;
  programs.nushell = {
    enable = true;
    package = pkgs-unstable.nushell;
    configFile.source = ./config.nu;
-    shellAliases = shellAliases;
+    inherit shellAliases;
  };
  programs.bash = {
    enable = true;
    enableCompletion = true;
    bashrcExtra = ''
-      export PATH="$HOME/.local/bin:$HOME/go/bin:$PATH"
+      export PATH="$PATH:${localBin}:${goBin}:${rustBin}"
    '';
  };
 }
@@ -0,0 +1,23 @@
 {
  pkgs,
  pkgs-unstable,
  nur-ryan4yin,
  ...
 }: {
  # terminal file manager
  programs.yazi = {
    enable = true;
    package = pkgs-unstable.yazi;
    # Changing working directory when exiting Yazi
    enableBashIntegration = true;
    enableNushellIntegration = true;
    settings = {
      manager = {
        show_hidden = true;
        sort_dir_first = true;
      };
    };
  };
  xdg.configFile."yazi/theme.toml".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-yazi}/mocha.toml";
 }
@@ -0,0 +1,12 @@
 let
  shellAliases = {
    "zj" = "zellij";
  };
 in {
  programs.zellij = {
    enable = true;
  };
  # only works in bash/zsh, not nushell
  home.shellAliases = shellAliases;
  programs.nushell.shellAliases = shellAliases;
 }
@@ -1,28 +0,0 @@
 {pkgs, ...}: {
  home.packages = with pkgs;
    [
      # general tools
      pulumi
      pulumictl
      # istioctl
      # aws
      awscli2
      ssm-session-manager-plugin # Amazon SSM Session Manager Plugin
      aws-iam-authenticator
      eksctl
      istioctl
      # aliyun
      aliyun-cli
    ]
    ++ (
      if pkgs.stdenv.isLinux
      then [
        # cloud tools that nix do not have cache for.
        terraform
        terraformer # generate terraform configs from existing cloud resources
      ]
      else []
    );
 }
@@ -1,14 +0,0 @@
 {
  pkgs,
  pkgs-unstable,
  ...
 }: {
  home.packages = with pkgs; [
    skopeo
    docker-compose
    dive # explore docker layers
  ];
  programs = {
  };
 }
@@ -1,6 +0,0 @@
 {...}: {
  imports = [
    ./container.nix
    ./kubernetes.nix
  ];
 }
@@ -1,30 +0,0 @@
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  home.packages = with pkgs; [
    kubectl
    kubernetes-helm
  ];
  programs = {
    k9s = {
      enable = true;
      skin = let
        skin_file = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-k9s}/dist/mocha.yml"; # theme - catppuccin mocha
        skin_attr = builtins.fromJSON (
          builtins.readFile
          # replace 'base: &base "#1e1e2e"' with 'base: &base "default"'
          # to make fg/bg color transparent. "default" means transparent in k9s skin.
          (pkgs.runCommandNoCC "get-skin-json" {} ''
            cat ${skin_file} \
              |  sed -E 's@(base: &base ).+@\1 "default"@g' \
              | ${pkgs.yj}/bin/yj > $out
          '')
        );
      in
        skin_attr;
    };
  };
 }
@@ -1,16 +0,0 @@
 {...}: {
  imports = [
    ../server
    ./cloud
    ./container
    ./neovim
    ./terminal
    ./development.nix
    ./helix.nix
    ./media.nix
    ./shell.nix
    ./yazi.nix
  ];
 }
@@ -1,87 +0,0 @@
 {
  pkgs,
  pkgs-unstable,
  ...
 }: {
  #############################################################
  #
  #  Basic settings for development environment
  #
  #  Please avoid to install language specific packages here(globally),
  #  instead, install them:
  #     1. per IDE, such as `programs.neovim.extraPackages`
  #     2. per-project, using https://github.com/the-nix-way/dev-templates
  #
  #############################################################
  home.packages = with pkgs;
    [
      (python3.withPackages (
        ps:
          with ps; [
            ipython
            pandas
            requests
            pyquery
            pyyaml
          ]
      ))
      cargo # rust package manager
      go
      jdk17
      guile # scheme language
      # db related
      dbeaver
      mycli
      pgcli
      mongosh
      sqlite
      # embedded development
      minicom
      # ai related
      python311Packages.huggingface-hub # huggingface-cli
      # misc
      pkgs-unstable.devbox
      glow # markdown previewer
      fzf
      gdu # disk usage analyzer, required by AstroNvim
      ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
      bfg-repo-cleaner # remove large files from git history
      k6 # load testing tool
      protobuf # protocol buffer compiler
    ]
    ++ (
      if pkgs.stdenv.isLinux
      then [
        # Automatically trims your branches whose tracking remote refs are merged or gone
        # It's really useful when you work on a project for a long time.
        git-trim
        # need to run `conda-install` before using it
        # need to run `conda-shell` before using command `conda`
        # conda is not available for MacOS
        conda
        mitmproxy # http/https proxy tool
        insomnia # REST client
        wireshark # network analyzer
      ]
      else []
    );
  programs = {
    direnv = {
      enable = true;
      nix-direnv.enable = true;
      enableZshIntegration = true;
      enableBashIntegration = true;
      enableNushellIntegration = true;
    };
  };
 }
@@ -1,459 +0,0 @@
 return {
  colorscheme = "catppuccin",
  options = {
    opt = {
      relativenumber = true, -- Show relative numberline
      signcolumn = "auto", -- Show sign column when used only
      spell = false,      -- Spell checking
      swapfile = false,   -- Swapfile
      smartindent = false, -- fix https://github.com/ryan4yin/nix-config/issues/4
    },
  },
  plugins = {
    "AstroNvim/astrocommunity",
    -- colorscheme - catppuccin
    { import = "astrocommunity.colorscheme.catppuccin" },
    -- Highly experimental plugin that completely replaces
    -- the UI for messages, cmdline and the popupmenu.
    { import = "astrocommunity.utility.noice-nvim" },
    -- Fully featured & enhanced replacement for copilot.vim
    -- <Tab> work with both auto completion in cmp and copilot
    { import = "astrocommunity.media.vim-wakatime" },
    { import = "astrocommunity.motion.leap-nvim" },
    { import = "astrocommunity.motion.flit-nvim" },
    { import = "astrocommunity.scrolling.nvim-scrollbar" },
    { import = "astrocommunity.editing-support.todo-comments-nvim" },
    -- Language Support
    ---- Frontend & NodeJS
    { import = "astrocommunity.pack.typescript-all-in-one" },
    { import = "astrocommunity.pack.tailwindcss" },
    { import = "astrocommunity.pack.html-css" },
    { import = "astrocommunity.pack.prisma" },
    { import = "astrocommunity.pack.vue" },
    ---- Configuration Language
    { import = "astrocommunity.pack.markdown" },
    { import = "astrocommunity.pack.json" },
    { import = "astrocommunity.pack.yaml" },
    { import = "astrocommunity.pack.toml" },
    ---- Backend
    { import = "astrocommunity.pack.lua" },
    { import = "astrocommunity.pack.go" },
    { import = "astrocommunity.pack.rust" },
    { import = "astrocommunity.pack.python" },
    { import = "astrocommunity.pack.java" },
    -- { import = "astrocommunity.pack.nix" },  -- manually add config for nix, comment this one.
    { import = "astrocommunity.pack.proto" },
    ---- Operation & Cloud Native
    { import = "astrocommunity.pack.terraform" },
    { import = "astrocommunity.pack.bash" },
    { import = "astrocommunity.pack.cmake" },
    { import = "astrocommunity.pack.cpp" },
    { import = "astrocommunity.pack.docker" },
    -- Motion
    { import = "astrocommunity.motion.mini-surround" },
    -- https://github.com/echasnovski/mini.ai
    { import = "astrocommunity.motion.mini-ai" },
    { import = "astrocommunity.motion.flash-nvim" },
    { "folke/flash.nvim",                                          vscode = false },
    -- Lua implementation of CamelCaseMotion, with extra consideration of punctuation.
    { import = "astrocommunity.motion.nvim-spider" },
    -- AI Assistant
    { import = "astrocommunity.completion.copilot-lua-cmp" },
    -- Custom copilot-lua to enable filtypes: markdown
    {
      "zbirenbaum/copilot.lua",
      opts = function(_, opts)
        opts.filetypes = {
          yaml = true,
          markdown = true,
        }
      end,
    },
    {
      "0x00-ketsu/autosave.nvim",
      -- lazy-loading on events
      event = { "InsertLeave", "TextChanged" },
      opts = function(_, opts)
        opts.prompt_style = "notify" -- or stdout
      end,
    },
    -- markdown preview
    {
      "0x00-ketsu/markdown-preview.nvim",
      ft = { "md", "markdown", "mkd", "mkdn", "mdwn", "mdown", "mdtxt", "mdtext", "rmd", "wiki" },
      config = function()
        require("markdown-preview").setup({
          -- your configuration comes here
          -- or leave it empty to use the default settings
          -- refer to the setup section below
        })
      end,
    },
    -- clipboard manager
    {
      "gbprod/yanky.nvim",
      opts = function()
        local mapping = require("yanky.telescope.mapping")
        local mappings = mapping.get_defaults()
        mappings.i["<c-p>"] = nil
        return {
          highlight = { timer = 200 },
          picker = {
            telescope = {
              use_default_mappings = false,
              mappings = mappings,
            },
          },
        }
      end,
      keys = {
        {
          "y",
          "<Plug>(YankyYank)",
          mode = { "n", "x" },
          desc = "Yank text",
        },
        {
          "p",
          "<Plug>(YankyPutAfter)",
          mode = { "n", "x" },
          desc = "Put yanked text after cursor",
        },
        {
          "P",
          "<Plug>(YankyPutBefore)",
          mode = { "n", "x" },
          desc = "Put yanked text before cursor",
        },
        {
          "gp",
          "<Plug>(YankyGPutAfter)",
          mode = { "n", "x" },
          desc = "Put yanked text after selection",
        },
        {
          "gP",
          "<Plug>(YankyGPutBefore)",
          mode = { "n", "x" },
          desc = "Put yanked text before selection",
        },
        { "[y", "<Plug>(YankyCycleForward)",              desc = "Cycle forward through yank history" },
        { "]y", "<Plug>(YankyCycleBackward)",             desc = "Cycle backward through yank history" },
        { "]p", "<Plug>(YankyPutIndentAfterLinewise)",    desc = "Put indented after cursor (linewise)" },
        { "[p", "<Plug>(YankyPutIndentBeforeLinewise)",   desc = "Put indented before cursor (linewise)" },
        { "]P", "<Plug>(YankyPutIndentAfterLinewise)",    desc = "Put indented after cursor (linewise)" },
        { "[P", "<Plug>(YankyPutIndentBeforeLinewise)",   desc = "Put indented before cursor (linewise)" },
        { ">p", "<Plug>(YankyPutIndentAfterShiftRight)",  desc = "Put and indent right" },
        { "<p", "<Plug>(YankyPutIndentAfterShiftLeft)",   desc = "Put and indent left" },
        { ">P", "<Plug>(YankyPutIndentBeforeShiftRight)", desc = "Put before and indent right" },
        { "<P", "<Plug>(YankyPutIndentBeforeShiftLeft)",  desc = "Put before and indent left" },
        { "=p", "<Plug>(YankyPutAfterFilter)",            desc = "Put after applying a filter" },
        { "=P", "<Plug>(YankyPutBeforeFilter)",           desc = "Put before applying a filter" },
      },
    },
    -- Enhanced matchparen.vim plugin for Neovim to highlight the outer pair.
    {
      "utilyre/sentiment.nvim",
      version = "*",
      event = "VeryLazy", -- keep for lazy loading
      opts = {
        -- config
      },
      init = function()
        -- `matchparen.vim` needs to be disabled manually in case of lazy loading
        vim.g.loaded_matchparen = 1
      end,
    },
    -- joining blocks of code into oneline, or splitting one line into multiple lines.
    {
      "Wansmer/treesj",
      keys = { "<space>m", "<space>j", "<space>s" },
      dependencies = { "nvim-treesitter/nvim-treesitter" },
      config = function()
        require("treesj").setup({ --[[ your config ]]
        })
      end,
    },
    -- File explorer(Custom configs)
    {
      "nvim-neo-tree/neo-tree.nvim",
      opts = {
        filesystem = {
          filtered_items = {
            visible = true, -- visible by default
            hide_dotfiles = false,
            hide_gitignored = false,
          },
        },
      },
    },
    -- The plugin offers the alibity to refactor code.
    {
      "ThePrimeagen/refactoring.nvim",
      dependencies = {
        { "nvim-lua/plenary.nvim" },
        { "nvim-treesitter/nvim-treesitter" },
      },
    },
    -- The plugin offers the abilibty to search and replace.
    {
      "nvim-pack/nvim-spectre",
      dependencies = {
        { "nvim-lua/plenary.nvim" },
      },
    },
    -- full signature help, docs and completion for the nvim lua API.
    { "folke/neodev.nvim",     opts = {} },
    { "RRethy/vim-illuminate", config = function() end },
    -- Language Parser for syntax highlighting / indentation / folding / Incremental selection
    {
      "nvim-treesitter/nvim-treesitter",
      opts = function(_, opts)
        local utils = require("astronvim.utils")
        opts.incremental_selection = {
          enable = true,
          keymaps = {
            init_selection = "<C-space>", -- Ctrl + Space
            node_incremental = "<C-space>",
            scope_incremental = "<A-space>", -- Alt + Space
            node_decremental = "<bs>", -- Backspace
          },
        }
        opts.ensure_installed = utils.list_insert_unique(opts.ensure_installed, {
          -- neovim
          "vim",
          "lua",
          -- operation & cloud native
          "dockerfile",
          "hcl",
          "jsonnet",
          "regex",
          "terraform",
          "nix",
        })
      end,
    },
    -- implementation/definition preview
    {
      "rmagatti/goto-preview",
      config = function()
        require("goto-preview").setup({})
      end,
    },
    -- Undo tree
    { "debugloop/telescope-undo.nvim" },
    -- Install lsp, formmatter and others via home manager instead of Mason.nvim
    -- LSP installations
    {
      "williamboman/mason-lspconfig.nvim",
      -- overwrite ensure_installed to install lsp via home manager(except emmet_ls)
      opts = function(_, opts)
        opts.ensure_installed = {
          "emmet_ls", -- not exist in nixpkgs, so install it via mason
        }
      end,
    },
    -- Formatters/Linter installation
    {
      "jay-babu/mason-null-ls.nvim",
      -- ensure_installed nothing
      opts = function(_, opts)
        opts.ensure_installed = nil
        opts.automatic_installation = false
      end,
    },
    {
      "jose-elias-alvarez/null-ls.nvim",
      opts = function(_, opts)
        local null_ls = require("null-ls")
        local code_actions = null_ls.builtins.code_actions
        local diagnostics = null_ls.builtins.diagnostics
        local formatting = null_ls.builtins.formatting
        local hover = null_ls.builtins.hover
        local completion = null_ls.builtins.completion
        -- https://github.com/jose-elias-alvarez/null-ls.nvim/blob/main/doc/BUILTINS.md
        if type(opts.sources) == "table" then
          vim.list_extend(opts.sources, {
            -- Common Code Actions
            code_actions.gitsigns,
            -- common refactoring actions based off the Refactoring book by Martin Fowler
            code_actions.refactoring,
            code_actions.gomodifytags, -- Go - modify struct field tags
            code_actions.impl,   -- Go - generate interface method stubs
            code_actions.shellcheck,
            code_actions.proselint, -- English prose linter
            code_actions.statix, -- Lints and suggestions for Nix.
            -- Diagnostic
            diagnostics.actionlint, -- GitHub Actions workflow syntax checking
            diagnostics.buf,  -- check text in current buffer
            diagnostics.checkmake, -- check Makefiles
            diagnostics.deadnix, -- Scan Nix files for dead code.
            -- Formatting
            formatting.prettier,                          -- js/ts/vue/css/html/json/... formatter
            diagnostics.hadolint,                         -- Dockerfile linter
            formatting.black,                             -- Python formatter
            formatting.ruff,                              -- extremely fast Python linter
            formatting.goimports,                         -- Go formatter
            formatting.shfmt,                             -- Shell formatter
            formatting.rustfmt,                           -- Rust formatter
            formatting.taplo,                             -- TOML formatteautoindentr
            formatting.terraform_fmt,                     -- Terraform formatter
            formatting.stylua,                            -- Lua formatter
            formatting.alejandra,                         -- Nix formatter
            formatting.sqlfluff.with({                    -- SQL formatter
              extra_args = { "--dialect", "postgres" },   -- change to your dialect
            }),
            formatting.nginx_beautifier,                  -- Nginx formatter
            null_ls.builtins.formatting.verible_verilog_format, -- Verilog formatter
          })
        end
      end,
    },
    -- Debugger installation
    {
      "jay-babu/mason-nvim-dap.nvim",
      -- overrides `require("mason-nvim-dap").setup(...)`
      opts = function(_, opts)
        opts.ensure_installed = nil
        opts.automatic_installation = false
      end,
    },
    {
      "nvim-telescope/telescope.nvim",
      branch = "0.1.x",
      dependencies = { "nvim-lua/plenary.nvim" },
      init = function()
        -- 1. Disable highlighting for certain filetypes
        -- 2. Ignore files larger than a certain filesize
        local previewers = require("telescope.previewers")
        local _bad = { ".*%.csv", ".*%.min.js" } -- Put all filetypes that slow you down in this array
        local filesize_threshold = 300 * 1024 -- 300KB
        local bad_files = function(filepath)
          for _, v in ipairs(_bad) do
            if filepath:match(v) then
              return false
            end
          end
          return true
        end
        local new_maker = function(filepath, bufnr, opts)
          opts = opts or {}
          if opts.use_ft_detect == nil then
            opts.use_ft_detect = true
          end
          -- 1. Check if the file is in the bad_files array, and if so, don't highlight it
          opts.use_ft_detect = opts.use_ft_detect == false and false or bad_files(filepath)
          -- 2. Check the file size, and ignore it if it's too big(preview nothing).
          filepath = vim.fn.expand(filepath)
          vim.loop.fs_stat(filepath, function(_, stat)
            if not stat then
              return
            end
            if stat.size > filesize_threshold then
              return
            else
              previewers.buffer_previewer_maker(filepath, bufnr, opts)
            end
          end)
        end
        require("telescope").setup({
          defaults = {
            buffer_previewer_maker = new_maker,
          },
        })
      end,
    },
  },
  -- Configure require("lazy").setup() options
  lazy = {
    defaults = { lazy = true },
    performance = {
      rtp = {
        -- customize default disabled vim plugins
        disabled_plugins = {},
      },
    },
  },
  -- https://github.com/neovim/nvim-lspconfig/blob/master/doc/server_configurations.md
  lsp = {
    config = {
      -- the offset_enconding of clangd will confilicts whit null-ls
      -- so we need to manually set it to utf-8
      clangd = {
        capabilities = {
          offsetEncoding = "utf-8",
        },
      },
    },
    -- enable servers that installed by home-manager instead of mason
    servers = {
      ---- Frontend & NodeJS
      "tsserver",   -- typescript/javascript language server
      "tailwindcss", -- tailwindcss language server
      "html",       -- html language server
      "cssls",      -- css language server
      "prismals",   -- prisma language server
      "volar",      -- vue language server
      ---- Configuration Language
      "marksman",   -- markdown ls
      "jsonls",     -- json language server
      "yamlls",     -- yaml language server
      "taplo",      -- toml language server
      ---- Backend
      "lua_ls",     -- lua
      "gopls",      -- go
      "rust_analyzer", -- rust
      "pyright",    -- python
      "ruff_lsp",   -- extremely fast Python linter and code transformation
      "jdtls",      -- java
      "nil_ls",     -- nix language server
      "bufls",      -- protocol buffer language server
      "zls",        -- zig language server
      ---- HDL
      "verible",    -- verilog language server
      ---- Operation & Cloud Nativautoindente
      "bashls",     -- bash
      "cmake",      -- cmake language server
      "clangd",     -- c/c++
      "dockerls",   -- dockerfile
      "jsonnet_ls", -- jsonnet language server
      "terraformls", -- terraform hcl
    },
    formatting = {
      disabled = {},
      format_on_save = {
        enabled = true,
        allow_filetypes = {
          "go",
          "jsonnet",
          "rust",
          "terraform",
        },
      },
    },
  },
 }
@@ -1,68 +0,0 @@
 -- Mapping data with "desc" stored directly by vim.keymap.set().
 --
 -- Please use this mappings table to set keyboard mapping since this is the
 -- lower level configuration and more robust one. (which-key will
 -- automatically pick-up stored data by this setting.)
 local utils = require "astronvim.utils"
 require("telescope").load_extension("refactoring")
 require("telescope").load_extension("yank_history")
 require("telescope").load_extension("undo")
 return {
  -- normal mode
  n = {
    -- second key is the lefthand side of the map
    -- mappings seen under group name "Buffer"
    ["<leader>bn"] = { "<cmd>tabnew<cr>", desc = "New tab" },
    -- quick save
    ["<C-s>"] = { ":w!<cr>", desc = "Save File" },  -- change description but the same command
    -- Terminal
    -- NOTE: https://neovim.io/doc/user/builtin.html#jobstart()
    --   1. If {cmd} is a List it runs directly (no 'shell')
    --   2. If {cmd} is a String it runs in the 'shell'
    ["<leader>tp"] = { function() utils.toggle_term_cmd({ cmd = "ipython" }) end, desc = "ToggleTerm python" },
    -- search and replace globally
    ['<leader>ss'] = {'<cmd>lua require("spectre").toggle()<CR>', desc = "Toggle Spectre" },
    ['<leader>sw'] = {'<cmd>lua require("spectre").open_visual({select_word=true})<CR>', desc = "Search current word" },
    ['<leader>sp'] ={'<cmd>lua require("spectre").open_file_search({select_word=true})<CR>', desc = "Search on current file" },
    -- refactoring
    ["<leader>ri"] = { function() require('refactoring').refactor('Inline Variable') end, desc = "Inverse of extract variable" },
    ["<leader>rb"] = { function() require('refactoring').refactor('Extract Block') end, desc = "Extract Block" },
    ["<leader>rbf"] = { function() require('refactoring').refactor('Extract Block To File') end, desc = "Extract Block To File" },
    ["<leader>rr"] = { function() require('telescope').extensions.refactoring.refactors() end, desc = "Prompt for a refactor to apply" },
    ["<leader>rp"] = { function() require('refactoring').debug.printf({below = false}) end, desc = "Insert print statement to mark the calling of a function" },
    ["<leader>rv"] = { function() require('refactoring').debug.print_var() end, desc = "Insert print statement to print a variable" },
    ["<leader>rc"] = { function() require('refactoring').debug.cleanup({}) end, desc = "Cleanup of all generated print statements" },
    -- yank_history
    ["<leader>yh"] = { function() require("telescope").extensions.yank_history.yank_history() end, desc = "Preview Yank History" },
    -- undo history
    ["<leader>uh"] = {"<cmd>Telescope undo<cr>", desc="Telescope undo" },
    -- implementation/definition preview
    ["gpd"] = { "<cmd>lua require('goto-preview').goto_preview_definition()<CR>", desc="goto_preview_definition" },
    ["gpt"] = { "<cmd>lua require('goto-preview').goto_preview_type_definition()<CR>", desc="goto_preview_type_definition" },
    ["gpi"] = { "<cmd>lua require('goto-preview').goto_preview_implementation()<CR>", desc="goto_preview_implementation" },
    ["gP" ] = {  "<cmd>lua require('goto-preview').close_all_win()<CR>", desc="close_all_win" },
    ["gpr"] = { "<cmd>lua require('goto-preview').goto_preview_references()<CR>", desc="goto_preview_references" },
  },
  -- Visual mode
  v = {
    -- search and replace globally
    ['<leader>sw'] =  {'<esc><cmd>lua require("spectre").open_visual()<CR>', desc = "Search current word" },
  },
  -- visual mode(what's the difference between v and x???)
  x = {
    -- refactoring
    ["<leader>ri"] = { function() require('refactoring').refactor('Inline Variable') end, desc = "Inverse of extract variable" },
    ["<leader>re"] = { function() require('refactoring').refactor('Extract Function') end, desc = "Extracts the selected code to a separate function" },
    ["<leader>rf"] = { function() require('refactoring').refactor('Extract Function To File') end, desc = "Extract Function To File" },
    ["<leader>rv"] = { function() require('refactoring').refactor('Extract Variable') end, desc = "Extracts occurrences of a selected expression to its own variable" },
    ["<leader>rr"] = { function() require('telescope').extensions.refactoring.refactors() end, desc = "Prompt for a refactor to apply" },
  },
 }
@@ -1,156 +0,0 @@
 {
  pkgs,
  astronvim,
  ...
 }:
 ###############################################################################
 #
 #  AstroNvim's configuration and all its dependencies(lsp, formatter, etc.)
 #
 #e#############################################################################
 {
  xdg.configFile = {
    # astronvim's config
    "nvim".source = astronvim;
    # my custom astronvim config, astronvim will load it after base config
    # https://github.com/AstroNvim/AstroNvim/blob/v3.32.0/lua/astronvim/bootstrap.lua#L15-L16
    "astronvim/lua/user".source = ./astronvim_user;
  };
  nixpkgs.config = {
    programs.npm.npmrc = ''
      prefix = ''${HOME}/.npm-global
    '';
  };
  programs = {
    neovim = {
      enable = true;
      defaultEditor = true;
      viAlias = true;
      vimAlias = true;
      # currently we use lazy.nvim as neovim's package manager, so comment this one.
      # plugins = with pkgs.vimPlugins; [
      #   # search all the plugins using https://search.nixos.org/packages
      # ];
      # Extra packages only available to nvim(won't pollute the global home environment)
      extraPackages = with pkgs;
        [
          #-- c/c++
          cmake
          cmake-language-server
          gnumake
          checkmake
          gcc # c/c++ compiler, required by nvim-treesitter!
          llvmPackages.clang-unwrapped # c/c++ tools with clang-tools such as clangd
          lldb
          #-- python
          nodePackages.pyright # python language server
          python3Packages.black # python formatter
          python3Packages.ruff-lsp
          (python3.withPackages (
            ps:
              with ps; [
                pynvim # Python client and plugin host for Nvim
                ipython
                pandas
                requests
                pyquery
                pyyaml
              ]
          ))
          #-- rust
          rust-analyzer
          cargo # rust package manager
          rustfmt
          #-- zig
          zls
          #-- nix
          nil
          rnix-lsp
          # nixd
          statix # Lints and suggestions for the nix programming language
          deadnix # Find and remove unused code in .nix source files
          alejandra # Nix Code Formatter
          #-- golang
          go
          gomodifytags
          iferr # generate error handling code for go
          impl # generate function implementation for go
          gotools # contains tools like: godoc, goimports, etc.
          gopls # go language server
          delve # go debugger
          # -- java
          jdk17
          gradle
          maven
          spring-boot-cli
          #-- lua
          stylua
          lua-language-server
          #-- bash
          nodePackages.bash-language-server
          shellcheck
          shfmt
          #-- javascript/typescript --#
          nodePackages.nodejs
          nodePackages.typescript
          nodePackages.typescript-language-server
          # HTML/CSS/JSON/ESLint language servers extracted from vscode
          nodePackages.vscode-langservers-extracted
          nodePackages."@tailwindcss/language-server"
          #-- CloudNative
          nodePackages.dockerfile-language-server-nodejs
          # terraform  # install via brew on macOS
          terraform-ls
          jsonnet
          jsonnet-language-server
          hadolint # Dockerfile linter
          #-- Others
          taplo # TOML language server / formatter / validator
          nodePackages.yaml-language-server
          sqlfluff # SQL linter
          actionlint # GitHub Actions linter
          buf # protoc plugin for linting and formatting
          proselint # English prose linter
          guile # scheme language
          #-- Misc
          tree-sitter # common language parser/highlighter
          nodePackages.prettier # common code formatter
          marksman # language server for markdown
          glow # markdown previewer
          fzf
          #-- Optional Requirements:
          gdu # disk usage analyzer, required by AstroNvim
          ripgrep # fast search tool, required by AstroNvim's '<leader>fw'(<leader> is space key)
        ]
        ++ (
          if pkgs.stdenv.isDarwin
          then []
          else [
            #-- verilog / systemverilog
            verible
            gdb
          ]
        );
    };
  };
 }
@@ -1,31 +0,0 @@
 {nushell-scripts, ...}: {
  programs.bash = {
    # load the alias file for work
    bashrcExtra = ''
      alias_for_work=/etc/agenix/alias-for-work.bash
      if [ -f $alias_for_work ]; then
        . $alias_for_work
      else
        echo "No alias file found for work"
      fi
    '';
  };
  programs.nushell = {
    # load the alias file for work
    # the file must exist, otherwise nushell will complain about it!
    #
    # currently, nushell does not support conditional sourcing of files
    # https://github.com/nushell/nushell/issues/8214
    extraConfig = ''
      source /etc/agenix/alias-for-work.nushell
      use ${nushell-scripts}/custom-completions/git/git-completions.nu *
      use ${nushell-scripts}/custom-completions/glow/glow-completions.nu *
      use ${nushell-scripts}/custom-completions/make/make-completions.nu *
      use ${nushell-scripts}/custom-completions/nix/nix-completions.nu *
      use ${nushell-scripts}/custom-completions/man/man-completions.nu *
      use ${nushell-scripts}/custom-completions/cargo/cargo-completions.nu *
      use ${nushell-scripts}/custom-completions/zellij/zellij-completions.nu *
    '';
  };
 }
@@ -1,61 +0,0 @@
 # Termianl Emulators
 1. kitty: My main terminal emulator.
 2. wezterm: My secondary terminal emulator.
 3. alacritty: Standby terminal.
 ## 'xterm-kitty': unknown terminal type when `ssh` into a remote host or `sudo xxx`
 > https://sw.kovidgoyal.net/kitty/faq/#i-get-errors-about-the-terminal-being-unknown-or-opening-the-terminal-failing-or-functional-keys-like-arrow-keys-don-t-work
 > https://wezfurlong.org/wezterm/config/lua/config/term.html
 kitty set `TERM` to `xterm-kitty` by default, and TUI apps like `viu`, `yazi`, `curses` will try to search in the host's [terminfo(terminal capability data base)](https://linux.die.net/man/5/terminfo) for value of `TERM` to determine the capabilities of the terminal.
 But when you `ssh` into a remote host, the remote host is very likely to not have `xterm-kitty` in its terminfo, so you will get this error:
 ```
 'xterm-kitty': unknown terminal type
 ```
 Or when you `sudo xxx`, `sudo` won't preserve the `TERM` variable, it will be reset to root's default `TERM` value, which is `xterm` or `xterm-256color` in most linux distributions, so you will get this error:
 ```
 'xterm-256color': unknown terminal type
 ```
 or 
 ```
 Error opening terminal: xterm-kitty.
 ```
 NixOS preserve the `TERMINFO` and `TERMINFO_DIRS` environment variables, for `root` and the `wheel` group: [nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-23.11/nixos/modules/config/terminfo.nix#L18)
 For nix-darwin, take a look at <https://github.com/LnL7/nix-darwin/wiki/Terminfo-issues>
 ### Solutions
 Simplest solution, it will automatically copy over the terminfo files and also magically enable shell integration on the remote machine: 
 ```
 kitten ssh user@host
 ```
 Or if you do not care about kitty's features(such as true color & graphics protocol), you can simply set `TERM` to `xterm-256color`, which is built-in in most linux distributions:
 ```
 export TERM=xterm-256color
 ```
 If you need kitty's features, but do not like the magic of `kitten`, you can manually install kitty's terminfo on the remote host:
 ```bash
 # install on ubuntu / debian
 sudo apt-get install kitty-terminfo
 # or copy from local machine
 infocmp -a xterm-kitty | ssh myserver tic -x -o \~/.terminfo /dev/stdin
 ```
@@ -1,113 +0,0 @@
 {
  pkgs,
  nur-ryan4yin,
  ...
 }:
 ###########################################################
 #
 # Alacritty Configuration
 #
 # Useful Hot Keys for macOS:
 #   1. Multi-Window: `command + N`
 #   2. Increase Font Size: `command + =` | `command + +`
 #   3. Decrease Font Size: `command + -` | `command + _`
 #   4. Search Text: `command + F`
 #   5. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Useful Hot Keys for Linux:
 #   1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
 #   2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
 #   3. Search Text: `ctrl + shift + N`
 #   4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Note: Alacritty do not have support for Tabs, and any graphic protocol.
 #
 ###########################################################
 {
  xdg.configFile."alacritty/theme_catppuccin.yml".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-alacritty}/catppuccin-mocha.yml";
  programs.alacritty = {
    enable = true;
  };
  xdg.configFile."alacritty/alacritty.yml".text =
    ''
      import:
        # all alacritty themes can be found at
        #    https://github.com/alacritty/alacritty-theme
        - ~/.config/alacritty/theme_catppuccin.yml
      window:
        # Background opacity
        #
        # Window opacity as a floating point number from `0.0` to `1.0`.
        # The value `0.0` is completely transparent and `1.0` is opaque.
        opacity: 0.93
        # Startup Mode (changes require restart)
        #
        # Values for `startup_mode`:
        #   - Windowed
        #   - Maximized
        #   - Fullscreen
        #
        # Values for `startup_mode` (macOS only):
        #   - SimpleFullscreen
        startup_mode: Maximized
        # Allow terminal applications to change Alacritty's window title.
        dynamic_title: true
        # Make `Option` key behave as `Alt` (macOS only):
        #   - OnlyLeft
        #   - OnlyRight
        #   - Both
        #   - None (default)
        option_as_alt: Both
      scrolling:
        # Maximum number of lines in the scrollback buffer.
        # Specifying '0' will disable scrolling.
        history: 10000
        # Scrolling distance multiplier.
        #multiplier: 3
      # Font configuration
      font:
        # Normal (roman) font face
        bold:
          family: JetBrainsMono Nerd Font
        italic:
          family: JetBrainsMono Nerd Font
        normal:
          family: JetBrainsMono Nerd Font
        bold_italic:
          # Font family
          #
          # If the bold italic family is not specified, it will fall back to the
          # value specified for the normal font.
          family: JetBrainsMono Nerd Font
      shell:
        #  To resolve issues:
        #    1. https://github.com/ryan4yin/nix-config/issues/26
        #    2. https://github.com/ryan4yin/nix-config/issues/8
        #  Spawn a nushell in login mode via `bash`
        program: ${pkgs.bash}/bin/bash
        args:
          - --login
          - -c
          - 'nu --login --interactive'
    ''
    + (
      if pkgs.stdenv.isDarwin
      then ''
        # Point size
        size: 14
      ''
      else ''
        # holder identation
          # Point size
          size: 13
      ''
    );
 }
@@ -1,7 +0,0 @@
 {...}: {
  imports = [
    ./alacritty.nix
    ./kitty.nix
    ./wezterm.nix
  ];
 }
@@ -1,104 +0,0 @@
 {pkgs, ...}:
 ###########################################################
 #
 # Wezterm Configuration
 #
 # Default Keybindings: https://wezfurlong.org/wezterm/config/default-keys.html
 #
 ###########################################################
 {
  # wezterm has catppuccin theme built-in,
  # it's not necessary to install it separately.
  # we can add wezterm as a flake input once this PR is merged:
  #    https://github.com/wez/wezterm/pull/3547
  programs.wezterm =
    {
      enable = true;
      # TODO: Fix: https://github.com/wez/wezterm/issues/4483
      # package = pkgs.wezterm.override { };
      extraConfig = let
        fontsize =
          if pkgs.stdenv.isDarwin
          then "14.0"
          else "13.0";
      in ''
        -- Pull in the wezterm API
        local wezterm = require 'wezterm'
        -- This table will hold the configuration.
        local config = {}
        -- In newer versions of wezterm, use the config_builder which will
        -- help provide clearer error messages
        if wezterm.config_builder then
          config = wezterm.config_builder()
        end
        wezterm.on('toggle-opacity', function(window, pane)
          local overrides = window:get_config_overrides() or {}
          if not overrides.window_background_opacity then
            overrides.window_background_opacity = 0.93
          else
            overrides.window_background_opacity = nil
          end
          window:set_config_overrides(overrides)
        end)
        wezterm.on('toggle-maximize', function(window, pane)
          window:maximize()
        end)
        -- This is where you actually apply your config choices
        config.color_scheme = "Catppuccin Mocha"
        config.font = wezterm.font_with_fallback {
          "JetBrainsMono Nerd Font",
          "FiraCode Nerd Font",
          -- To avoid 'Chinese characters displayed as variant (Japanese) glyphs'
          "Source Han Sans SC",
          "Source Han Sans TC"
        }
        config.hide_tab_bar_if_only_one_tab = true
        config.scrollback_lines = 10000
        config.enable_scroll_bar = true
        config.keys = {
          -- toggle opacity(CTRL + SHIFT + B)
          {
            key = 'B',
            mods = 'CTRL',
            action = wezterm.action.EmitEvent 'toggle-opacity',
          },
          {
            key = 'M',
            mods = 'CTRL',
            action = wezterm.action.EmitEvent 'toggle-maximize',
          },
        }
        config.font_size = ${fontsize}
        -- To resolve issues:
        --   1. https://github.com/ryan4yin/nix-config/issues/26
        --   2. https://github.com/ryan4yin/nix-config/issues/8
        -- Spawn a nushell in login mode via `bash`
        config.default_prog = { '${pkgs.bash}/bin/bash', '--login', '-c', 'nu --login --interactive' }
        return config
      '';
    }
    // (
      if pkgs.stdenv.isDarwin
      then {
        # install wezterm via homebrew on macOS to avoid compilation, dummy package here.
        package = pkgs.hello;
        enableBashIntegration = false;
        enableZshIntegration = false;
      }
      else {}
    );
 }
@@ -1,10 +0,0 @@
 {pkgs-unstable, ...}: {
  # terminal file manager
  programs.yazi = {
    enable = true;
    package = pkgs-unstable.yazi;
    enableBashIntegration = true;
    # TODO: nushellIntegration is broken on release-23.11, wait for master's fix to be released
    enableNushellIntegration = false;
  };
 }
@@ -0,0 +1,3 @@
 {mylib, ...}: {
  imports = mylib.scanPaths ./.;
 }
@@ -0,0 +1,10 @@
 {pkgs, ...}: {
  home.packages = with pkgs; [
    mitmproxy # http/https proxy tool
    insomnia # REST client
    wireshark # network analyzer
    # IDEs
    # jetbrains.idea-community
  ];
 }
@@ -0,0 +1,84 @@
 # Terminal Emulators
 I used to spend a lot of time on terminal emulators, to make them match my taste, but now I found
 that it's not worth it, **Zellij can provide a user-friendly and unified user experience for all
 terminal emulators! without any pain**!
 Currently, I only use the most basic features of terminal emulators, such as true color, graphics
 protocol, etc. Other features such as tabs, scrollback buffer, select/search/copy, etc, are all
 provided by zellij!
 My current terminal emulators are:
 1. kitty: My main terminal emulator.
   1. to select/copy a large mount of text, We should do some tricks via kitty's `scrollback_pager`
      with neovim, it's really painful: <https://github.com/kovidgoyal/kitty/issues/719>
 2. foot: A fast, lightweight and minimalistic Wayland terminal emulator.
   1. foot only do the things a terminal emulator should do, no more, no less.
   1. It's really suitable for tiling window manager or zellij users!
 3. alacritty: A cross-platform, GPU-accelerated terminal emulator.
   1. alacritty is really fast, I use it as a backup terminal emulator on all my desktops.
 ## 'xterm-kitty': unknown terminal type when `ssh` into a remote host or `sudo xxx`
 > https://sw.kovidgoyal.net/kitty/faq/#i-get-errors-about-the-terminal-being-unknown-or-opening-the-terminal-failing-or-functional-keys-like-arrow-keys-don-t-work
 > https://wezfurlong.org/wezterm/config/lua/config/term.html
 kitty set `TERM` to `xterm-kitty` by default, and TUI apps like `viu`, `yazi`, `curses` will try to
 search in the host's [terminfo(terminal capability data base)](https://linux.die.net/man/5/terminfo)
 for value of `TERM` to determine the capabilities of the terminal.
 But when you `ssh` into a remote host, the remote host is very likely to not have `xterm-kitty` in
 its terminfo, so you will get this error:
 ```
 'xterm-kitty': unknown terminal type
 ```
 Or when you `sudo xxx`, `sudo` won't preserve the `TERM` variable, it will be reset to root's
 default `TERM` value, which is `xterm` or `xterm-256color` in most linux distributions, so you will
 get this error:
 ```
 'xterm-256color': unknown terminal type
 ```
 or
 ```
 Error opening terminal: xterm-kitty.
 ```
 NixOS preserve the `TERMINFO` and `TERMINFO_DIRS` environment variables, for `root` and the `wheel`
 group:
 [nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-25.05/nixos/modules/config/terminfo.nix#L18)
 For nix-darwin, take a look at <https://github.com/LnL7/nix-darwin/wiki/Terminfo-issues>
 ### Solutions
 Simplest solution, it will automatically copy over the terminfo files and also magically enable
 shell integration on the remote machine:
 ```
 kitten ssh user@host
 ```
 Or if you do not care about kitty's features(such as true color & graphics protocol), you can simply
 set `TERM` to `xterm-256color`, which is built-in in most linux distributions:
 ```
 export TERM=xterm-256color
 ```
 If you need kitty's features, but do not like the magic of `kitten`, you can manually install
 kitty's terminfo on the remote host:
 ```bash
 # install on ubuntu / debian
 sudo apt-get install kitty-terminfo
 # or copy from local machine
 infocmp -a xterm-kitty | ssh myserver tic -x -o \~/.terminfo /dev/stdin
 ```
@@ -0,0 +1,65 @@
 [colors.primary]
 background = "#1e1e2e"
 foreground = "#cdd6f4"
 dim_foreground = "#7f849c"
 bright_foreground = "#cdd6f4"
 [colors.cursor]
 text = "#1e1e2e"
 cursor = "#f5e0dc"
 [colors.vi_mode_cursor]
 text = "#1e1e2e"
 cursor = "#b4befe"
 [colors.search.matches]
 foreground = "#1e1e2e"
 background = "#a6adc8"
 [colors.search.focused_match]
 foreground = "#1e1e2e"
 background = "#a6e3a1"
 [colors.footer_bar]
 foreground = "#1e1e2e"
 background = "#a6adc8"
 [colors.hints.start]
 foreground = "#1e1e2e"
 background = "#f9e2af"
 [colors.hints.end]
 foreground = "#1e1e2e"
 background = "#a6adc8"
 [colors.selection]
 text = "#1e1e2e"
 background = "#f5e0dc"
 [colors.normal]
 black = "#45475a"
 red = "#f38ba8"
 green = "#a6e3a1"
 yellow = "#f9e2af"
 blue = "#89b4fa"
 magenta = "#f5c2e7"
 cyan = "#94e2d5"
 white = "#bac2de"
 [colors.bright]
 black = "#585b70"
 red = "#f38ba8"
 green = "#a6e3a1"
 yellow = "#f9e2af"
 blue = "#89b4fa"
 magenta = "#f5c2e7"
 cyan = "#94e2d5"
 white = "#a6adc8"
 [[colors.indexed_colors]]
 index = 16
 color = "#fab387"
 [[colors.indexed_colors]]
 index = 17
 color = "#f5e0dc"
@@ -0,0 +1,66 @@
 {
  pkgs,
  pkgs-unstable,
  ...
 }:
 ###########################################################
 #
 # Alacritty Configuration
 #
 # Useful Hot Keys for macOS:
 #   1. Multi-Window: `command + N`
 #   2. Increase Font Size: `command + =` | `command + +`
 #   3. Decrease Font Size: `command + -` | `command + _`
 #   4. Search Text: `command + F`
 #   5. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Useful Hot Keys for Linux:
 #   1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
 #   2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
 #   3. Search Text: `ctrl + shift + N`
 #   4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Note: Alacritty do not have support for Tabs, and any graphic protocol.
 #
 ###########################################################
 {
  programs.alacritty = {
    enable = true;
    package = pkgs-unstable.alacritty;
    # https://alacritty.org/config-alacritty.html
    settings = {
      general.import = [
        ./catppuccin-mocha.toml
      ];
      window = {
        opacity = 0.93;
        startup_mode = "Maximized"; # Maximized window
        dynamic_title = true;
        option_as_alt = "Both"; # Option key acts as Alt on macOS
      };
      scrolling = {
        history = 10000;
      };
      font = {
        bold = {family = "JetBrainsMono Nerd Font";};
        italic = {family = "JetBrainsMono Nerd Font";};
        normal = {family = "JetBrainsMono Nerd Font";};
        bold_italic = {family = "JetBrainsMono Nerd Font";};
        size =
          if pkgs.stdenv.isDarwin
          then 14
          else 13;
      };
      terminal = {
        # Spawn a nushell in login mode via `bash`
        shell = {
          program = "${pkgs.bash}/bin/bash";
          args = ["--login" "-c" "nu --login --interactive"];
        };
        # Controls the ability to write to the system clipboard with the OSC 52 escape sequence.
        # It's used by zellij to copy text to the system clipboard.
        osc52 = "CopyPaste";
      };
    };
  };
 }
@@ -0,0 +1,3 @@
 {mylib, ...}: {
  imports = mylib.scanPaths ./.;
 }
@@ -0,0 +1,72 @@
 {pkgs, ...}: {
  programs.foot = {
    # foot is designed only for Linux
    enable = pkgs.stdenv.isLinux;
    # foot can also be run in a server mode. In this mode, one process hosts multiple windows.
    # All Wayland communication, VT parsing and rendering is done in the server process.
    # New windows are opened by running footclient, which remains running until the terminal window is closed.
    #
    # Advantages to run foot in server mode including reduced memory footprint and startup time.
    # The downside is a performance penalty. If one window is very busy with, for example, producing output,
    # then other windows will suffer. Also, should the server process crash, all windows will be gone.
    server.enable = true;
    # https://man.archlinux.org/man/foot.ini.5
    settings = {
      main = {
        term = "foot"; # or "xterm-256color" for maximum compatibility
        font = "JetBrainsMono Nerd Font:size=14";
        dpi-aware = "yes";
        # Spawn a nushell in login mode via `bash`
        shell = "${pkgs.bash}/bin/bash --login -c 'nu --login --interactive'";
      };
      mouse = {
        hide-when-typing = "yes";
      };
      # https://github.com/catppuccin/foot/blob/main/themes/catppuccin-mocha.ini
      cursor = {
        color = "11111b f5e0dc";
      };
      colors = {
        alpha = "0.93"; # background opacity
        foreground = "cdd6f4";
        background = "1e1e2e";
        regular0 = "45475a";
        regular1 = "f38ba8";
        regular2 = "a6e3a1";
        regular3 = "f9e2af";
        regular4 = "89b4fa";
        regular5 = "f5c2e7";
        regular6 = "94e2d5";
        regular7 = "bac2de";
        bright0 = "585b70";
        bright1 = "f38ba8";
        bright2 = "a6e3a1";
        bright3 = "f9e2af";
        bright4 = "89b4fa";
        bright5 = "f5c2e7";
        bright6 = "94e2d5";
        bright7 = "a6adc8";
        "16" = "fab387";
        "17" = "f5e0dc";
        "selection-foreground" = "cdd6f4";
        "selection-background" = "414356";
        "search-box-no-match" = "11111b f38ba8";
        "search-box-match" = "cdd6f4 313244";
        "jump-labels" = "11111b fab387";
        urls = "89b4fa";
      };
    };
  };
 }
@@ -0,0 +1,41 @@
 {
  pkgs,
  ghostty,
  ...
 }:
 ###########################################################
 #
 # Ghostty Configuration
 #
 ###########################################################
 {
  programs.ghostty = {
    enable = true;
    package =
      if pkgs.stdenv.isDarwin
      then pkgs.hello # pkgs.ghostty is currently broken on darwin
      else pkgs.ghostty; # the stable version
    # package = ghostty.packages.${pkgs.system}.default; # the latest version
    enableBashIntegration = false;
    installBatSyntax = false;
    # installVimSyntax = true;
    settings = {
      theme = "catppuccin-mocha";
      font-family = "JetBrains Mono";
      font-size = 13;
      background-opacity = 0.93;
      # only supported on macOS;
      background-blur-radius = 10;
      scrollback-limit = 20000;
      # https://ghostty.org/docs/config/reference#command
      #  To resolve issues:
      #    1. https://github.com/ryan4yin/nix-config/issues/26
      #    2. https://github.com/ryan4yin/nix-config/issues/8
      #  Spawn a nushell in login mode via `bash`
      command = "${pkgs.bash}/bin/bash --login -c 'nu --login --interactive'";
    };
  };
 }
@@ -7,24 +7,10 @@
 #
 # Kitty Configuration
 #
-# Useful Hot Keys for macOS:
+# Useful Hot Keys for Linux(replace `ctrl + shift` with `cmd` on macOS)):
-#   1. New Tab: `command + t`
+#   1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
-#   2. Close Tab: `command + w`
+#   2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
-#   3. Switch Tab: `shift + command + [` | `shift + command + ]`
+#   3. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #   4. Increase Font Size: `command + =` | `command + +`
 #   5. Decrease Font Size: `command + -` | `command + _`
 #   6. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #   7. Search in the current window(show_scrollback): `ctrl + shift + h`
 #          This will open a pager, it's defined by `scrollback_pager`, default is `less`
 #
 #
 # Useful Hot Keys for Linux:
 #   1. New Tab: `ctrl + shift + t`
 #   2. Close Tab: `ctrl + shift + q`
 #   3. Switch Tab: `ctrl + shift + right` | `ctrl + shift + left`
 #   4. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
 #   5. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
 #   6. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 ###########################################################
 {
@@ -33,7 +19,7 @@
    # kitty has catppuccin theme built-in,
    # all the built-in themes are packaged into an extra package named `kitty-themes`
    # and it's installed by home-manager if `theme` is specified.
-    theme = "Catppuccin-Mocha";
+    themeFile = "Catppuccin-Mocha";
    font = {
      name = "JetBrainsMono Nerd Font";
      # use different font size on macOS
@@ -43,14 +29,15 @@
        else 13;
    };
    # consistent with other terminal emulators
    keybindings = {
      "ctrl+shift+m" = "toggle_maximized";
      "ctrl+shift+f" = "show_scrollback"; # search in the current window
    };
    settings = {
      background_opacity = "0.93";
      macos_option_as_alt = true; # Option key acts as Alt on macOS
      scrollback_lines = 10000;
      enable_audio_bell = false;
      tab_bar_edge = "top"; # tab bar on top
      #  To resolve issues:
@@ -1,12 +1,8 @@
-{username, ...}: {
+{myvars, ...}: {
  imports = [
  ];
  # Home Manager needs a bit of information about you and the
  # paths it should manage.
  home = {
-    inherit username;
+    inherit (myvars) username;
    homeDirectory = "/home/${username}";
    # This value determines the Home Manager release that your
    # configuration is compatible with. This helps avoid breakage
@@ -16,9 +12,6 @@
    # You can update Home Manager without changing this value. See
    # the Home Manager release notes for a list of state version
    # changes in each release.
-    stateVersion = "23.11";
+    stateVersion = "24.11";
  };
  # Let Home Manager install and manage itself.
  programs.home-manager.enable = true;
 }
@@ -1,21 +0,0 @@
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  # a cat(1) clone with syntax highlighting and Git integration.
  programs.bat = {
    enable = true;
    config = {
      pager = "less -FR";
      theme = "catppuccin-mocha";
    };
    themes = {
      # https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme
      catppuccin-mocha = {
        src = nur-ryan4yin.packages.${pkgs.system}.catppuccin-bat;
        file = "Catppuccin-mocha.tmTheme";
      };
    };
  };
 }
@@ -1,97 +0,0 @@
 {pkgs, ...}: {
  home.packages = with pkgs; [
    neofetch
    ranger # terminal file manager(batteries included, with image preview support)
    # archives
    zip
    xz
    unzip
    p7zip
    # networking tools
    mtr # A network diagnostic tool
    iperf3
    dnsutils # `dig` + `nslookup`
    ldns # replacement of `dig`, it provide the command `drill`
    aria2 # A lightweight multi-protocol & multi-source command-line download utility
    socat # replacement of openbsd-netcat
    nmap # A utility for network discovery and security auditing
    ipcalc # it is a calculator for the IPv4/v6 addresses
    # Text Processing
    # Docs: https://github.com/learnbyexample/Command-line-text-processing
    gnugrep # GNU grep, provides `grep`/`egrep`/`fgrep`
    gnused # GNU sed, very powerful(mainly for replacing text in files)
    gawk # GNU awk, a pattern scanning and processing language
    ripgrep # recursively searches directories for a regex pattern
    sad # CLI search and replace, with diff preview, really useful!!!
    delta # A viewer for git and diff output
    # A fast and polyglot tool for code searching, linting, rewriting at large scale
    # supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
    ast-grep
    jq # A lightweight and flexible command-line JSON processor
    yq-go # yaml processer https://github.com/mikefarah/yq
    # misc
    tldr
    cowsay
    file
    which
    tree
    gnutar
    zstd
    caddy
    gnupg
    # nix related
    #
    # it provides the command `nom` works just like `nix
    # with more details log output
    nix-output-monitor
    nodePackages.node2nix
    # productivity
    hugo # static site generator
    glow # markdown previewer in terminal
  ];
  programs = {
    # A modern replacement for ‘ls’
    # useful in bash/zsh prompt, not in nushell.
    eza = {
      enable = true;
      enableAliases = false; # do not enable aliases in nushell!
      git = true;
      icons = true;
    };
    # A command-line fuzzy finder
    fzf = {
      enable = true;
      # https://github.com/catppuccin/fzf
      # catppuccin-mocha
      colors = {
        "bg+" = "#313244";
        "bg" = "#1e1e2e";
        "spinner" = "#f5e0dc";
        "hl" = "#f38ba8";
        "fg" = "#cdd6f4";
        "header" = "#f38ba8";
        "info" = "#cba6f7";
        "pointer" = "#f5e0dc";
        "marker" = "#f5e0dc";
        "fg+" = "#cdd6f4";
        "prompt" = "#cba6f7";
        "hl+" = "#f38ba8";
      };
    };
    # skim provides a single executable: sk.
    # Basically anywhere you would want to use grep, try sk instead.
    skim = {
      enable = true;
      enableBashIntegration = true;
    };
  };
 }
@@ -1,13 +0,0 @@
 {...}: {
  imports = [
    ./shells
    ./tmux
    ./zellij
    ./bat.nix
    ./btop.nix
    ./core.nix
    ./git.nix
    ./starship.nix
  ];
 }
@@ -1,120 +0,0 @@
 # Nushell Config File
 #
 # version = 0.81.1
 # let's define some colors
 # https://github.com/catppuccin/i3/blob/main/themes/catppuccin-mocha
 let rosewater = "#f5e0dc"
 let flamingo  = "#f2cdcd"
 let pink      = "#f5c2e7"
 let mauve     = "#cba6f7"
 let red       = "#f38ba8"
 let maroon    = "#eba0ac"
 let peach     = "#fab387"
 let green     = "#a6e3a1"
 let teal      = "#94e2d5"
 let sky       = "#89dceb"
 let sapphire  = "#74c7ec"
 let blue      = "#89b4fa"
 let lavender  = "#b4befe"
 let text      = "#cdd6f4"
 let subtext1  = "#bac2de"
 let subtext0  = "#a6adc8"
 let overlay2  = "#9399b2"
 let overlay1  = "#7f849c"
 let overlay0  = "#6c7086"
 let surface2  = "#585b70"
 let surface1  = "#45475a"
 let surface0  = "#313244"
 let base      = "#1e1e2e"
 let mantle    = "#181825"
 let crust     = "#11111b"
 # we're creating a theme here that uses the colors we defined above.
 let catppuccin_theme = {
    separator: $overlay2
    leading_trailing_space_bg: $surface2
    header: $red
    date: $pink
    filesize: $green
    row_index: $text
    bool: $peach
    int: $red
    duration: $sky
    range: $sapphire
    float: $lavender
    string: $text
    nothing: $overlay1
    binary: $subtext1
    cellpath: $subtext0
    hints: dark_gray
    shape_garbage: { fg: $overlay2 bg: $red attr: b}
    shape_bool: $maroon
    shape_int: { fg: $pink attr: b}
    shape_float: { fg: $pink attr: b}
    shape_range: { fg: $overlay0 attr: b}
    shape_internalcall: { fg: $maroon attr: b}
    shape_external: $mauve
    shape_externalarg: { fg: $red attr: b}
    shape_literal: $flamingo
    shape_operator: $rosewater
    shape_signature: { fg: $red attr: b}
    shape_string: $red
    shape_filepath: $peach
    shape_globpattern: { fg: $teal attr: b}
    shape_variable: $pink
    shape_flag: { fg: $mauve attr: b}
    shape_custom: {attr: b}
 }
 # The default config record. This is where much of your global configuration is setup.
 $env.config = {
  color_config: $catppuccin_theme  # <-- this is the theme
  use_ansi_coloring: true
  # true or false to enable or disable the welcome banner at startup
  show_banner: false
  table: {
    mode: rounded # basic, compact, compact_double, light, thin, with_love, rounded, reinforced, heavy, none, other
    index_mode: always # "always" show indexes, "never" show indexes, "auto" = show indexes when a table has "index" column
    show_empty: true # show 'empty list' and 'empty record' placeholders for command output
    trim: {
      methodology: wrapping # wrapping or truncating
      wrapping_try_keep_words: true # A strategy used by the 'wrapping' methodology
      truncating_suffix: "..." # A suffix used by the 'truncating' methodology
    }
  }
  completions: {
    case_sensitive: false # set to true to enable case-sensitive completions
    quick: true  # set this to false to prevent auto-selecting completions when only one remains
    partial: true  # set this to false to prevent partial filling of the prompt
    algorithm: "prefix"  # prefix or fuzzy
    external: {
      enable: true # set to false to prevent nushell looking into $env.PATH to find more suggestions, `false` recommended for WSL users as this look up may be very slow
      max_results: 100 # setting it lower can improve completion performance at the cost of omitting some options
      completer: null # check 'carapace_completer' above as an example
    }
  }
  filesize: {
    metric: true # true => KB, MB, GB (ISO standard), false => KiB, MiB, GiB (Windows standard)
    format: "auto" # b, kb, kib, mb, mib, gb, gib, tb, tib, pb, pib, eb, eib, zb, zib, auto
  }
  cursor_shape: {
    emacs: line # block, underscore, line, blink_block, blink_underscore, blink_line (line is the default)
    vi_insert: block # block, underscore, line , blink_block, blink_underscore, blink_line (block is the default)
    vi_normal: underscore # block, underscore, line, blink_block, blink_underscore, blink_line (underscore is the default)
  }
  use_grid_icons: true
  footer_mode: "25" # always, never, number_of_rows, auto
  float_precision: 2 # the precision for displaying floats in tables
  # buffer_editor: "emacs" # command that will be used to edit the current line buffer with ctrl+o, if unset fallback to $env.EDITOR and $env.VISUAL
  bracketed_paste: true # enable bracketed paste, currently useless on windows
  edit_mode: emacs # emacs, vi
  shell_integration: true # enables terminal markers and a workaround to arrow keys stop working issue
  render_right_prompt_on_last_line: false # true or false to enable or disable right prompt to be rendered on last line of the prompt.
 }
@@ -1,61 +0,0 @@
 {pkgs, ...}: {
  programs.tmux = {
    enable = true;
    shell = "${pkgs.nushell}/bin/nu";
    # Resize the window to the size of the smallest session for which it is the current window.
    #
    aggressiveResize = true;
    # https://github.com/tmux-plugins/tmux-sensible
    # tmux-sensible overwrites default tmux shortcuts, makes them more sane.
    sensibleOnTop = true;
    # https://github.com/sxyazi/yazi/wiki/Image-preview-within-tmux
    extraConfig = ''
      set -g allow-passthrough on
      set -ga update-environment TERM
      set -ga update-environment TERM_PROGRAM
    '';
    # keyMode = "vi";  # default is emacs
    baseIndex = 1; # start index from 1
    escapeTime = 0; # do not wait for escape key
    plugins = with pkgs.tmuxPlugins; [
      {
        # theme
        # https://github.com/catppuccin/tmux
        plugin = catppuccin;
        extraConfig = ''
          set -g @catppuccin_flavour 'mocha' # or frappe, macchiato, mocha
          set -g @catppuccin_window_status_enable "yes"
        '';
      }
      # https://github.com/tmux-plugins/tmux-yank
      # Enables copying to system clipboard.
      yank
      {
        # https://github.com/tmux-plugins/tmux-resurrect
        # Manually persists tmux environment across system restarts.
        #   prefix + Ctrl-s - save
        #   prefix + Ctrl-r - restore
        #
        plugin = resurrect;
        # Restore Neovim sessions
        extraConfig = "set -g @resurrect-strategy-nvim 'session'";
      }
      # set -g @plugin 'tmux-plugins/tmux-cpu'
      {
        plugin = cpu;
        extraConfig = ''
          set -g status-right '#{cpu_bg_color} CPU: #{cpu_icon} #{cpu_percentage} | %a %h-%d %H:%M '
        '';
      }
    ];
  };
 }
@@ -1,7 +0,0 @@
 _: {
  programs.zellij = {
    enable = true;
  };
  xdg.configFile."zellij/config.kdl".source = ./config.kdl;
 }
@@ -0,0 +1,42 @@
 {
  lib,
  pkgs,
  ...
 }: {
  # https://developer.hashicorp.com/terraform/cli/config/config-file
  home.file.".terraformrc".source = ./terraformrc;
  home.packages = with pkgs; [
    # infrastructure as code
    # pulumi
    # pulumictl
    # tf2pulumi
    # crd2pulumi
    # pulumiPackages.pulumi-random
    # pulumiPackages.pulumi-command
    # pulumiPackages.pulumi-aws-native
    # pulumiPackages.pulumi-language-go
    # pulumiPackages.pulumi-language-python
    # pulumiPackages.pulumi-language-nodejs
    # aws
    awscli2
    ssm-session-manager-plugin # Amazon SSM Session Manager Plugin
    aws-iam-authenticator
    eksctl
    # aliyun
    aliyun-cli
    # digitalocean
    doctl
    # google cloud
    (google-cloud-sdk.withExtraComponents (with google-cloud-sdk.components; [
      gke-gcloud-auth-plugin
    ]))
    # cloud tools that nix do not have cache for.
    terraform
    terraformer # generate terraform configs from existing cloud resources
    packer # machine image builder
  ];
 }
@@ -0,0 +1,2 @@
 plugin_cache_dir   = "$HOME/.terraform.d/plugin-cache"
 disable_checkpoint = true
@@ -0,0 +1,62 @@
 {
  pkgs,
  pkgs-unstable,
  nur-ryan4yin,
  ...
 }: {
  home.packages = with pkgs; [
    docker-compose
    dive # explore docker layers
    lazydocker # Docker terminal UI.
    skopeo # copy/sync images between registries and local storage
    go-containerregistry # provides `crane` & `gcrane`, it's similar to skopeo
    kubectl
    kubectx # kubectx & kubens
    kubectl-view-secret # kubectl view-secret
    kubectl-tree # kubectl tree
    kubectl-node-shell # exec into node
    kubepug # kubernetes pre upgrade checker
    k8sgpt
    nur-ryan4yin.packages.${pkgs.system}.kubectl-ai # an ai helper opensourced by google
    kubebuilder
    istioctl
    clusterctl # for kubernetes cluster-api
    kubevirt # virtctl
    kubernetes-helm
    fluxcd
    argocd
    ko # build go project to container image
  ];
  programs = {
    k9s = {
      enable = true;
      # https://k9scli.io/topics/aliases/
      # aliases = {};
      settings = {
        skin = "catppuccino-mocha";
      };
      skins.catppuccin-mocha = let
        skin_file = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-k9s}/dist/mocha.yml"; # theme - catppuccin mocha
        skin_attr = builtins.fromJSON (
          builtins.readFile
          # replace 'base: &base "#1e1e2e"' with 'base: &base "default"'
          # to make fg/bg color transparent. "default" means transparent in k9s skin.
          (pkgs.runCommandNoCC "get-skin-json" {} ''
            cat ${skin_file} \
              |  sed -E 's@(base: &base ).+@\1 "default"@g' \
              | ${pkgs.yj}/bin/yj > $out
          '')
        );
      in
        skin_attr;
    };
    kubecolor = {
      enable = true;
      enableAlias = true;
    };
  };
 }
@@ -0,0 +1,3 @@
 {mylib, ...}: {
  imports = mylib.scanPaths ./.;
 }
@@ -0,0 +1,62 @@
 {
  pkgs,
  pkgs-unstable,
  ...
 }: {
  #############################################################
  #
  #  Basic settings for development environment
  #
  #  Please avoid to install language specific packages here(globally),
  #  instead, install them:
  #     1. per IDE, such as `programs.neovim.extraPackages`
  #     2. per-project, using https://github.com/the-nix-way/dev-templates
  #
  #############################################################
  home.packages = with pkgs; [
    colmena # nixos's remote deployment tool
    # db related
    pkgs-unstable.mycli
    pkgs-unstable.pgcli
    mongosh
    sqlite
    # embedded development
    minicom
    # ai related
    pkgs-unstable.python313Packages.huggingface-hub # huggingface-cli
    # misc
    pkgs-unstable.devbox
    bfg-repo-cleaner # remove large files from git history
    k6 # load testing tool
    protobuf # protocol buffer compiler
    # solve coding extercises - learn by doing
    exercism
    # Automatically trims your branches whose tracking remote refs are merged or gone
    # It's really useful when you work on a project for a long time.
    git-trim
    gitleaks
    # need to run `conda-install` before using it
    # need to run `conda-shell` before using command `conda`
    # conda is not available for MacOS
    conda
  ];
  programs = {
    direnv = {
      enable = true;
      nix-direnv.enable = true;
      enableZshIntegration = true;
      enableBashIntegration = true;
      enableNushellIntegration = true;
    };
  };
 }
@@ -0,0 +1,75 @@
 # Editors Glossary
 ### LSP - Language Server Protocol
 > https://en.wikipedia.org/wiki/Language_Server_Protocol
 > https://langserver.org/
 The Language Server Protocol (LSP) is an open, JSON-RPC-based protocol for use between source code
 editors or integrated development environments (IDEs) and servers that provide programming
 language-specific features like:
 - motions such as go-to-definition, find-references, hover.
 - **code completion**
 - **marking of warnings and errors**
 - **refactoring routines**
 - syntax highlighting (use Tree-sitter instead)
 - code formatting (use a dedicated formatter instead)
 The goal of the protocol is to allow programming language support to be implemented and distributed
 independently of any given editor or IDE.
 LSP was originally developed for Microsoft Visual Studio Code and is now an open standard. In the
 early 2020s LSP quickly became a "norm" for language intelligence tools providers.
 ### Tree-sitter
 > https://tree-sitter.github.io/tree-sitter/
 > https://www.reddit.com/r/neovim/comments/1109wgr/treesitter_vs_lsp_differences_ans_overlap/
 Tree-sitter is a parser generator tool and an **incremental parsing** library. It can build a
 concrete syntax tree for a source file and efficiently update the syntax tree as the source file is
 edited.
 It is used by many editors and IDEs to provide:
 - **syntax highlighting**
 - **indentation**
 - **creating foldable code regions**
 - **Incremental selection**
 - **simple refactoring in a single file**
  - such as join/split lines, structural editing, cursor motion, etc.
 **Treesitter process each file independently**, and it is not aware of the semantics of your code.
 For example, it does not know does a function/variable really exist, or what is the type/return-type
 of a variable. This is where LSP comes in.
 The LSP server parses the code much more deeply and it **not only parses a single file but your
 whole project**. So, the LSP server will know whether a function/variable does exist with the same
 type/return-type. If it does not, it will mark it as an error.
 **LSP does understand the code semantically, while Treesitter only cares about correct syntax**.
 #### LSP vs Tree-sitter
 - Tree-sitter: lightweight, fast, but limited knowledge of your code. mainly used for **syntax
  highlighting, indentation, and folding/refactoring in a single file**.
 - LSP: heavy and slow on large projects, but it has a deep understanding of your code. mainly used
  for **code completion, refactoring in the projects, errors/warnings, and other semantic-aware
  features**.
 ### Formatter vs Linter
 Linting is distinct from Formatting because:
 1. **formatting** only restructures how code appears.
   1. `prettier` is a popular formatter.
 1. **linting** analyzes how the code runs and detects errors, it may also suggest improvements such
   as replace `var` with `let` or `const`.
 Formatters and Linters process each file independently, they do not need to know about other files
 in the project.
 - [ ]
@@ -0,0 +1,214 @@
 # Editors
 My editors:
 1. Neovim
 2. Helix
 And `Zellij` for a smooth and stable terminal experience.
 ## Tips
 1. Many useful keys are already provided by vim, check vim/neovim's docs before you install a new
   plugin / reinvent the wheel.
 1. After using Emacs/Neovim more skillfully, I strongly recommend that you read the official
   documentation of Neovim/vim:
   1. <https://vimhelp.org/>: The official vim documentation.
   1. <https://neovim.io/doc/user/>: Neovim's official user documentation.
 1. Use Zellij for terminal related operations, and use Neovim/Helix for editing.
 1. As for Emacs, Use its GUI version & terminal emulator `vterm` for terminal related operations.
 1. Two powerful file search & jump tools:
 1. Tree-view plugins are beginner-friendly and intuitive, but they're not very efficient.
 1. **Search by the file path**: Useful when you're familiar with the project structure, especially
   on a large project.
 1. **Search by the content**: Useful when you're familiar with the code.
 ## Tutorial
 Type `:tutor`(`:Tutor` in Neovim) to learn the basics usage of vim/neovim.
 ## VIM's Cheetsheet
 > Here only record my commonly used keys, to see **a more comprehensive cheetsheet**:
 > <https://vimhelp.org/quickref.txt.html>
 Both Emacs-Evil & Neovim are compatible with vim, sothe key-bindings described here are common in
 both Emacs-Evil, Neovim & vim.
 ### Terminal Related
 I mainly use Zellij for terminal related operations, here is its terminal shortcuts I use frequently
 now:
 | Action                    | Zellij's Shortcut |
 | ------------------------- | ----------------- |
 | Floating Terminal         | `Ctrl + p + w`    |
 | Horizontal Split Terminal | `Ctrl + p + d`    |
 | Vertical Split Terminal   | `Ctrl + p + n`    |
 | Execute a command         | `!xxx`            |
 ### File Management
 > <https://neovim.io/doc/user/usr_22.html>
 > <https://vimhelp.org/editing.txt.html>
 | Action                              |                                                  |
 | ----------------------------------- | ------------------------------------------------ |
 | Save selected text to a file        | `:w filename` (Will show `:'<,'>w filename`)     |
 | Save and close the current buffer   | `:wq`                                            |
 | Save all buffers                    | `:wa`                                            |
 | Save and close all buffers          | `:wqa`                                           |
 | Edit a file                         | `:e filename`(or `:e <TAB>` to show a file list) |
 | Browse the file list                | `:Ex` or `:e .`                                  |
 | Discard changes and reread the file | `:e!`                                            |
 ### Motion
 > https://vimhelp.org/motion.txt.html
 | Action                                              | Command                                            |
 | --------------------------------------------------- | -------------------------------------------------- |
 | Move to the start/end of the buffer                 | `gg`/`G`                                           |
 | Move the line number 5                              | `5gg` / `5G`                                       |
 | Move left/down/up/right                             | h/j/k/l or `5h`/`5j`/`5k`/`5l` or `Ctr-n`/`Ctrl-p` |
 | Move to the matchpairs, default to `()`, `{}`, `[]` | `%`                                                |
 | Move to the start/end of the line                   | `0` / `$`                                          |
 | Move a sentence forward/backward                    | `(` / `)`                                          |
 | Move a paragraph forward/backward                   | `{` / `}`                                          |
 | Move a section forward/backward                     | `[[` / `]]`                                        |
 | Jump to various positions                           | `'` + some other keys(neovim has prompt)           |
 Text Objects:
 - **sentence**: text ending at a '.', '!' or '?' followed by either the end of a line, or by a space
  or tab.
 - **paragraph**: text ending at a blank line.
 - **section**: text starting with a section header and ending at the start of the next section
  header (or at the end of the file). - The "`]]`" and "`[[`" commands stop at the '`{`' in the
  first column. This is useful to find the start of a function in a C/Go/Java/... program.
 ### Text Manipulation
 Basics:
 | Action                                  |                            |
 | --------------------------------------- | -------------------------- |
 | Delete the current character            | `x`                        |
 | Paste the copied text                   | `p`                        |
 | Delete the selection                    | `d`                        |
 | Undo the last word                      | `CTRL-w`(in insert mode)   |
 | Undo the last line                      | `CTRL-u`(in insert mode)   |
 | Undo the last change                    | `u`                        |
 | Redo the last change                    | `Ctrl + r`                 |
 | Inserts the text of the previous insert | `Ctrl + a`                 |
 | Repeat the last command                 | `.`                        |
 | Toggle text's case                      | `~`                        |
 | Convert to uppercase                    | `U` (visual mode)          |
 | Convert to lowercase                    | `u` (visual mode)          |
 | Align the selected content              | `:center`/`:left`/`:right` |
 Misc:
 | Action                        | Shortcut                                 |
 | ----------------------------- | ---------------------------------------- |
 | Toggle visual mode            | `v` (lower case v)                       |
 | Select the current line       | `V` (upper case v)                       |
 | Toggle visual block mode      | `<Ctrl> + v` (select a block vertically) |
 | Fold the current code block   | `zc`                                     |
 | Unfold the current code block | `zo`                                     |
 | Jump to Definition            | `gd`                                     |
 | Jump to References            | `gD`                                     |
 | (Un)Comment the current line  | `gcc`                                    |
 | Action                                                                    |                |
 | ------------------------------------------------------------------------- | -------------- |
 | Sort the selected lines                                                   | `:sort`        |
 | Join Selection of Lines With Space                                        | `:join` or `J` |
 | Join without spaces                                                       | `:join!`       |
 | Enter Insert mode at the start/end of the line                            | `I` / `A`      |
 | Delete from the cursor to the end of the line                             | `D`            |
 | Delete from the cursor to the end of the line, and then enter insert mode | `C`            |
 Advance Techs:
 - Add at the end of multiple lines: `:normal A<text>`
  - Execublock: `:A<text>`
  - visual block mode(ctrl + v)
  - Append text at the end of each line in the selected block
  - If position exceeds line end, neovim adds spaces automatically
 - Delete the last char of multivle lines: `:normal $x`
  - Execute `$x` on each line
  - visual mode(v)
  - `$` moves cursor to the end of line
  - `x` deletes the character under the cursor
 - Delete the last word of multiple lines: `:normal $bD`
  - Execute `$bD` on each line
  - visual mode(v)
  - `$` moves cursor to the end of line
  - `b` moves cursor to the beginning of the last word
 ### Search
 | Action                                                | Command   |
 | ----------------------------------------------------- | --------- |
 | Search forward/backword for a pattern                 | `/` / `?` |
 | Repeat the last search in the same/opposite direction | `n` / `N` |
 ### Find and Replace
 | Action                           | Command                             |
 | -------------------------------- | ----------------------------------- |
 | Replace in selected area         | `:s/old/new/g`                      |
 | Replace in current line          | Same as above                       |
 | Replace all the lines            | `:% s/old/new/g`                    |
 | Replace all the lines with regex | `:% s@\vhttp://(\w+)@https://\1@gc` |
 1. `\v` means means that in the regex pattern after it can be used without backslash
   escaping(similar to python's raw string).
 2. `\1` means the first matched group in the pattern.
 ### Replace in the specific lines
 | Action                                    | Command                                |
 | ----------------------------------------- | -------------------------------------- |
 | From the 10th line to the end of the file | `:10,$ s/old/new/g` or `:10,$ s@^@#@g` |
 | From the 10th line to the 20th line       | `:10,20 s/old/new/g`                   |
 | Remove the trailing spaces                | `:% s/\s\+$//g`                        |
 The postfix(flags) in the above commands:
 1. `g` means replace all the matched strings in the current line/file.
 2. `c` means ask for confirmation before replacing.
 3. `i` means ignore case.
 ### Buffers, Windows and Tabs
 > <https://neovim.io/doc/user/usr_08.html>
 > <https://vimhelp.org/windows.txt.html>
 - A buffer is the in-memory text of a file.
 - A window is a viewport on a buffer.
 - A tab page is a collection of windows.
 | Action                              | Command                             |
 | ----------------------------------- | ----------------------------------- |
 | Split the window horizontally       | `:sp[lit]` or `:sp filename`        |
 | Split the window horizontally       | `:vs[plit]` or `:vs filename`       |
 | Switch to the next/previous window  | `Ctrl-w + w` or `Ctrl-w + h/j/k/l`  |
 | Show all buffers                    | `:ls`                               |
 | show next/previous buffer           | `]b`/`[b` or `:bn[ext]` / `bp[rev]` |
 | New Tab(New Workspace in DoomEmacs) | `:tabnew`                           |
 | Next/Previews Tab                   | `gt`/`gy`                           |
 ### History
 | Action                   | Command |
 | ------------------------ | ------- |
 | Show the command history | `q:`    |
 | Show the search history  | `q/`    |
@@ -0,0 +1,23 @@
 # Structured Editing
 ## S-expression data(Lisp)
 - paredit/[lispy](https://github.com/doomemacs/doomemacs/tree/master/modules/editor/lispy): too
  complex.
 - [evil-cleverparens](https://github.com/emacs-evil/evil-cleverparens): simple and useful.
 - [parinfer(par-in-fer)](https://shaunlebron.github.io/parinfer/): modern, simple, elegant and
  useful, but works not well with some other completion plugins...
  - to make parinfer works, you should disable sexp & smartparens in any lisp mode.
 Some plugins:
 - Neovim
  - [parinfer-rust](https://github.com/eraserhd/parinfer-rust)
  - <https://github.com/Olical/conjure>
 - Helix
  - [parinfer #4090 - Helix](https://github.com/helix-editor/helix/discussions/4090)
 ## Other Languages
 1. treesitter
 1. ...
@@ -0,0 +1,3 @@
 {mylib, ...}: {
  imports = mylib.scanPaths ./.;
 }
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1,3 @@`
							`# https://github.com/github-linguist/linguist/blob/master/docs/overrides.md`

							`home/linux/desktop/i3/conf/polybar/** linguist-vendored`
		`@@ -0,0 +1,3 @@`
							`# Editors`

							`See [desktop/editors/](../../desktop/editors/) for more details.`
		`@@ -0,0 +1,2 @@`
							`plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"`
							`disable_checkpoint = true`