feat: start clash-verge on login

feat: use mainGateway for idols-ai, rename defaultGateway to proxyGateway
feat: install clash verge on all nixos desktop hosts
2026-05-28 18:39:31 +02:00 · 2025-08-11 00:42:10 +08:00 · 2025-08-11 00:32:08 +08:00 · 2025-08-11 00:18:29 +08:00 · 2025-08-10 13:27:20 +08:00 · 2025-08-10 13:23:56 +08:00
823 changed files with 40223 additions and 68114 deletions
@@ -1,5 +1,10 @@
 .Trash-1000/
 result
 result/
 .direnv/
 .DS_Store
 .pre-commit-config.yaml
 logs/
 core*
 !core/
 !core.nix
@@ -9,6 +9,26 @@ binary = false
 extend-ignore-re = [
  "iterm2",
  "iHgEIBYKACAWIQSizQe9ljFEyyclWmtVhZllwnQrSwUCZZ1T9wIdAAAKCRBVhZll", # crypto keys
-  "noice", # noice.nvim
+  "noice",                                                            # noice.nvim
  "crypted-nixos",
  "daed",
  # catppuccin theme colors
  "11111b",
  "1e1e2e",
  "313244",
  "414356",
  "45475a",
  "585b70",
  "89b4fa",
  "94e2d5",
  "a6adc8",
  "a6e3a1",
  "bac2de",
  "cdd6f4",
  "f38ba8",
  "f5c2e7",
  "f5e0dc",
  "f9e2af",
  "fab387",
 ]
@@ -1,57 +1,106 @@
 # just is a command runner, Justfile is very similar to Makefile, but simpler.
-# use nushell for shell commands
+# Use nushell for shell commands
 # To use this justfile, you need to enter a shell with just & nushell installed:
 # 
 #   nix shell nixpkgs#just nixpkgs#nushell
 set shell := ["nu", "-c"]
 utils_nu := absolute_path("utils.nu")
 ############################################################################
 #
 #  Common commands(suitable for all machines)
 #
 ############################################################################
-# Remote deployment via colmena
+# List all the just commands
-col tag:
+default:
-  colmena apply --on '@{{tag}}' --verbose --show-trace
+    @just --list
 local name mode="default":
  use utils.nu *; \
  nixos-switch {{name}} {{mode}}
 # Run eval tests
 [group('nix')]
 test:
  nix eval .#evalTests --show-trace --print-build-logs --verbose
-# update all the flake inputs
+# Update all the flake inputs
 [group('nix')]
 up:
-  nix flake update
+  nix flake update --commit-lock-file
 # Update specific input
 # Usage: just upp nixpkgs
 [group('nix')]
 upp input:
-  nix flake update {{input}}
+  nix flake update {{input}} --commit-lock-file
 # List all generations of the system profile
 [group('nix')]
 history:
  nix profile history --profile /nix/var/nix/profiles/system
 # Open a nix shell with the flake
 [group('nix')]
 repl:
  nix repl -f flake:nixpkgs
 # remove all generations older than 7 days
 # on darwin, you may need to switch to root user to run this command
 [group('nix')]
 clean:
  # Wipe out NixOS's history
  sudo nix profile wipe-history --profile /nix/var/nix/profiles/system  --older-than 7d
  # Wipe out home-manager's history
  nix profile wipe-history --profile $"($env.XDG_STATE_HOME)/nix/profiles/home-manager" --older-than 7d
 # Garbage collect all unused nix store entries
 [group('nix')]
 gc:
-  # garbage collect all unused nix store entries
+  # garbage collect all unused nix store entries(system-wide)
-  sudo nix store gc --debug
+  sudo nix-collect-garbage --delete-older-than 7d
-  sudo nix-collect-garbage --delete-old
+  # garbage collect all unused nix store entries(for the user - home-manager)
  # https://github.com/NixOS/nix/issues/8508
  nix-collect-garbage --delete-older-than 7d
-# Remove all reflog entries and prune unreachable objects
+# Enter a shell session which has all the necessary tools for this flake
-gitgc:
+[linux]
-  git reflog expire --expire-unreachable=now --all
+[group('nix')]
-  git gc --prune=now
+shell:
  nix shell nixpkgs#git nixpkgs#neovim nixpkgs#colmena
 # Enter a shell session which has all the necessary tools for this flake
 [macos]
 [group('nix')]
 shell:
  nix shell nixpkgs#git nixpkgs#neovim
 [group('nix')]
 fmt:
  # format the nix files in this repo
  ls **/*.nix | each { |it| nixfmt $it.name }
 # Show all the auto gc roots in the nix store
 [group('nix')]
 gcroot:
  ls -al /nix/var/nix/gcroots/auto/
 # Verify all the store entries
 # Nix Store can contains corrupted entries if the nix store object has been modified unexpectedly.
 # This command will verify all the store entries,
 # and we need to fix the corrupted entries manually via `sudo nix store delete <store-path-1> <store-path-2> ...`
 [group('nix')]
 verify-store:
  nix store verify --all
 # Repair Nix Store Objects
 [group('nix')]
 repair-store *paths:
  nix store repair {{paths}}
 # Update all Nixpkgs inputs
 [group('nix')]
 up-nix:
  nix flake update nixpkgs nixpkgs-stable nixpkgs-unstable nixpkgs-darwin nixpkgs-ollama
 ############################################################################
 #
@@ -60,61 +109,62 @@ gitgc:
 ############################################################################
 [linux]
-i3 mode="default":
+[group('desktop')]
  use utils.nu *; \
  nixos-switch ai-i3 {{mode}}
 [linux]
 hypr mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *;
  nixos-switch ai-hyprland {{mode}}
 [linux]
 s-i3 mode="default":
  use utils.nu *; \
  nixos-switch shoukei-i3 {{mode}}
 [linux]
 [group('desktop')]
 s-hypr mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *;
  nixos-switch shoukei-hyprland {{mode}}
 ############################################################################
 #
-#  Darwin related commands, harmonica is my macbook pro's hostname
+#  Darwin related commands
 #
 ############################################################################
 [macos]
 [group('desktop')]
 darwin-set-proxy:
  sudo python3 scripts/darwin_set_proxy.py
  sleep 1sec
 [macos]
 [group('desktop')]
 darwin-rollback:
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-rollback
 # Deploy to harmonica(macOS host)
 [macos]
 ha mode="default":
  use utils.nu *; \
  darwin-build "harmonica" {{mode}}; \
  darwin-switch "harmonica" {{mode}}
 # Depoly to fern(macOS host)
 [macos]
-fe mode="default": darwin-set-proxy
+[group('desktop')]
-  use utils.nu *; \
+fe mode="default": 
-  darwin-build "fern" {{mode}}; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-build "fern" {{mode}};
  darwin-switch "fern" {{mode}}
-# Reload yabai and skhd(macOS)
+# Depoly to frieren(macOS host)
 [macos]
-yabai-reload:
+[group('desktop')]
-  launchctl kickstart -k "gui/502/org.nixos.yabai";
+fr mode="default": 
-  launchctl kickstart -k "gui/502/org.nixos.skhd"; 
+  #!/usr/bin/env nu
  use {{utils_nu}} *;
  darwin-build "frieren" {{mode}};
  darwin-switch "frieren" {{mode}}
 # Reset launchpad to force it to reindex Applications
 [macos]
 [group('desktop')]
 reset-launchpad:
  defaults write com.apple.dock ResetLaunchPad -bool true
  killall Dock
 ############################################################################
 #
@@ -122,34 +172,67 @@ yabai-reload:
 #
 ############################################################################
 # Remote deployment via colmena
 [linux]
 [group('homelab')]
 col tag:
  colmena apply --on '@{{tag}}' --verbose --show-trace
 [linux]
 [group('homelab')]
 local name mode="default":
  #!/usr/bin/env nu
  use {{utils_nu}} *;
  nixos-switch {{name}} {{mode}}
 # Build and upload a vm image
 [linux]
 [group('homelab')]
 upload-vm name mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *;
  upload-vm {{name}} {{mode}}
 # Deploy all the KubeVirt nodes(Physical machines running KubeVirt)
 [linux]
 [group('homelab')]
 lab:
  colmena apply --on '@virt-*' --verbose --show-trace
 [linux]
 [group('homelab')]
 shoryu:
  colmena apply --on '@kubevirt-shoryu' --verbose --show-trace
 [linux]
 [group('homelab')]
 shoryu-local mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kubevirt-shoryu {{mode}}
 [linux]
 [group('homelab')]
 shushou:
  colmena apply --on '@kubevirt-shushou' --verbose --show-trace
 [linux]
 [group('homelab')]
 shushou-local mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kubevirt-shushou {{mode}}
 [linux]
 [group('homelab')]
 youko:
  colmena apply --on '@kubevirt-youko' --verbose --show-trace
 [linux]
 [group('homelab')]
 youko-local mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kubevirt-youko {{mode}}
 ############################################################################
@@ -159,31 +242,49 @@ youko-local mode="default":
 ############################################################################
 # Build and upload a vm image
 [linux]
 [group('homelab')]
 upload-idols mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  upload-vm aquamarine {{mode}}
  upload-vm ruby {{mode}}
  upload-vm kana {{mode}}
 [linux]
 [group('homelab')]
 aqua:
  colmena apply --on '@aqua' --verbose --show-trace
 [linux]
 [group('homelab')]
 aqua-local mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch aquamarine {{mode}}
 [linux]
 [group('homelab')]
 ruby:
  colmena apply --on '@ruby' --verbose --show-trace
 [linux]
 [group('homelab')]
 ruby-local mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch ruby {{mode}}
 [linux]
 [group('homelab')]
 kana:
  colmena apply --on '@kana' --verbose --show-trace
 [linux]
 [group('homelab')]
 kana-local mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
  use {{utils_nu}} *; 
  nixos-switch kana {{mode}}
 ############################################################################
@@ -193,136 +294,109 @@ kana-local mode="default":
 ############################################################################
 # Build and upload a vm image
-upload-k3s mode="default":
+[linux]
-  use utils.nu *; \
+[group('homelab')]
-  upload-vm k3s-prod-1-master-1 {{mode}}; \
+upload-k3s-prod mode="default":
-  upload-vm k3s-prod-1-master-2 {{mode}}; \
+  #!/usr/bin/env nu
-  upload-vm k3s-prod-1-master-3 {{mode}}; \
+  use {{utils_nu}} *; 
-  upload-vm k3s-prod-1-worker-1 {{mode}}; \
+  upload-vm k3s-prod-1-master-1 {{mode}}; 
-  upload-vm k3s-prod-1-worker-2 {{mode}}; \
+  upload-vm k3s-prod-1-master-2 {{mode}}; 
  upload-vm k3s-prod-1-master-3 {{mode}}; 
  upload-vm k3s-prod-1-worker-1 {{mode}}; 
  upload-vm k3s-prod-1-worker-2 {{mode}}; 
  upload-vm k3s-prod-1-worker-3 {{mode}};
 [linux]
 [group('homelab')]
 upload-k3s-test mode="default":
-  use utils.nu *; \
+  #!/usr/bin/env nu
-  upload-vm k3s-test-1-master-1 {{mode}}; \
+  use {{utils_nu}} *; 
-  upload-vm k3s-test-1-master-2 {{mode}}; \
+  upload-vm k3s-test-1-master-1 {{mode}}; 
  upload-vm k3s-test-1-master-2 {{mode}}; 
  upload-vm k3s-test-1-master-3 {{mode}};
-k3s:
+[linux]
-  colmena apply --on '@k3s-*' --verbose --show-trace
+[group('homelab')]
-
+k3s-prod:
-master:
+  colmena apply --on '@k3s-prod-*' --verbose --show-trace
  colmena apply --on '@k3s-prod-1-master-*' --verbose --show-trace
 worker:
  colmena apply --on '@k3s-prod-1-worker-*' --verbose --show-trace
 [linux]
 [group('homelab')]
 k3s-test:
  colmena apply --on '@k3s-test-*' --verbose --show-trace
-############################################################################
+# =================================================
 #
-#  RISC-V related commands
+# Other useful commands
 #
-############################################################################
+# =================================================
 riscv:
  colmena apply --on '@riscv' --verbose --show-trace
 nozomi:
  colmena apply --on '@nozomi' --verbose --show-trace
 yukina:
  colmena apply --on '@yukina' --verbose --show-trace
 ############################################################################
 #
 # Aarch64 related commands
 #
 ############################################################################
 rakushun:
  colmena apply --on '@rakushun' --build-on-target --verbose --show-trace
 rakushun-local mode="default":
  use utils.nu *; \
  nixos-switch rakushun {{mode}}
 suzu-set-proxy:
  ip route del default via 192.168.5.1
  ip route add default via 192.168.5.178
 suzu-unset-proxy:
  ip route del default via 192.168.5.178
  ip route add default via 192.168.5.1
 suzu-local mode="default":
  use utils.nu *; \
  nixos-switch suzu {{mode}}
 ############################################################################
 #
 #  Misc, other useful commands
 #
 ############################################################################
 fmt:
  # format the nix files in this repo
  nix fmt
 [group('common')]
 path:
   $env.PATH | split row ":"
-nvim-test:
+[group('common')]
-  rm -rf $"($env.HOME)/.config/nvim"
+trace-access app *args:
-  rsync -avz --copy-links --chmod=D2755,F744 home/base/tui/editors/neovim/nvim/ $"($env.HOME)/.config/nvim/"
+  strace -f -t -e trace=file {{app}} {{args}} | complete | $in.stderr | lines | find -v -r "(/nix/store|/newroot|/proc)" | parse --regex '"(/.+)"' | sort | uniq
-nvim-clean:
+[linux]
-  rm -rf $"($env.HOME)/.config/nvim"
+[group('common')]
 penvof pid:
  sudo cat $"/proc/($pid)/environ" | tr '\0' '\n'
-# =================================================
+# Remove all reflog entries and prune unreachable objects
-# Emacs related commands
+[group('git')]
-# =================================================
+ggc:
-
+  git reflog expire --expire-unreachable=now --all
-emacs-plist-path := "~/Library/LaunchAgents/org.nix-community.home.emacs.plist"
+  git gc --prune=now
 reload-emacs-cmd := if os() == "macos" {
    "launchctl unload " + emacs-plist-path
    + "\n"
    + "launchctl load " + emacs-plist-path
    + "\n"
    + "tail -f ~/Library/Logs/emacs-daemon.stderr.log"
  } else {
    "systemctl --user restart emacs.service"
    + "\n"
    + "systemctl --user status emacs.service"
  }
 emacs-test:
  rm -rf $"($env.HOME)/.config/doom"
  rsync -avz --copy-links --chmod=D2755,F744 home/base/tui/editors/emacs/doom/ $"($env.HOME)/.config/doom/"
  doom clean
  doom sync
 emacs-clean:
  rm -rf $"($env.HOME)/.config/doom/"
 emacs-purge:
  doom purge
  doom clean
  doom sync
 emacs-reload:
  doom sync
  {{reload-emacs-cmd}}
 # =================================================
 #
 # Kubernetes related commands
 #
 # =================================================
 # Amend the last commit without changing the commit message
 [group('git')]
 game:
  git commit --amend -a --no-edit
 # Delete all failed pods
 [group('k8s')]
 del-failed:
-   kubectl delete pod --all-namespaces --field-selector="status.phase==Failed"
+  kubectl delete pod --all-namespaces --field-selector="status.phase==Failed"
 [linux]
 [group('services')]
 list-inactive:
  systemctl list-units -all --state=inactive
 [linux]
 [group('services')]
 list-failed:
  systemctl list-units -all --state=failed
 [linux]
 [group('services')]
 list-systemd:
  systemctl list-units systemd-*
 # =================================================
 #
 # Nixpkgs Review via Github Action
 # https://github.com/ryan4yin/nixpkgs-review-gha
 #
 # =================================================
 # Run nixpkgs-review for PR
 [linux]
 [group('nixpkgs')]
 pkg-review pr:
  gh workflow run review.yml --repo ryan4yin/nixpkgs-review-gha -f x86_64-darwin=no -f post-result=true -f pr={{pr}}
 # Run package tests for PR
 [linux]
 [group('nixpkgs')]
 pkg-test pr pname:
  gh workflow run review.yml --repo ryan4yin/nixpkgs-review-gha -f x86_64-darwin=no -f post-result=true -f pr={{pr}} -f extra-args="-p {{pname}}.passthru.tests"
 # View the summary of a workflow
 [linux]
 [group('nixpkgs')]
 pkg-summary:
  gh workflow view review.yml --repo ryan4yin/nixpkgs-review-gha
@@ -8,7 +8,7 @@
 	<a href="https://github.com/ryan4yin/nix-config/stargazers">
 		<img alt="Stargazers" src="https://img.shields.io/github/stars/ryan4yin/nix-config?style=for-the-badge&logo=starship&color=C9CBFF&logoColor=D9E0EE&labelColor=302D41"></a>
    <a href="https://nixos.org/">
-        <img src="https://img.shields.io/badge/NixOS-24.05-informational.svg?style=for-the-badge&logo=nixos&color=F2CDCD&logoColor=D9E0EE&labelColor=302D41"></a>
+        <img src="https://img.shields.io/badge/NixOS-25.05-informational.svg?style=for-the-badge&logo=nixos&color=F2CDCD&logoColor=D9E0EE&labelColor=302D41"></a>
    <a href="https://github.com/ryan4yin/nixos-and-flakes-book">
        <img src="https://img.shields.io/static/v1?label=Nix Flakes&message=learning&style=for-the-badge&logo=nixos&color=DDB6F2&logoColor=D9E0EE&labelColor=302D41"></a>
  </a>
@@ -17,13 +17,13 @@
 > My configuration is becoming more and more complex, and **it will be difficult for beginners to
 > read**. If you are new to NixOS and want to know how I use NixOS, I would recommend you to take a
 > look at the [ryan4yin/nix-config/releases](https://github.com/ryan4yin/nix-config/releases) first,
-> **checkout to some simpler older versions, such as
+> **check out to some simpler older versions, such as
 > [i3-kickstarter](https://github.com/ryan4yin/nix-config/tree/i3-kickstarter), which will be much
 > easier to understand**.
 This repository is home to the nix code that builds my systems:
-1. NixOS Desktops: NixOS with home-manager, i3, hyprland, agenix, etc.
+1. NixOS Desktops: NixOS with home-manager, hyprland, agenix, etc.
 2. macOS Desktops: nix-darwin with home-manager, share the same home-manager configuration with
   NixOS Desktops.
 3. NixOS Servers: virtual machines running on Proxmox/KubeVirt, with various services, such as
@@ -31,17 +31,20 @@ This repository is home to the nix code that builds my systems:
 See [./hosts](./hosts) for details of each host.
 See [./Virtual-Machine.md](./Virtual-Machine.md) for details of how to create & manage KubeVirt's
 Virtual Machine from this flake.
 ## Why NixOS & Flakes?
 Nix allows for easy-to-manage, collaborative, reproducible deployments. This means that once
 something is setup and configured once, it works (almost) forever. If someone else shares their
-configuration, anyone else can just use it (if you really understand what you're copying/refering
+configuration, anyone else can just use it (if you really understand what you're copying/referring
 now).
 As for Flakes, refer to
 [Introduction to Flakes - NixOS & Nix Flakes Book](https://nixos-and-flakes.thiscute.world/nixos-with-flakes/introduction-to-flakes)
-**Want to know NixOS & Flaks in detail? Looking for a beginner-friendly tutorial or best practices?
+**Want to know NixOS & Flakes in detail? Looking for a beginner-friendly tutorial or best practices?
 You don't have to go through the pain I've experienced again! Check out my
 [NixOS & Nix Flakes Book - 🛠️ ❤️ An unofficial & opinionated :book: for beginners](https://github.com/ryan4yin/nixos-and-flakes-book)!**
@@ -51,84 +54,71 @@ You don't have to go through the pain I've experienced again! Check out my
 ## Components
-|                             | NixOS(Wayland)                                                                                                      | NixOS(Xorg)                                                                                                         |
+|                             | NixOS(Wayland)                                                                                                      |
-| --------------------------- | :------------------------------------------------------------------------------------------------------------------ | :------------------------------------------------------------------------------------------------------------------ |
+| --------------------------- | ------------------------------------------------------------------------------------------------------------------- |
-| **Window Manager**          | [Hyprland][Hyprland]                                                                                                | [i3][i3]                                                                                                            |
+| **Window Manager**          | [Hyprland][Hyprland]                                                                                                |
-| **Terminal Emulator**       | [Zellij][Zellij] + [Kitty][Kitty]                                                                                   | [Zellij][Zellij] + [Kitty][Kitty]                                                                                   |
+| **Terminal Emulator**       | [Zellij][Zellij] + [Kitty][Kitty]                                                                                   |
-| **Bar**                     | [Waybar][Waybar]                                                                                                    | [polybar][polybar]                                                                                                  |
+| **Bar**                     | [Waybar][Waybar]                                                                                                    |
-| **Application Launcher**    | [anyrun][anyrun]                                                                                                    | [rofi][rofi]                                                                                                        |
+| **Application Launcher**    | [anyrun][anyrun]                                                                                                    |
-| **Notification Daemon**     | [Mako][Mako]                                                                                                        | [Dunst][Dunst]                                                                                                      |
+| **Notification Daemon**     | [Mako][Mako]                                                                                                        |
-| **Display Manager**         | [GDM][GDM]                                                                                                          | [GDM][GDM]                                                                                                          |
+| **Display Manager**         | [GDM][GDM]                                                                                                          |
-| **Color Scheme**            | [Catppuccin][Catppuccin]                                                                                            | [Catppuccin][Catppuccin]                                                                                            |
+| **Color Scheme**            | [Catppuccin][Catppuccin]                                                                                            |
-| **network management tool** | [NetworkManager][NetworkManager]                                                                                    | [NetworkManager][NetworkManager]                                                                                    |
+| **network management tool** | [NetworkManager][NetworkManager]                                                                                    |
-| **Input method framework**  | [Fcitx5][Fcitx5]                                                                                                    | [Fcitx5][Fcitx5]                                                                                                    |
+| **Input method framework**  | [Fcitx5][Fcitx5]                                                                                                    |
-| **System resource monitor** | [Btop][Btop]                                                                                                        | [Btop][Btop]                                                                                                        |
+| **System resource monitor** | [Btop][Btop]                                                                                                        |
-| **File Manager**            | [Yazi][Yazi] + [thunar][thunar]                                                                                     | [Yazi][Yazi] + [thunar][thunar]                                                                                     |
+| **File Manager**            | [Yazi][Yazi] + [thunar][thunar]                                                                                     |
-| **Shell**                   | [Nushell][Nushell] + [Starship][Starship]                                                                           | [Nushell][Nushell] + [Starship][Starship]                                                                           |
+| **Shell**                   | [Nushell][Nushell] + [Starship][Starship]                                                                           |
-| **Music Player**            | [mpd][mpd], [ncmpcpp][ncmpcpp], [mpc][mpc], [Netease-cloud-music-gtk][netease-cloud-music-gtk]                      | [Netease-cloud-music-gtk][netease-cloud-music-gtk]                                                                  |
+| **Media Player**            | [mpv][mpv]                                                                                                          |
-| **Media Player**            | [mpv][mpv]                                                                                                          | [mpv][mpv]                                                                                                          |
+| **Text Editor**             | [Neovim][Neovim]                                                                                                    |
-| **Text Editor**             | [Neovim][Neovim] + [DoomEmacs][DoomEmacs]                                                                           | [Neovim][Neovim] + [DoomEmacs][DoomEmacs]                                                                           |
+| **Fonts**                   | [Nerd fonts][Nerd fonts]                                                                                            |
-| **Fonts**                   | [Nerd fonts][Nerd fonts]                                                                                            | [Nerd fonts][Nerd fonts]                                                                                            |
+| **Image Viewer**            | [imv][imv]                                                                                                          |
-| **Image Viewer**            | [imv][imv]                                                                                                          | [imv][imv]                                                                                                          |
+| **Screenshot Software**     | [hyprshot][hyprshot]                                                                                                |
-| **Screenshot Software**     | [flameshot][flameshot] + [grim][grim]                                                                               | [flameshot][flameshot]                                                                                              |
+| **Screen Recording**        | [OBS][OBS]                                                                                                          |
-| **Screen Recording**        | [OBS][OBS]                                                                                                          | [OBS][OBS]                                                                                                          |
+| **Filesystem & Encryption** | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] encrypted partition for persistent, unlock via passphrase |
-| **Filesystem & Encryption** | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] encrypted partition for persistent, unlock via passphrase | tmpfs on `/`, [Btrfs][Btrfs] subvolumes on a [LUKS][LUKS] encrypted partition for persistent, unlock via passphrase |
+| **Secure Boot**             | [lanzaboote][lanzaboote]                                                                                            |
 | **Secure Boot**             | [lanzaboote][lanzaboote]                                                                                            | [lanzaboote][lanzaboote]                                                                                            |
 Wallpapers: https://github.com/ryan4yin/wallpapers
-## Hyprland + AstroNvim + DoomEmacs
+## Hyprland + AstroNvim
 ![](./_img/hyprland_2023-07-29_1.webp)
 ![](./_img/hyprland_2023-07-29_2.webp)
 ![](./_img/emacs-2024-01-07.webp)
 ## I3 + AstroNvim
 ![](./_img/i3_2023-07-29_1.webp) ![](./_img/i3_2023-07-29_2.webp)
 ## Neovim
 See [./home/base/tui/editors/neovim/](./home/base/tui/editors/neovim/) for details.
 ## Emacs
 See [./home/base/tui/editors/emacs/](./home/base/tui/editors/emacs/) for details.
 ## Secrets Management
 See [./secrets](./secrets) for details.
 ## How to Deploy this Flake?
-> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine
+<!-- prettier-ignore -->
-> :exclamation: It will not succeed.** This flake contains my hardware configuration(such as
+> :red_circle: **IMPORTANT**: **You should NOT deploy this flake directly on your machine :exclamation:
 > It will not succeed.** This flake contains my hardware configuration(such as
 > [hardware-configuration.nix](hosts/idols-ai/hardware-configuration.nix),
 > [Nvidia Support](https://github.com/ryan4yin/nix-config/blob/v0.1.1/hosts/idols-ai/default.nix#L77-L91),
-> etc.) which is not suitable for your hardwares, and requires my private secrets repository
+> etc.) which is not suitable for your hardware, and requires my private secrets repository
 > [ryan4yin/nix-secrets](https://github.com/ryan4yin/nix-config/tree/main/secrets) to deploy. You
 > may use this repo as a reference to build your own configuration.
 For NixOS:
-> To deploy this flake from NixOS's official ISO image(purest installation method), please refer to
+> To deploy this flake from NixOS's official ISO image (purest installation method), please refer to
 > [./nixos-installer/](./nixos-installer/)
 > Need to restart the machine when switching between `wayland` and `xorg`.
 ```bash
 # deploy one of the configuration based on the hostname
 # sudo nixos-rebuild switch --flake .#ai_i3
 sudo nixos-rebuild switch --flake .#ai-hyprland
 # deploy via `just`(a command runner with similar syntax to make) & Justfile
 # just i3    # deploy my pc with i3 window manager
 just hypr  # deploy my pc with hyprland compositor
 # or we can deploy with details
 # just i3 debug
 just hypr debug
 ```
@@ -139,18 +129,14 @@ For macOS:
 # 1. install nix & homebrew manually.
 # 2. prepare the deployment environment with essential packages available
 nix-shell -p just nushell
-# 3. comment home-manager's code in lib/macosSystem.nix to speed up the first deplyment.
+# 3. comment home-manager's code in lib/macosSystem.nix to speed up the first deployment.
 # 4. comment out the proxy settings in scripts/darwin_set_proxy.py if the proxy is not ready yet.
 # 4. deploy harmonica's configuration(macOS Intel)
 just ha
 # deploy fern's configuration(Apple Silicon)
-just fe
+just fr
 # deploy with details
-just ha debug
+just fr debug
 # just fe debug
 ```
 > [What y'all will need when Nix drives you to drink.](https://www.youtube.com/watch?v=Eni9PPPPBpg)
@@ -181,18 +167,14 @@ Other dotfiles that inspired me:
    journey.
  - [HeinzDev/Hyprland-dotfiles](https://github.com/HeinzDev/Hyprland-dotfiles): Refer to the waybar
    configuration here.
  - [Zeioth/zeioth-hyprland-config](https://github.com/Zeioth/zeioth-hyprland-config)
  - [linuxmobile/kaku](https://github.com/linuxmobile/kaku)
 - I3 Window Manager
  - [endeavouros-i3wm-setup](https://github.com/endeavouros-team/endeavouros-i3wm-setup): I started
    using i3 here, and my i3 configuration is also based on it, but made a lot of changes.
  - [denisse-dev/dotfiles](https://github.com/denisse-dev/dotfiles)
 - Neovim/AstroNvim
  - [maxbrunet/dotfiles](https://github.com/maxbrunet/dotfiles): astronvim with nix flakes.
 - Misc
  - [1amSimp1e/dots](https://github.com/1amSimp1e/dots)
 [Hyprland]: https://github.com/hyprwm/Hyprland
 [i3]: https://github.com/i3/i3
 [Kitty]: https://github.com/kovidgoyal/kitty
 [Nushell]: https://github.com/nushell/nushell
 [Starship]: https://github.com/starship/starship
@@ -207,19 +189,12 @@ Other dotfiles that inspired me:
 [Zellij]: https://github.com/zellij-org/zellij
 [Neovim]: https://github.com/neovim/neovim
 [AstroNvim]: https://github.com/AstroNvim/AstroNvim
-[DoomEmacs]: https://github.com/doomemacs/doomemacs
+[Hyprshot]: https://github.com/Gustash/Hyprshot
 [flameshot]: https://github.com/flameshot-org/flameshot
 [grim]: https://github.com/emersion/grim
 [flameshot]: https://github.com/flameshot-org/flameshot
 [imv]: https://sr.ht/~exec64/imv/
 [OBS]: https://obsproject.com
 [Mako]: https://github.com/emersion/mako
 [Nerd fonts]: https://github.com/ryanoasis/nerd-fonts
 [catppuccin]: https://github.com/catppuccin/catppuccin
 [mpd]: https://github.com/MusicPlayerDaemon/MPD
 [ncmpcpp]: https://github.com/ncmpcpp/ncmpcpp
 [mpc]: https://github.com/MusicPlayerDaemon/mpc
 [Netease-cloud-music-gtk]: https://github.com/gmg137/netease-cloud-music-gtk
 [NetworkManager]: https://wiki.gnome.org/Projects/NetworkManager
 [wl-clipboard]: https://github.com/bugaevc/wl-clipboard
 [GDM]: https://wiki.archlinux.org/title/GDM
@@ -1,13 +1,17 @@
 ## How to create & managage KubeVirt's Virtual Machine from this flake?
-Use `aquamarine` as an example, we can create a virtual machine with the following command:
+Use `aquamarine` as an example, first build and upload the virtual machine's qcow2 image to the file
 server:
 ```shell
 just upload-vm aquamarine
 ```
 Then create the virtual machine by creating a yaml file at
-[ryan4yin/k8s-gitops](https://github.com/ryan4yin/k8s-gitops/tree/main/vms)
+[ryan4yin/k8s-gitops](https://github.com/ryan4yin/k8s-gitops/tree/main/vms), set the
 `spec.dataVolumeTemplates[0].source.http.url` to the uploaded file's URL, and fluxcd will
 automatically apply the changes, then a virtual machine named `aquamarine` will be created in the
 KubeVirt cluster.
 Once the virtual machine `aquamarine` is created, we can deploy updates to it with the following
 commands:
@@ -17,12 +17,12 @@
    # substituers will be appended to the default substituters when fetching packages
    extra-substituters = [
      "https://anyrun.cachix.org"
-      "https://nix-gaming.cachix.org"
+      # "https://nix-gaming.cachix.org"
      # "https://nixpkgs-wayland.cachix.org"
    ];
    extra-trusted-public-keys = [
      "anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
-      "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
+      # "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
      # "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
    ];
  };
@@ -35,21 +35,24 @@
    # Official NixOS package source, using nixos's unstable branch by default
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
-    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
+    # nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
-    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.05";
+    nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
    nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
    nixpkgs-ollama.url = "github:nixos/nixpkgs/nixos-unstable";
    # for macos
-    nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-24.05-darwin";
+    # nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-25.05-darwin";
    nixpkgs-darwin.url = "github:nixos/nixpkgs/nixpkgs-unstable";
    nix-darwin = {
      url = "github:lnl7/nix-darwin";
      inputs.nixpkgs.follows = "nixpkgs-darwin";
    };
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    # home-manager, used for managing user configuration
    home-manager = {
      url = "github:nix-community/home-manager/master";
-      # url = "github:nix-community/home-manager/release-24.05";
+      # url = "github:nix-community/home-manager/release-25.05";
      # The `follows` keyword in inputs is used for inheritance.
      # Here, `inputs.nixpkgs` of home-manager is kept consistent with the `inputs.nixpkgs` of the current flake,
@@ -57,12 +60,20 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    lanzaboote = {
+    # https://github.com/catppuccin/nix
-      url = "github:nix-community/lanzaboote/v0.4.1";
+    catppuccin = {
      url = "github:catppuccin/nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    impermanence.url = "github:nix-community/impermanence";
+    lanzaboote = {
      url = "github:nix-community/lanzaboote/v0.4.2";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    preservation = {
      url = "github:nix-community/preservation";
    };
    # community wayland nixpkgs
    # nixpkgs-wayland.url = "github:nix-community/nixpkgs-wayland";
@@ -79,49 +90,61 @@
    };
    # secrets management
    agenix = {
-      # lock with git commit at 0.15.0
+      # lock with git commit at May 18, 2025
-      # url = "github:ryantm/agenix/564595d0ad4be7277e07fa63b5a991b3c645655d";
+      url = "github:ryantm/agenix/4835b1dc898959d8547a871ef484930675cb47f1";
      # replaced with a type-safe reimplementation to get a better error message and less bugs.
-      url = "github:ryan4yin/ragenix";
+      # url = "github:ryan4yin/ragenix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    nix-gaming.url = "github:fufexan/nix-gaming";
+    nix-gaming = {
      url = "github:fufexan/nix-gaming";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    disko = {
-      url = "github:nix-community/disko/v1.6.1";
+      url = "github:nix-community/disko/v1.11.0";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    # add git hooks to format nix code before commit
    pre-commit-hooks = {
-      url = "github:cachix/pre-commit-hooks.nix";
+      url = "github:cachix/git-hooks.nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    nuenv.url = "github:DeterminateSystems/nuenv";
+    nuenv = {
-
+      url = "github:DeterminateSystems/nuenv";
-    daeuniverse.url = "github:daeuniverse/flake.nix";
+      inputs.nixpkgs.follows = "nixpkgs";
-    # daeuniverse.url = "github:daeuniverse/flake.nix/exp";
+    };
    haumea = {
      url = "github:nix-community/haumea/v0.2.2";
      inputs.nixpkgs.follows = "nixpkgs";
    };
-    microvm = {
+    nixpak = {
-      url = "github:astro/microvm.nix";
+      url = "github:nixpak/nixpak";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    ghostty = {
      url = "github:ghostty-org/ghostty";
    };
    blender-bin = {
      url = "github:edolstra/nix-warez?dir=blender";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nixos-apple-silicon = {
      # 2025-07-04
      url = "github:nix-community/nixos-apple-silicon/eba4b40c816e5aff8951ae231ac237e8aab8ec1d";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    ########################  Some non-flake repositories  #########################################
    # doom-emacs is a configuration framework for GNU Emacs.
    doomemacs = {
      url = "github:doomemacs/doomemacs";
      flake = false;
    };
    polybar-themes = {
      url = "github:adi1090x/polybar-themes";
      flake = false;
@@ -136,6 +159,11 @@
      flake = false;
    };
    my-asahi-firmware = {
      url = "git+ssh://git@github.com/ryan4yin/asahi-firmware.git?shallow=1";
      flake = false;
    };
    # my wallpapers
    wallpapers = {
      url = "github:ryan4yin/wallpapers";
@@ -144,14 +172,10 @@
    nur-ryan4yin = {
      url = "github:ryan4yin/nur-packages";
-      # inputs.nixpkgs.follows = "nixpkgs";
+      inputs.nixpkgs.follows = "nixpkgs";
    };
-    # riscv64 SBCs
+    # for waydroid
-    nixos-licheepi4a.url = "github:ryan4yin/nixos-licheepi4a";
+    # nur-ataraxiasjel.url = "github:AtaraxiaSjel/nur";
    # nixos-jh7110.url = "github:ryan4yin/nixos-jh7110";
    # aarch64 SBCs
    nixos-rk3588.url = "github:ryan4yin/nixos-rk3588";
  };
 }
@@ -0,0 +1,83 @@
 # Linux Hardening
 > Work in progress.
 ## Goal
 - **System Level**: Protect critical files from being accessed by untrusted applications.
  1. Such as browser cookies, SSH keys, etc.
 - **Per-App Level**: Prevent untrusted applications(such as closed-source apps) from:
  1. Accessing files they shouldn't.
     - Such as a malicious application accessing your browser's cookies, SSH Keys, etc.
  1. Accessing the network when they don't need to.
  1. Accessing hardware devices they don't need.
 ## Current Status
 1. **System Level**:
   - [ ] AppArmor
   - [ ] Kernel & System Hardening
 1. **Per-App Level**:
   - Nixpak (Bubblewrap, running at user-level)
   - Firejail (a SUID program, meaning it's running as root)
 ## Kernel Hardening
 - NixOS Kernel Config:
  https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/os-specific/linux/kernel/hardened/config.nix
 ## System Hardening
 - NixOS Profile:
  https://github.com/NixOS/nixpkgs/blob/nixos-unstable/nixos/modules/profiles/hardened.nix
 - Apparmor: [roddhjav/apparmor.d](https://github.com/roddhjav/apparmor.d)
  - https://gitlab.com/apparmor/apparmor/-/wikis/Documentation
  - AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based
    applications and processes.
  - But all the profiles of AppArmor assume a FHS filesystem, which caused all apparmor policies
    takes no effect on NixOS.
  - Apparmor on NixOS Roadmap:
    - https://discourse.nixos.org/t/apparmor-on-nixos-roadmap/57217
    - https://github.com/LordGrimmauld/aa-alias-manager
 - SELinux: too complex, not recommended for personal use.
 ## Application Sandboxing
 - [Bubblewrap](https://github.com/containers/bubblewrap):
  [nixpak](https://github.com/nixpak/nixpak), more secure than firejail, but no batteries included.
  - NixOS's FHSEnv is implemented using bubblewrap by default.
 - [Firejail](https://github.com/netblue30/firejail/tree/master/etc): A SUID security sandbox with
  hundreds of security profiles for many common applications in the default installation.
  - https://wiki.nixos.org/wiki/Firejail
  - Firejail needs SUID to work, which is considered a security risk -
    [Does firejail improve the security of my system?](https://github.com/netblue30/firejail/discussions/4601)
 - [Systemd/Hardening](https://wiki.nixos.org/wiki/Systemd/Hardening): Systemd also provides some
  sandboxing features.
 ## NOTE
 **Running untrusted code is never safe, kernel hardening & sandboxing cannot change this**.
 If you want to run untrusted code, please use a VM & an isolated network environment, which will
 provide a much higher level of security.
 ## References
 - [Harden your NixOS workstation - dataswamp](https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html)
 - [Linux Insecurities - Madaidans](https://madaidans-insecurities.github.io/linux.html)
 - [Sandboxing all programs by default - NixOS Discourse](https://discourse.nixos.org/t/sandboxing-all-programs-by-default/7792)
 - [Paranoid NixOS Setup - xeiaso](https://xeiaso.net/blog/paranoid-nixos-2021-07-18/)
 - [nix-mineral](https://github.com/cynicsketch/nix-mineral): NixOS module for convenient system
  hardening.
 - nixpak configs:
  - https://github.com/pokon548/OysterOS/tree/b97604d89953373d6316286b96f6a964af2c398d/desktop/application
  - https://github.com/segment-tree/my-nixos/tree/ceb6041f73bd9edcb78a8818b27a28f7c629193b/hm/me/apps/nixpak
  - https://github.com/Keksgesicht/nixos-config/tree/91cc77d8d6b598da7c4dbed143e0009c2dea6940/packages/nixpak
  - https://github.com/bluskript/nix-config/blob/7ecb6a7254c1ac4969072f4c4febdc19f8b83b30/pkgs/nixpak/default.nix
 - firejail configs:
  - https://github.com/stelcodes/nixos-config/blob/f8967c82a5e5f3d128eb1aaf7498b5f918f719ec/packages/overlay.nix#L261
 - apparmor configs:
  - https://github.com/zramctl/dotfiles/blob/4fe177f6984154960942bb47d5a375098ec6ed6a/modules/nixos/security/apparmor.nix#L4
  - https://git.grimmauld.de/Grimmauld/grimm-nixos-laptop/src/branch/main/hardening
 - Others:
  - Directly via `buildFHSUserEnvBubblewrap`:
@@ -0,0 +1,59 @@
 {
  config,
  pkgs,
  ...
 }:
 {
  services.dbus.apparmor = "enabled";
  security.apparmor = {
    enable = true;
    # kill process that are not confined but have apparmor profiles enabled
    killUnconfinedConfinables = true;
    packages = with pkgs; [
      apparmor-utils
      apparmor-profiles
    ];
    # apparmor policies
    policies = {
      "default_deny" = {
        enforce = false;
        enable = false;
        profile = ''
          profile default_deny /** { }
        '';
      };
      "sudo" = {
        enforce = false;
        enable = false;
        profile = ''
          ${pkgs.sudo}/bin/sudo {
            file /** rwlkUx,
          }
        '';
      };
      "nix" = {
        enforce = false;
        enable = false;
        profile = ''
          ${config.nix.package}/bin/nix {
            unconfined,
          }
        '';
      };
    };
  };
  environment.systemPackages = with pkgs; [
    apparmor-bin-utils
    apparmor-profiles
    apparmor-parser
    libapparmor
    apparmor-kernel-patches
    apparmor-pam
    apparmor-utils
  ];
 }
@@ -0,0 +1,9 @@
 {
  nixpkgs.overlays = [
    (_: super: {
      bwraps = {
        wechat = super.callPackage ./wechat.nix { };
      };
    })
  ];
 }
@@ -0,0 +1,99 @@
 # - wechat's flatpak manifest: https://github.com/flathub/com.tencent.WeChat/blob/master/com.tencent.WeChat.yaml
 # Refer:
 # - Flatpak manifest's docs:
 #   - https://docs.flatpak.org/en/latest/manifests.html
 #   - https://docs.flatpak.org/en/latest/sandbox-permissions.html
 #
 # TODO Since appimageTools.wrapAppImage do not support overriding, I have to pack this package myself.
 # https://github.com/NixOS/nixpkgs/pull/358977
 {
  appimageTools,
  fetchurl,
  stdenvNoCC,
 }:
 let
  pname = "wechat";
  # https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/by-name/we/wechat/package.nix
  sources = {
    aarch64-linux = {
      version = "4.0.1.11";
      src = fetchurl {
        url = "https://web.archive.org/web/20250512112413if_/https://dldir1v6.qq.com/weixin/Universal/Linux/WeChatLinux_arm64.AppImage";
        hash = "sha256-Rg+FWNgOPC02ILUskQqQmlz1qNb9AMdvLcRWv7NQhGk=";
      };
    };
    x86_64-linux = {
      version = "4.0.1.11";
      src = fetchurl {
        url = "https://web.archive.org/web/20250512110825if_/https://dldir1v6.qq.com/weixin/Universal/Linux/WeChatLinux_x86_64.AppImage";
        hash = "sha256-gBWcNQ1o1AZfNsmu1Vi1Kilqv3YbR+wqOod4XYAeVKo=";
      };
    };
  };
  inherit (stdenvNoCC.hostPlatform) system;
  inherit (sources.${system} or (throw "Unsupported system: ${system}")) version src;
  # https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/we/wechat/linux.nix
  appimageContents = appimageTools.extract {
    inherit pname version src;
    postExtract = ''
      patchelf --replace-needed libtiff.so.5 libtiff.so $out/opt/wechat/wechat
    '';
  };
 in
 appimageTools.wrapAppImage {
  inherit pname version;
  src = appimageContents;
  extraInstallCommands = ''
    mkdir -p $out/share/applications
    cp ${appimageContents}/wechat.desktop $out/share/applications/
    mkdir -p $out/share/pixmaps
    cp ${appimageContents}/wechat.png $out/share/pixmaps/
    substituteInPlace $out/share/applications/wechat.desktop --replace-fail AppRun wechat
  '';
  # Add these root paths to FHS sandbox to prevent WeChat from accessing them by default
  # Adapted from https://aur.archlinux.org/cgit/aur.git/tree/wechat-universal.sh?h=wechat-universal-bwrap
  extraPreBwrapCmds = ''
    XDG_DOCUMENTS_DIR="''${XDG_DOCUMENTS_DIR:-$(xdg-user-dir DOCUMENTS)}"
    if [[ -z "''${XDG_DOCUMENTS_DIR}" ]]; then
        echo 'Error: Failed to get XDG_DOCUMENTS_DIR, refuse to continue'
        exit 1
    fi
    WECHAT_DATA_DIR="''${XDG_DOCUMENTS_DIR}/WeChat_Data"
    # Using ''${WECHAT_DATA_DIR} as Wechat Data folder
    WECHAT_HOME_DIR="''${WECHAT_DATA_DIR}/home"
    WECHAT_FILES_DIR="''${WECHAT_DATA_DIR}/xwechat_files"
    mkdir -p "''${WECHAT_FILES_DIR}"
    mkdir -p "''${WECHAT_HOME_DIR}"
    ln -snf "''${WECHAT_FILES_DIR}" "''${WECHAT_HOME_DIR}/xwechat_files"
  '';
  extraBwrapArgs = [
    "--tmpfs /home"
    "--tmpfs /root"
    # format: --bind <host-path> <sandbox-path>
    "--bind \${WECHAT_HOME_DIR} \${HOME}"
    "--bind \${WECHAT_FILES_DIR} \${WECHAT_FILES_DIR}"
    "--chdir \${HOME}"
    # wechat-universal only supports xcb
    "--setenv QT_QPA_PLATFORM xcb"
    "--setenv QT_AUTO_SCREEN_SCALE_FACTOR 1"
    # use fcitx as IME
    "--setenv QT_IM_MODULE fcitx"
    "--setenv GTK_IM_MODULE fcitx"
  ];
  chdirToPwd = false;
  unshareNet = false;
  unshareIpc = true;
  unsharePid = true;
  unshareUts = true;
  unshareCgroup = true;
  privateTmp = true;
 }
@@ -0,0 +1,35 @@
 {
  pkgs,
  nixpak,
  ...
 }:
 let
  callArgs = {
    mkNixPak = nixpak.lib.nixpak {
      inherit (pkgs) lib;
      inherit pkgs;
    };
    safeBind = sloth: realdir: mapdir: [
      (sloth.mkdir (sloth.concat' sloth.appDataDir realdir))
      (sloth.concat' sloth.homeDir mapdir)
    ];
  };
  wrapper = _pkgs: path: (_pkgs.callPackage path callArgs).config.script;
 in
 {
  # Add nixpaked Apps into nixpkgs, and reference them in home-manager or other nixos modules
  nixpkgs.overlays = [
    (_: super: {
      nixpaks = {
        qq = wrapper super ./qq.nix;
        qq-desktop-item = super.callPackage ./qq-desktop-item.nix { };
        wechat = wrapper super ./wechat.nix;
        wechat-desktop-item = super.callPackage ./wechat-desktop-item.nix { };
        firefox = wrapper super ./firefox.nix;
        firefox-desktop-item = super.callPackage ./firefox-desktop-item.nix { };
      };
    })
  ];
 }
@@ -0,0 +1,11 @@
 { makeDesktopItem }:
 makeDesktopItem {
  name = "firefox";
  desktopName = "firefox";
  exec = "firefox %U";
  terminal = false;
  icon = "firefox";
  type = "Application";
  categories = [ "Network" ];
  comment = "firefox boxed";
 }
@@ -0,0 +1,88 @@
 # Refer:
 # - Flatpak manifest's docs:
 #   - https://docs.flatpak.org/en/latest/manifests.html
 #   - https://docs.flatpak.org/en/latest/sandbox-permissions.html
 # - Firefox's flatpak manifest: https://hg.mozilla.org/mozilla-central/file/tip/taskcluster/docker/firefox-flatpak/runme.sh#l151
 {
  lib,
  pkgs,
  mkNixPak,
  ...
 }:
 mkNixPak {
  config =
    {
      config,
      sloth,
      ...
    }:
    {
      app = {
        package = pkgs.firefox-wayland;
        binPath = "bin/firefox";
      };
      flatpak.appId = "org.mozilla.firefox";
      imports = [
        ./modules/gui-base.nix
        ./modules/network.nix
      ];
      # list all dbus services:
      #   ls -al /run/current-system/sw/share/dbus-1/services/
      #   ls -al /etc/profiles/per-user/ryan/share/dbus-1/services/
      dbus.policies = {
        "org.mozilla.firefox.*" = "own"; # firefox
        "org.mozilla.firefox_beta.*" = "own"; # firefox beta
        "org.mpris.MediaPlayer2.firefox.*" = "own";
        "org.freedesktop.NetworkManager" = "talk";
        "org.gnome.Shell.Screencast" = "talk";
        # System tray icon
        "org.freedesktop.Notifications" = "talk";
        "org.kde.StatusNotifierWatcher" = "talk";
        # File Manager
        "org.freedesktop.FileManager1" = "talk";
        # Uses legacy StatusNotifier implementation
        "org.kde.*" = "own";
      };
      bubblewrap = {
        # To trace all the home files QQ accesses, you can use the following nushell command:
        #   just trace-access firefox
        # See the Justfile in the root of this repository for more information.
        bind.rw = [
          # given the read write permission to the following directories.
          # NOTE: sloth.mkdir is used to create the directory if it does not exist!
          (sloth.mkdir (sloth.concat' sloth.homeDir "/.mozilla"))
          sloth.xdgDocumentsDir
          sloth.xdgDownloadDir
          sloth.xdgMusicDir
          sloth.xdgVideosDir
        ];
        bind.ro = [
          "/sys/bus/pci"
          [
            "${config.app.package}/lib/firefox"
            "/app/etc/firefox"
          ]
          # ================ for browserpass extension ===============================
          "/etc/gnupg"
          (sloth.concat' sloth.homeDir "/.gnupg") # gpg's config
          (sloth.concat' sloth.homeDir "/.local/share/password-store") # my secrets
          (sloth.concat' sloth.runtimeDir "/gnupg") # for access gpg-agent socket
          # Unsure
          (sloth.concat' sloth.xdgConfigHome "/dconf")
        ];
        sockets = {
          x11 = false;
          wayland = true;
          pipewire = true;
        };
      };
    };
 }
@@ -0,0 +1,110 @@
 # https://github.com/nixpak/pkgs/blob/master/pkgs/modules/gui-base.nix
 {
  config,
  lib,
  pkgs,
  sloth,
  ...
 }:
 let
  envSuffix = envKey: suffix: sloth.concat' (sloth.env envKey) suffix;
  # cursor & icon's theme should be the same as the host's one.
  cursorTheme = pkgs.bibata-cursors;
  iconTheme = pkgs.papirus-icon-theme;
 in
 {
  config = {
    dbus.policies = {
      "${config.flatpak.appId}" = "own";
      "org.freedesktop.DBus" = "talk";
      "org.gtk.vfs.*" = "talk";
      "org.gtk.vfs" = "talk";
      "ca.desrt.dconf" = "talk";
      "org.a11y.Bus" = "talk";
      # for default portal & gtk/hyprland's portal
      "org.freedesktop.portal.*" = "talk";
      "org.freedesktop.impl.portal.desktop.*" = "talk";
    };
    # https://github.com/nixpak/nixpak/blob/master/modules/gpu.nix
    # 1. bind readonly - /run/opengl-driver
    # 2. bind device   - /dev/dri
    gpu = {
      enable = lib.mkDefault true;
      provider = "nixos";
      bundlePackage = pkgs.mesa.drivers; # for amd & intel
    };
    # https://github.com/nixpak/nixpak/blob/master/modules/gui/fonts.nix
    # it works not well, bind system's /etc/fonts directly instead
    fonts.enable = false;
    # https://github.com/nixpak/nixpak/blob/master/modules/locale.nix
    locale.enable = true;
    bubblewrap = {
      network = lib.mkDefault false;
      bind.rw = [
        [
          (envSuffix "HOME" "/.var/app/${config.flatpak.appId}/cache")
          sloth.xdgCacheHome
        ]
        (sloth.concat' sloth.xdgCacheHome "/fontconfig")
        (sloth.concat' sloth.xdgCacheHome "/mesa_shader_cache")
        (sloth.concat [
          (sloth.env "XDG_RUNTIME_DIR")
          "/"
          (sloth.envOr "WAYLAND_DISPLAY" "no")
        ])
        (envSuffix "XDG_RUNTIME_DIR" "/at-spi/bus")
        (envSuffix "XDG_RUNTIME_DIR" "/gvfsd")
        (envSuffix "XDG_RUNTIME_DIR" "/pulse")
        "/run/dbus"
      ];
      bind.ro = [
        (envSuffix "XDG_RUNTIME_DIR" "/doc")
        (sloth.concat' sloth.xdgConfigHome "/gtk-2.0")
        (sloth.concat' sloth.xdgConfigHome "/gtk-3.0")
        (sloth.concat' sloth.xdgConfigHome "/gtk-4.0")
        (sloth.concat' sloth.xdgConfigHome "/fontconfig")
        "/etc/fonts" # for fontconfig
        "/etc/machine-id"
        "/etc/localtime"
        # Fix: libEGL warning: egl: failed to create dri2 screen
        "/etc/egl"
        "/etc/static/egl"
      ];
      bind.dev = [
        "/dev/shm" # Shared Memory
        # seems required when using nvidia as primary gpu
        "/dev/nvidia0"
        "/dev/nvidiactl"
        "/dev/nvidia-modeset"
        "/dev/nvidia-uvm"
      ];
      tmpfs = [
        "/tmp"
      ];
      env = {
        XDG_DATA_DIRS = lib.mkForce (
          lib.makeSearchPath "share" [
            iconTheme
            cursorTheme
            pkgs.shared-mime-info
          ]
        );
        XCURSOR_PATH = lib.mkForce (
          lib.concatStringsSep ":" [
            "${cursorTheme}/share/icons"
            "${cursorTheme}/share/pixmaps"
          ]
        );
      };
    };
  };
 }
@@ -0,0 +1,8 @@
 # https://github.com/nixpak/pkgs/blob/master/pkgs/modules/network.nix
 {
  etc.sslCertificates.enable = true;
  bubblewrap = {
    bind.ro = [ "/etc/resolv.conf" ];
    network = true;
  };
 }
@@ -0,0 +1,17 @@
 {
  makeDesktopItem,
  qq,
 }:
 makeDesktopItem {
  name = "qq";
  desktopName = "QQ";
  exec = "${qq}/bin/qq %U";
  terminal = false;
  # To find the icon name(nushell):
  #   let p = NIXPKGS_ALLOW_UNFREE=1 nix eval --impure nixpkgs#qq.outPath | str trim --char '"'
  #   tree $"($p)/share/icons"
  icon = "${qq}/share/icons/hicolor/512x512/apps/qq.png";
  type = "Application";
  categories = [ "Network" ];
  comment = "QQ boxed";
 }
@@ -0,0 +1,69 @@
 # Refer:
 # - Flatpak manifest's docs:
 #   - https://docs.flatpak.org/en/latest/manifests.html
 #   - https://docs.flatpak.org/en/latest/sandbox-permissions.html
 # - QQ's flatpak manifest: https://github.com/flathub/com.qq.QQ/blob/master/com.qq.QQ.yaml
 {
  lib,
  pkgs,
  mkNixPak,
  ...
 }:
 mkNixPak {
  config =
    { sloth, ... }:
    {
      app = {
        package = pkgs.qq.override {
          # fix fcitx5 input method
          commandLineArgs = lib.concatStringsSep " " [ "--enable-wayland-ime" ];
        };
        binPath = "bin/qq";
      };
      flatpak.appId = "com.tencent.qq";
      imports = [
        ./modules/gui-base.nix
        ./modules/network.nix
      ];
      # list all dbus services:
      #   ls -al /run/current-system/sw/share/dbus-1/services/
      #   ls -al /etc/profiles/per-user/ryan/share/dbus-1/services/
      dbus.policies = {
        "org.gnome.Shell.Screencast" = "talk";
        # System tray icon
        "org.freedesktop.Notifications" = "talk";
        "org.kde.StatusNotifierWatcher" = "talk";
        # File Manager
        "org.freedesktop.FileManager1" = "talk";
        # Uses legacy StatusNotifier implementation
        "org.kde.*" = "own";
      };
      bubblewrap = {
        # To trace all the home files QQ accesses, you can use the following nushell command:
        #   just trace-access qq
        # See the Justfile in the root of this repository for more information.
        bind.rw = [
          # given the read write permission to the following directories.
          # NOTE: sloth.mkdir is used to create the directory if it does not exist!
          (sloth.mkdir (
            sloth.concat [
              sloth.xdgConfigHome
              "/QQ"
            ]
          ))
          sloth.xdgDocumentsDir
          sloth.xdgDownloadDir
          sloth.xdgMusicDir
          sloth.xdgVideosDir
        ];
        sockets = {
          x11 = false;
          wayland = true;
          pipewire = true;
        };
      };
    };
 }
@@ -0,0 +1,10 @@
 { modulesPath, ... }:
 {
  imports = [
    (modulesPath + "/profiles/hardened.nix")
  ];
  # disable coredump that could be exploited later
  # and also slow down the system when something crash
  systemd.coredump.enable = false;
 }
@@ -1,16 +1,8 @@
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  # https://github.com/catppuccin/btop/blob/main/themes/catppuccin_mocha.theme
  xdg.configFile."btop/themes".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-btop}/themes";
  # replacement of htop/nmon
  programs.btop = {
    enable = true;
    settings = {
      color_theme = "catppuccin_mocha";
      theme_background = false; # make btop transparent
    };
  };
@@ -1,50 +0,0 @@
 {
  pkgs,
  pkgs-unstable,
  nur-ryan4yin,
  ...
 }: {
  home.packages = with pkgs; [
    docker-compose
    dive # explore docker layers
    lazydocker # Docker terminal UI.
    skopeo # copy/sync images between registries and local storage
    go-containerregistry # provides `crane` & `gcrane`, it's similar to skopeo
    kubectl
    kubebuilder
    istioctl
    clusterctl # for kubernetes cluster-api
    kubevirt # virtctl
    kubernetes-helm
    fluxcd
    argocd
    ko # build go project to container image
  ];
  programs = {
    k9s = {
      enable = true;
      # https://k9scli.io/topics/aliases/
      # aliases = {};
      settings = {
        skin = "catppuccino-mocha";
      };
      skins.catppuccin-mocha = let
        skin_file = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-k9s}/dist/mocha.yml"; # theme - catppuccin mocha
        skin_attr = builtins.fromJSON (
          builtins.readFile
          # replace 'base: &base "#1e1e2e"' with 'base: &base "default"'
          # to make fg/bg color transparent. "default" means transparent in k9s skin.
          (pkgs.runCommandNoCC "get-skin-json" {} ''
            cat ${skin_file} \
              |  sed -E 's@(base: &base ).+@\1 "default"@g' \
              | ${pkgs.yj}/bin/yj > $out
          '')
        );
      in
        skin_attr;
    };
  };
 }
@@ -1,23 +1,19 @@
 { pkgs, ... }:
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  home.packages = with pkgs; [
    # Misc
    tldr
    cowsay
    gnupg
    gnumake
-    # Morden cli tools, replacement of grep/sed/...
+    # Modern cli tools, replacement of grep/sed/...
    # Interactively filter its input using fuzzy searching, not limit to filenames.
    fzf
    # search for files by name, faster than find
    fd
    # search for files by its content, replacement of grep
-    (ripgrep.override {withPCRE2 = true;})
+    (ripgrep.override { withPCRE2 = true; })
    # A fast and polyglot tool for code searching, linting, rewriting at large scale
    # supported languages: only some mainstream languages currently(do not support nix/nginx/yaml/toml/...)
@@ -26,8 +22,6 @@
    sad # CLI search and replace, just like sed, but with diff preview.
    yq-go # yaml processor https://github.com/mikefarah/yq
    just # a command runner like make, but simpler
    delta # A viewer for git and diff output
    lazygit # Git terminal UI.
    hyperfine # command-line benchmarking tool
    gping # ping, but with a graph(TUI)
    doggo # DNS client for humans
@@ -54,87 +48,75 @@
    ncdu # analyzer your disk usage Interactively, via TUI(replacement of `du`)
  ];
-  programs = {
+  # A modern replacement for ‘ls’
-    # A modern replacement for ‘ls’
+  # useful in bash/zsh prompt, not in nushell.
-    # useful in bash/zsh prompt, not in nushell.
+  programs.eza = {
-    eza = {
+    enable = true;
-      enable = true;
+    # do not enable aliases in nushell!
-      # do not enable aliases in nushell!
+    enableNushellIntegration = false;
-      enableNushellIntegration = false;
+    git = true;
-      git = true;
+    icons = "auto";
-      icons = true;
+  };
    };
-    # a cat(1) clone with syntax highlighting and Git integration.
+  # a cat(1) clone with syntax highlighting and Git integration.
-    bat = {
+  programs.bat = {
-      enable = true;
+    enable = true;
-      config = {
+    config = {
-        pager = "less -FR";
+      pager = "less -FR";
        theme = "catppuccin-mocha";
      };
      themes = {
        # https://raw.githubusercontent.com/catppuccin/bat/main/Catppuccin-mocha.tmTheme
        catppuccin-mocha = {
          src = nur-ryan4yin.packages.${pkgs.system}.catppuccin-bat;
          file = "Catppuccin-mocha.tmTheme";
        };
      };
    };
    # A command-line fuzzy finder
    fzf = {
      enable = true;
      # https://github.com/catppuccin/fzf
      # catppuccin-mocha
      colors = {
        "bg+" = "#313244";
        "bg" = "#1e1e2e";
        "spinner" = "#f5e0dc";
        "hl" = "#f38ba8";
        "fg" = "#cdd6f4";
        "header" = "#f38ba8";
        "info" = "#cba6f7";
        "pointer" = "#f5e0dc";
        "marker" = "#f5e0dc";
        "fg+" = "#cdd6f4";
        "prompt" = "#cba6f7";
        "hl+" = "#f38ba8";
      };
    };
    # zoxide is a smarter cd command, inspired by z and autojump.
    # It remembers which directories you use most frequently,
    # so you can "jump" to them in just a few keystrokes.
    # zoxide works on all major shells.
    #
    #   z foo              # cd into highest ranked directory matching foo
    #   z foo bar          # cd into highest ranked directory matching foo and bar
    #   z foo /            # cd into a subdirectory starting with foo
    #
    #   z ~/foo            # z also works like a regular cd command
    #   z foo/             # cd into relative path
    #   z ..               # cd one level up
    #   z -                # cd into previous directory
    #
    #   zi foo             # cd with interactive selection (using fzf)
    #
    #   z foo<SPACE><TAB>  # show interactive completions (zoxide v0.8.0+, bash 4.4+/fish/zsh only)
    zoxide = {
      enable = true;
      enableBashIntegration = true;
      enableZshIntegration = true;
      enableNushellIntegration = true;
    };
    # Atuin replaces your existing shell history with a SQLite database,
    # and records additional context for your commands.
    # Additionally, it provides optional and fully encrypted
    # synchronisation of your history between machines, via an Atuin server.
    atuin = {
      enable = true;
      enableBashIntegration = true;
      enableZshIntegration = true;
      enableNushellIntegration = true;
    };
  };
  # A command-line fuzzy finder
  programs.fzf.enable = true;
  # very fast version of tldr in Rust
  programs.tealdeer = {
    enable = true;
    enableAutoUpdates = true;
    settings = {
      display = {
        compact = false;
        use_pager = true;
      };
      updates = {
        auto_update = false;
        auto_update_interval_hours = 720;
      };
    };
  };
  # zoxide is a smarter cd command, inspired by z and autojump.
  # It remembers which directories you use most frequently,
  # so you can "jump" to them in just a few keystrokes.
  # zoxide works on all major shells.
  #
  #   z foo              # cd into highest ranked directory matching foo
  #   z foo bar          # cd into highest ranked directory matching foo and bar
  #   z foo /            # cd into a subdirectory starting with foo
  #
  #   z ~/foo            # z also works like a regular cd command
  #   z foo/             # cd into relative path
  #   z ..               # cd one level up
  #   z -                # cd into previous directory
  #
  #   zi foo             # cd with interactive selection (using fzf)
  #
  #   z foo<SPACE><TAB>  # show interactive completions (zoxide v0.8.0+, bash 4.4+/fish/zsh only)
  programs.zoxide = {
    enable = true;
    enableBashIntegration = true;
    enableZshIntegration = true;
    enableNushellIntegration = true;
  };
  # Atuin replaces your existing shell history with a SQLite database,
  # and records additional context for your commands.
  # Additionally, it provides optional and fully encrypted
  # synchronisation of your history between machines, via an Atuin server.
  programs.atuin = {
    enable = true;
    enableBashIntegration = true;
    enableZshIntegration = true;
    enableNushellIntegration = true;
  };
 }
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
 {
  programs.helix = {
    enable = true;
  };
@@ -1,9 +1,9 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
 {
  programs = {
    neovim = {
      enable = true;
      defaultEditor = true;
      viAlias = true;
      vimAlias = true;
    };
@@ -4,17 +4,37 @@
  pkgs,
  myvars,
  ...
-}: {
+}:
 {
  # `programs.git` will generate the config file: ~/.config/git/config
  # to make git use this config file, `~/.gitconfig` should not exist!
  #
  #    https://git-scm.com/docs/git-config#Documentation/git-config.txt---global
-  home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore ["checkLinkTargets"] ''
+  home.activation.removeExistingGitconfig = lib.hm.dag.entryBefore [ "checkLinkTargets" ] ''
    rm -f ${config.home.homeDirectory}/.gitconfig
  '';
-  home.packages = with pkgs; [
+  # GitHub CLI tool
-  ];
+  # https://cli.github.com/manual/
  programs.gh = {
    enable = true;
    settings = {
      git_protocol = "ssh";
      prompt = "enabled";
      aliases = {
        co = "pr checkout";
        pv = "pr view";
      };
    };
    hosts = {
      "github.com" = {
        "users" = {
          "ryan4yin" = null;
        };
        "user" = "ryan4yin";
      };
    };
  };
  programs.git = {
    enable = true;
@@ -36,6 +56,7 @@
      trim.bases = "develop,master,main"; # for git-trim
      push.autoSetupRemote = true;
      pull.rebase = true;
      log.date = "iso"; # use iso format for date
      # replace https with ssh
      url = {
@@ -56,7 +77,7 @@
    #   signByDefault = true;
    # };
-    # A syntax-highlighting pager in Rust(2019 ~ Now)
+    # A syntax-highlighting pager for git, diff, grep, and blame output
    delta = {
      enable = true;
      options = {
@@ -96,4 +117,10 @@
      foreach = "submodule foreach";
    };
  };
  # Git terminal UI (written in go).
  programs.lazygit.enable = true;
  # Yet another Git TUI (written in rust).
  programs.gitui.enable = true;
 }
@@ -0,0 +1,10 @@
 { config, ... }:
 {
  # make `npm install -g <pkg>` happey
  #
  # mainly used to install npm packages that updates frequently
  # such as gemini-cli, claude-code, etc.
  home.file.".npmrc".text = ''
    prefix=${config.home.homeDirectory}/.npm
  '';
 }
@@ -2,10 +2,16 @@ _: {
  # use mirror for pip install
  xdg.configFile."pip/pip.conf".text = ''
    [global]
-    index-url = https://mirrors.ustc.edu.cn/pypi/web/simple
+    index-url = https://mirror.nju.edu.cn/pypi/web/simple
    format = columns
  '';
  # xdg.configFile."pip/pip.conf".text = ''
  #   [global]
  #   index-url = https://mirror.nju.edu.cn/pypi/web/simple
  #   format = columns
  # '';
  # xdg.configFile."pip/pip.conf".text = ''
  #   [global]
  #   index-url = https://mirrors.bfsu.edu.cn/pypi/web/simple
@@ -1,147 +1,175 @@
-# Nushell Config File
+# Based on the default config generated by:
 #    ```
 #    config nu --default
 #    ```
 #
-# version = 0.81.1
+# Nushell Config File Documentation
 #
 # Warning: This file is intended for documentation purposes only and
 # is not intended to be used as an actual configuration file as-is.
 #
 # version = "0.103.0"
 #
 # A `config.nu` file is used to override default Nushell settings,
 # define (or import) custom commands, or run any other startup tasks.
 # See https://www.nushell.sh/book/configuration.html
 #
 # Nushell sets "sensible defaults" for most configuration settings, so
 # the user's `config.nu` only needs to override these defaults if
 # desired.
 #
 # This file serves as simple "in-shell" documentation for these
 # settings, or you can view a more complete discussion online at:
 # https://nushell.sh/book/configuration
 #
 # You can pretty-print and page this file using:
 # config nu --doc | nu-highlight | less -R
-# let's define some colors
+# $env.config
 # -----------
 # The $env.config environment variable is a record containing most Nushell
 # configuration settings. Keep in mind that, as a record, setting it to a
 # new record will remove any keys which aren't in the new record. Nushell
 # will then automatically merge in the internal defaults for missing keys.
 #
 # The same holds true for keys in the $env.config which are also records
 # or lists.
 #
 # For this reason, settings are typically changed by updating the value of
 # a particular key. Merging a new config record is also possible. See the
 # Configuration chapter of the book for more information.
 # https://github.com/catppuccin/i3/blob/main/themes/catppuccin-mocha
 let rosewater = "#f5e0dc"
 let flamingo  = "#f2cdcd"
 let pink      = "#f5c2e7"
 let mauve     = "#cba6f7"
 let red       = "#f38ba8"
 let maroon    = "#eba0ac"
 let peach     = "#fab387"
 let green     = "#a6e3a1"
 let teal      = "#94e2d5"
 let sky       = "#89dceb"
 let sapphire  = "#74c7ec"
 let blue      = "#89b4fa"
 let lavender  = "#b4befe"
 let text      = "#cdd6f4"
 let subtext1  = "#bac2de"
 let subtext0  = "#a6adc8"
 let overlay2  = "#9399b2"
 let overlay1  = "#7f849c"
 let overlay0  = "#6c7086"
 let surface2  = "#585b70"
 let surface1  = "#45475a"
 let surface0  = "#313244"
 let base      = "#1e1e2e"
 let mantle    = "#181825"
 let crust     = "#11111b"
-# we're creating a theme here that uses the colors we defined above.
+$env.config.history.file_format = "sqlite"
 $env.config.history.max_size = 5_000_000
-let catppuccin_theme = {
+# isolation (bool):
-    separator: $overlay2
+# `true`: New history from other currently-open Nushell sessions is not
-    leading_trailing_space_bg: $surface2
+# seen when scrolling through the history using PrevHistory (typically
-    header: $red
+# the Up key) or NextHistory (Down key)
-    date: $pink
+# `false`: All commands entered in other Nushell sessions will be mixed with
-    filesize: $green
+# those from the current shell.
-    row_index: $text
+# Note: Older history items (from before the current shell was started) are
-    bool: $peach
+# always shown.
-    int: $red
+# This setting only applies to SQLite-backed history
-    duration: $sky
+$env.config.history.isolation = true
    range: $sapphire
    float: $lavender
    string: $text
    nothing: $overlay1
    binary: $subtext1
    cellpath: $subtext0
    hints: dark_gray
-    shape_garbage: { fg: $overlay2 bg: $red attr: b}
+# ----------------------
-    shape_bool: $maroon
+# Miscellaneous Settings
-    shape_int: { fg: $pink attr: b}
+# ----------------------
    shape_float: { fg: $pink attr: b}
    shape_range: { fg: $overlay0 attr: b}
    shape_internalcall: { fg: $maroon attr: b}
    shape_external: $mauve
    shape_externalarg: { fg: $red attr: b}
    shape_literal: $flamingo
    shape_operator: $rosewater
    shape_signature: { fg: $red attr: b}
    shape_string: $red
    shape_filepath: $peach
    shape_globpattern: { fg: $teal attr: b}
    shape_variable: $pink
    shape_flag: { fg: $mauve attr: b}
    shape_custom: {attr: b}
 }
-# The default config record. This is where much of your global configuration is setup.
+# show_banner (bool): Enable or disable the welcome banner at startup
-$env.config = {
+$env.config.show_banner = false
  color_config: $catppuccin_theme  # <-- this is the theme
  use_ansi_coloring: true
-  # true or false to enable or disable the welcome banner at startup
+# rm.always_trash (bool):
-  show_banner: false
+# true: rm behaves as if the --trash/-t option is specified
 # false: rm behaves as if the --permanent/-p option is specified (default)
 $env.config.rm.always_trash = true
-  table: {
+# recursion_limit (int): how many times a command can call itself recursively
-    mode: rounded # basic, compact, compact_double, light, thin, with_love, rounded, reinforced, heavy, none, other
+# before an error will be generated.
-    index_mode: always # "always" show indexes, "never" show indexes, "auto" = show indexes when a table has "index" column
+$env.config.recursion_limit = 50
-    show_empty: true # show 'empty list' and 'empty record' placeholders for command output
+
-    trim: {
+# ---------------------------
-      methodology: wrapping # wrapping or truncating
+# Commandline Editor Settings
-      wrapping_try_keep_words: true # A strategy used by the 'wrapping' methodology
+# ---------------------------
-      truncating_suffix: "..." # A suffix used by the 'truncating' methodology
+
-    }
+# edit_mode (string) "vi" or "emacs" sets the editing behavior of Reedline
-  }
+$env.config.edit_mode = "vi"
 # Command that will be used to edit the current line buffer with Ctrl+O.
 # If unset, uses $env.VISUAL and then $env.EDITOR
 #
 $env.config.buffer_editor = ["nvim", "--clean"]
 # cursor_shape_* (string)
 # -----------------------
 # The following variables accept a string from the following selections:
 # "block", "underscore", "line", "blink_block", "blink_underscore", "blink_line", or "inherit"
 # "inherit" skips setting cursor shape and uses the current terminal setting.
 $env.config.cursor_shape.emacs = "inherit"         # Cursor shape in emacs mode
 $env.config.cursor_shape.vi_insert = "block"       # Cursor shape in vi-insert mode
 $env.config.cursor_shape.vi_normal = "underscore"  # Cursor shape in normal vi mode
 # --------------------
 # Terminal Integration
 # --------------------
 # Nushell can output a number of escape codes to enable advanced features in Terminal Emulators
 # that support them. Settings in this section enable or disable these features in Nushell.
 # Features aren't supported by your Terminal can be disabled. Features can also be disabled,
 #  of course, if there is a conflict between the Nushell and Terminal's implementation.
 # use_kitty_protocol (bool):
 # A keyboard enhancement protocol supported by the Kitty Terminal. Additional keybindings are
 # available when using this protocol in a supported terminal. For example, without this protocol,
 # Ctrl+I is interpreted as the Tab Key. With this protocol, Ctrl+I and Tab can be mapped separately.
 $env.config.use_kitty_protocol = false
 # osc2 (bool):
 # When true, the current directory and running command are shown in the terminal tab/window title.
 # Also abbreviates the directory name by prepending ~ to the home directory and its subdirectories.
 $env.config.shell_integration.osc2 = true
 # osc7 (bool):
 # Nushell will report the current directory to the terminal using OSC 7. This is useful when
 # spawning new tabs in the same directory.
 $env.config.shell_integration.osc7 = true
 # osc9_9 (bool):
 # Enables/Disables OSC 9;9 support, originally a ConEmu terminal feature. This is an
 # alternative to OSC 7 which also communicates the current path to the terminal.
 $env.config.shell_integration.osc9_9 = false
 # osc8 (bool):
 # When true, the `ls` command will generate clickable links that can be launched in another
 # application by the terminal.
 # Note: This setting replaces the now deprecated `ls.clickable_links`
 $env.config.shell_integration.osc8 = true
 # osc133 (bool):
 # true/false to enable/disable OSC 133 support, a set of several escape sequences which
 # report the (1) starting location of the prompt, (2) ending location of the prompt,
 # (3) starting location of the command output, and (4) the exit code of the command.
 # originating with Final Term. These sequences report information regarding the prompt
 # location as well as command status to the terminal. This enables advanced features in
 # some terminals, including the ability to provide separate background colors for the
 # command vs. the output, collapsible output, or keybindings to scroll between prompts.
 $env.config.shell_integration.osc133 = true
 # osc633 (bool):
 # true/false to enable/disable OSC 633, an extension to OSC 133 for Visual Studio Code
 $env.config.shell_integration.osc633 = true
 # NU_LIB_DIRS
 # -----------
 # Directories in this constant are searched by the
 # `use` and `source` commands.
 #
 # By default, the `scripts` subdirectory of the default configuration
 # directory is included:
 const NU_LIB_DIRS = [
    ($nu.default-config-dir | path join 'scripts') # add <nushell-config-dir>/scripts
    ($nu.data-dir | path join 'completions') # default home for nushell completions
 ]
 # NU_PLUGIN_DIRS
 # --------------
 # Directories to search for plugin binaries when calling add.
 # By default, the `plugins` subdirectory of the default configuration
 # directory is included:
 const NU_PLUGIN_DIRS = [
    ($nu.default-config-dir | path join 'plugins') # add <nushell-config-dir>/plugins
 ]
 # As with NU_LIB_DIRS, an $env.NU_PLUGIN_DIRS is searched after the constant version
 # The `path add` function from the Standard Library also provides
 # a convenience method for prepending to the path:
 use std/util "path add"
 path add "~/.local/bin"
 # You can remove duplicate directories from the path using:
 $env.PATH = ($env.PATH | uniq)
  completions: {
    case_sensitive: false # set to true to enable case-sensitive completions
    quick: true  # set this to false to prevent auto-selecting completions when only one remains
    partial: true  # set this to false to prevent partial filling of the prompt
    algorithm: "prefix"  # prefix or fuzzy
    external: {
      enable: true # set to false to prevent nushell looking into $env.PATH to find more suggestions, `false` recommended for WSL users as this look up may be very slow
      max_results: 100 # setting it lower can improve completion performance at the cost of omitting some options
      completer: null # check 'carapace_completer' above as an example
    }
  }
  filesize: {
    metric: true # true => KB, MB, GB (ISO standard), false => KiB, MiB, GiB (Windows standard)
    format: "auto" # b, kb, kib, mb, mib, gb, gib, tb, tib, pb, pib, eb, eib, zb, zib, auto
  }
  cursor_shape: {
    emacs: line # block, underscore, line, blink_block, blink_underscore, blink_line (line is the default)
    vi_insert: block # block, underscore, line , blink_block, blink_underscore, blink_line (block is the default)
    vi_normal: underscore # block, underscore, line, blink_block, blink_underscore, blink_line (underscore is the default)
  }
  use_grid_icons: true
  footer_mode: "25" # always, never, number_of_rows, auto
  float_precision: 2 # the precision for displaying floats in tables
  # buffer_editor: "emacs" # command that will be used to edit the current line buffer with ctrl+o, if unset fallback to $env.EDITOR and $env.VISUAL
  bracketed_paste: true # enable bracketed paste, currently useless on windows
  edit_mode: emacs # emacs, vi
  shell_integration: {
        # osc2 abbreviates the path if in the home_dir, sets the tab/window title, shows the running command in the tab/window title
        osc2: true
        # osc7 is a way to communicate the path to the terminal, this is helpful for spawning new tabs in the same directory
        osc7: true
        # osc8 is also implemented as the deprecated setting ls.show_clickable_links, it shows clickable links in ls output if your terminal supports it. show_clickable_links is deprecated in favor of osc8
        osc8: true
        # osc9_9 is from ConEmu and is starting to get wider support. It's similar to osc7 in that it communicates the path to the terminal
        osc9_9: false
        # osc133 is several escapes invented by Final Term which include the supported ones below.
        # 133;A - Mark prompt start
        # 133;B - Mark prompt end
        # 133;C - Mark pre-execution
        # 133;D;exit - Mark execution finished with exit code
        # This is used to enable terminals to know where the prompt is, the command is, where the command finishes, and where the output of the command is
        osc133: true
        # osc633 is closely related to osc133 but only exists in visual studio code (vscode) and supports their shell integration features
        # 633;A - Mark prompt start
        # 633;B - Mark prompt end
        # 633;C - Mark pre-execution
        # 633;D;exit - Mark execution finished with exit code
        # 633;E - NOT IMPLEMENTED - Explicitly set the command line with an optional nonce
        # 633;P;Cwd=<path> - Mark the current working directory and communicate it to the terminal
        # and also helps with the run recent menu in vscode
        osc633: true
        # reset_application_mode is escape \x1b[?1l and was added to help ssh work better
        reset_application_mode: true
    }
  render_right_prompt_on_last_line: false # true or false to enable or disable right prompt to be rendered on last line of the prompt.
 }
@@ -1,26 +1,34 @@
-{pkgs-unstable, ...}: let
+{ config, ... }:
 let
  shellAliases = {
    k = "kubectl";
    urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
    urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
  };
 in {
  # only works in bash/zsh, not nushell
  home.shellAliases = shellAliases;
  programs.nushell = {
    enable = true;
    package = pkgs-unstable.nushell;
    configFile.source = ./config.nu;
    inherit shellAliases;
  };
  localBin = "${config.home.homeDirectory}/.local/bin";
  goBin = "${config.home.homeDirectory}/go/bin";
  rustBin = "${config.home.homeDirectory}/.cargo/bin";
  npmBin = "${config.home.homeDirectory}/.npm/bin";
 in
 {
  programs.bash = {
    enable = true;
    enableCompletion = true;
    bashrcExtra = ''
-      export PATH="$HOME/.local/bin:$HOME/go/bin:$PATH"
+      export PATH="$PATH:${localBin}:${goBin}:${rustBin}:${npmBin}"
    '';
  };
  # NOTE: only works in bash/zsh, not nushell
  home.shellAliases = shellAliases;
  # NOTE: nushell will be launched in bash, so it can inherit all the eenvironment variables.
  programs.nushell = {
    enable = true;
    # package = pkgs-unstable.nushell;
    configFile.source = ./config.nu;
    inherit shellAliases;
  };
 }
@@ -1,8 +1,4 @@
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  programs.starship = {
    enable = true;
@@ -10,24 +6,20 @@
    enableZshIntegration = true;
    enableNushellIntegration = true;
-    settings =
+    settings = {
-      {
+      character = {
-        character = {
+        success_symbol = "[›](bold green)";
-          success_symbol = "[›](bold green)";
+        error_symbol = "[›](bold red)";
-          error_symbol = "[›](bold red)";
+      };
-        };
+      aws = {
-        aws = {
+        symbol = "🅰 ";
-          symbol = "🅰 ";
+      };
-        };
+      gcloud = {
-        gcloud = {
+        # do not show the account/project's info
-          # do not show the account/project's info
+        # to avoid the leak of sensitive information when sharing the terminal
-          # to avoid the leak of sensitive information when sharing the terminal
+        format = "on [$symbol$active(\($region\))]($style) ";
-          format = "on [$symbol$active(\($region\))]($style) ";
+        symbol = "🅶 ️";
-          symbol = "🅶 ️";
+      };
-        };
+    };
        palette = "catppuccin_mocha";
      }
      // builtins.fromTOML (builtins.readFile "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-starship}/palettes/mocha.toml");
  };
 }
@@ -0,0 +1,16 @@
 { catppuccin, ... }:
 {
  # https://github.com/catppuccin/nix
  imports = [
    catppuccin.homeModules.catppuccin
  ];
  catppuccin = {
    # The default `enable` value for all available programs.
    enable = true;
    # one of "latte", "frappe", "macchiato", "mocha"
    flavor = "mocha";
    # one of "blue", "flamingo", "green", "lavender", "maroon", "mauve", "peach", "pink", "red", "rosewater", "sapphire", "sky", "teal", "yellow"
    accent = "pink";
  };
 }
@@ -1,17 +1,17 @@
 { pkgs, ... }:
 {
  pkgs,
  pkgs-unstable,
  nur-ryan4yin,
  ...
 }: {
  # terminal file manager
  programs.yazi = {
    enable = true;
-    package = pkgs-unstable.yazi;
+    package = pkgs.yazi;
    # Changing working directory when exiting Yazi
    enableBashIntegration = true;
    enableNushellIntegration = true;
    settings = {
      manager = {
        show_hidden = true;
        sort_dir_first = true;
      };
    };
  };
  xdg.configFile."yazi/theme.toml".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-yazi}/mocha.toml";
 }
@@ -2,7 +2,8 @@ let
  shellAliases = {
    "zj" = "zellij";
  };
-in {
+in
 {
  programs.zellij = {
    enable = true;
  };
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -1,10 +1,19 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
-  home.packages = with pkgs; [
+{
-    mitmproxy # http/https proxy tool
+  home.packages =
-    insomnia # REST client
+    with pkgs;
-    wireshark # network analyzer
+    [
      mitmproxy # http/https proxy tool
      wireshark # network analyzer
-    # IDEs
+      # IDEs
-    jetbrains.idea-community
+      # jetbrains.idea-community
-  ];
+
      # AI cli tools
      k8sgpt
      kubectl-ai # an ai helper opensourced by google
    ]
    ++ (lib.optionals pkgs.stdenv.isx86_64 [
      insomnia # REST client
    ]);
 }
@@ -13,13 +13,11 @@ My current terminal emulators are:
 1. kitty: My main terminal emulator.
   1. to select/copy a large mount of text, We should do some tricks via kitty's `scrollback_pager`
      with neovim, it's really painful: <https://github.com/kovidgoyal/kitty/issues/719>
-2. wezterm: My secondary terminal emulator.
+2. foot: A fast, lightweight and minimalistic Wayland terminal emulator.
   1. its search ability is very basic, and it's not easy to use.
   1. its scrollback buffer's copy mode is very like vim, which is nice, but zellij's even better,
      it can use neovim as its default scrollback buffer's editor without any pain!
 3. foot: a fast, lightweight and minimalistic Wayland terminal emulator.
   1. foot only do the things a terminal emulator should do, no more, no less.
   1. It's really suitable for tiling window manager or zellij users!
 3. alacritty: A cross-platform, GPU-accelerated terminal emulator.
   1. alacritty is really fast, I use it as a backup terminal emulator on all my desktops.
 ## 'xterm-kitty': unknown terminal type when `ssh` into a remote host or `sudo xxx`
@@ -54,7 +52,7 @@ Error opening terminal: xterm-kitty.
 NixOS preserve the `TERMINFO` and `TERMINFO_DIRS` environment variables, for `root` and the `wheel`
 group:
-[nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/config/terminfo.nix#L18)
+[nixpkgs/nixos/modules/config/terminfo.nix](https://github.com/NixOS/nixpkgs/blob/nixos-25.05/nixos/modules/config/terminfo.nix#L18)
 For nix-darwin, take a look at <https://github.com/LnL7/nix-darwin/wiki/Terminfo-issues>
@@ -0,0 +1,73 @@
 {
  pkgs,
  pkgs-unstable,
  ...
 }:
 ###########################################################
 #
 # Alacritty Configuration
 #
 # Useful Hot Keys for macOS:
 #   1. Multi-Window: `command + N`
 #   2. Increase Font Size: `command + =` | `command + +`
 #   3. Decrease Font Size: `command + -` | `command + _`
 #   4. Search Text: `command + F`
 #   5. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Useful Hot Keys for Linux:
 #   1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
 #   2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
 #   3. Search Text: `ctrl + shift + N`
 #   4. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Note: Alacritty do not have support for Tabs, and any graphic protocol.
 #
 ###########################################################
 {
  programs.alacritty = {
    enable = true;
    # package = pkgs-unstable.alacritty;
    # https://alacritty.org/config-alacritty.html
    settings = {
      window = {
        opacity = 0.93;
        startup_mode = "Maximized"; # Maximized window
        dynamic_title = true;
        option_as_alt = "Both"; # Option key acts as Alt on macOS
        decorations = "None"; # Show neither borders nor title bar
      };
      scrolling = {
        history = 10000;
      };
      font = {
        bold = {
          family = "Maple Mono NF CN";
        };
        italic = {
          family = "Maple Mono NF CN";
        };
        normal = {
          family = "Maple Mono NF CN";
        };
        bold_italic = {
          family = "Maple Mono NF CN";
        };
        size = if pkgs.stdenv.isDarwin then 14 else 13;
      };
      terminal = {
        # Spawn a nushell in login mode via `bash`
        shell = {
          program = "${pkgs.bash}/bin/bash";
          args = [
            "--login"
            "-c"
            "nu --login --interactive"
          ];
        };
        # Controls the ability to write to the system clipboard with the OSC 52 escape sequence.
        # It's used by zellij to copy text to the system clipboard.
        osc52 = "CopyPaste";
      };
    };
  };
 }
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -0,0 +1,32 @@
 { pkgs, ... }:
 {
  programs.foot = {
    # foot is designed only for Linux
    enable = pkgs.stdenv.isLinux;
    # foot can also be run in a server mode. In this mode, one process hosts multiple windows.
    # All Wayland communication, VT parsing and rendering is done in the server process.
    # New windows are opened by running footclient, which remains running until the terminal window is closed.
    #
    # Advantages to run foot in server mode including reduced memory footprint and startup time.
    # The downside is a performance penalty. If one window is very busy with, for example, producing output,
    # then other windows will suffer. Also, should the server process crash, all windows will be gone.
    server.enable = true;
    # https://man.archlinux.org/man/foot.ini.5
    settings = {
      main = {
        term = "foot"; # or "xterm-256color" for maximum compatibility
        font = "Maple Mono NF CN:size=14";
        dpi-aware = "no"; # scale via window manager instead
        # Spawn a nushell in login mode via `bash`
        shell = "${pkgs.bash}/bin/bash --login -c 'nu --login --interactive'";
      };
      mouse = {
        hide-when-typing = "yes";
      };
    };
  };
 }
@@ -0,0 +1,40 @@
 {
  pkgs,
  ghostty,
  ...
 }:
 ###########################################################
 #
 # Ghostty Configuration
 #
 ###########################################################
 {
  programs.ghostty = {
    enable = true;
    package =
      if pkgs.stdenv.isDarwin then
        pkgs.hello # pkgs.ghostty is currently broken on darwin
      else
        pkgs.ghostty; # the stable version
    # package = ghostty.packages.${pkgs.system}.default; # the latest version
    enableBashIntegration = false;
    installBatSyntax = false;
    # installVimSyntax = true;
    settings = {
      font-family = "Maple Mono NF CN";
      font-size = 13;
      background-opacity = 0.93;
      # only supported on macOS;
      background-blur-radius = 10;
      scrollback-limit = 20000;
      # https://ghostty.org/docs/config/reference#command
      #  To resolve issues:
      #    1. https://github.com/ryan4yin/nix-config/issues/26
      #    2. https://github.com/ryan4yin/nix-config/issues/8
      #  Spawn a nushell in login mode via `bash`
      command = "${pkgs.bash}/bin/bash --login -c 'nu --login --interactive'";
    };
  };
 }
@@ -16,26 +16,23 @@
 {
  programs.kitty = {
    enable = true;
    # kitty has catppuccin theme built-in,
    # all the built-in themes are packaged into an extra package named `kitty-themes`
    # and it's installed by home-manager if `theme` is specified.
    theme = "Catppuccin-Mocha";
    font = {
-      name = "JetBrainsMono Nerd Font";
+      name = "Maple Mono NF CN";
      # use different font size on macOS
-      size =
+      size = if pkgs.stdenv.isDarwin then 14 else 13;
        if pkgs.stdenv.isDarwin
        then 14
        else 13;
    };
-    # consistent with wezterm
+    # consistent with other terminal emulators
    keybindings = {
      "ctrl+shift+m" = "toggle_maximized";
      "ctrl+shift+f" = "show_scrollback"; # search in the current window
    };
    settings = {
      # do not show title bar & window title
      hide_window_decorations = "titlebar-and-corners";
      macos_show_window_title_in = "none";
      background_opacity = "0.93";
      macos_option_as_alt = true; # Option key acts as Alt on macOS
      enable_audio_bell = false;
@@ -48,6 +45,6 @@
    };
    # macOS specific settings
-    darwinLaunchOptions = ["--start-as=maximized"];
+    darwinLaunchOptions = [ "--start-as=maximized" ];
  };
 }
@@ -1,105 +0,0 @@
 {pkgs, ...}:
 ###########################################################
 #
 # Wezterm Configuration
 #
 # Useful Hot Keys for Linux(replace `ctrl + shift` with `cmd` on macOS)):
 #   1. Increase Font Size: `ctrl + shift + =` | `ctrl + shift + +`
 #   2. Decrease Font Size: `ctrl + shift + -` | `ctrl + shift + _`
 #   3. And Other common shortcuts such as Copy, Paste, Cursor Move, etc.
 #
 # Default Keybindings: https://wezfurlong.org/wezterm/config/default-keys.html
 #
 ###########################################################
 {
  # wezterm has catppuccin theme built-in,
  # it's not necessary to install it separately.
  # we can add wezterm as a flake input once this PR is merged:
  #    https://github.com/wez/wezterm/pull/3547
  programs.wezterm = {
    enable = true; # disable
    # install wezterm via homebrew on macOS to avoid compilation, dummy package here.
    package =
      if pkgs.stdenv.isLinux
      then pkgs.wezterm
      else pkgs.hello;
    enableBashIntegration = pkgs.stdenv.isLinux;
    enableZshIntegration = pkgs.stdenv.isLinux;
    extraConfig = let
      fontsize =
        if pkgs.stdenv.isLinux
        then "13.0"
        else "14.0";
    in ''
      -- Pull in the wezterm API
      local wezterm = require 'wezterm'
      -- This table will hold the configuration.
      local config = {}
      -- In newer versions of wezterm, use the config_builder which will
      -- help provide clearer error messages
      if wezterm.config_builder then
        config = wezterm.config_builder()
      end
      wezterm.on('toggle-opacity', function(window, pane)
        local overrides = window:get_config_overrides() or {}
        if not overrides.window_background_opacity then
          overrides.window_background_opacity = 0.93
        else
          overrides.window_background_opacity = nil
        end
        window:set_config_overrides(overrides)
      end)
      wezterm.on('toggle-maximize', function(window, pane)
        window:maximize()
      end)
      -- This is where you actually apply your config choices
      config.color_scheme = "Catppuccin Mocha"
      config.font = wezterm.font_with_fallback {
        "JetBrainsMono Nerd Font",
        "FiraCode Nerd Font",
        -- To avoid 'Chinese characters displayed as variant (Japanese) glyphs'
        "Source Han Sans SC",
        "Source Han Sans TC"
      }
      config.hide_tab_bar_if_only_one_tab = true
      config.scrollback_lines = 10000
      config.enable_scroll_bar = true
      config.term = 'wezterm'
      config.keys = {
        -- toggle opacity(CTRL + SHIFT + B)
        {
          key = 'B',
          mods = 'CTRL',
          action = wezterm.action.EmitEvent 'toggle-opacity',
        },
        {
          key = 'M',
          mods = 'CTRL',
          action = wezterm.action.EmitEvent 'toggle-maximize',
        },
      }
      config.font_size = ${fontsize}
      -- To resolve issues:
      --   1. https://github.com/ryan4yin/nix-config/issues/26
      --   2. https://github.com/ryan4yin/nix-config/issues/8
      -- Spawn a nushell in login mode via `bash`
      config.default_prog = { '${pkgs.bash}/bin/bash', '--login', '-c', 'nu --login --interactive' }
      return config
    '';
  };
 }
@@ -1,4 +1,5 @@
-{myvars, ...}: {
+{ myvars, ... }:
 {
  # Home Manager needs a bit of information about you and the
  # paths it should manage.
  home = {
@@ -12,9 +13,6 @@
    # You can update Home Manager without changing this value. See
    # the Home Manager release notes for a list of state version
    # changes in each release.
-    stateVersion = "24.05";
+    stateVersion = "24.11";
  };
  # Let Home Manager install and manage itself.
  programs.home-manager.enable = true;
 }
@@ -2,7 +2,11 @@
  lib,
  pkgs,
  ...
-}: {
+}:
 {
  # https://developer.hashicorp.com/terraform/cli/config/config-file
  home.file.".terraformrc".source = ./terraformrc;
  home.packages = with pkgs; [
    # infrastructure as code
    # pulumi
@@ -27,7 +31,12 @@
    # digitalocean
    doctl
    # google cloud
-    google-cloud-sdk
+    (google-cloud-sdk.withExtraComponents (
      with google-cloud-sdk.components;
      [
        gke-gcloud-auth-plugin
      ]
    ))
    # cloud tools that nix do not have cache for.
    terraform
@@ -0,0 +1,2 @@
 plugin_cache_dir   = "$HOME/.terraform.d/plugin-cache"
 disable_checkpoint = true
@@ -0,0 +1,40 @@
 {
  pkgs,
  pkgs-unstable,
  nur-ryan4yin,
  ...
 }:
 {
  home.packages = with pkgs; [
    podman-compose
    dive # explore docker layers
    lazydocker # Docker terminal UI.
    skopeo # copy/sync images between registries and local storage
    go-containerregistry # provides `crane` & `gcrane`, it's similar to skopeo
    kubectl
    kubectx # kubectx & kubens
    kubectl-view-secret # kubectl view-secret
    kubectl-tree # kubectl tree
    kubectl-node-shell # exec into node
    kubepug # kubernetes pre upgrade checker
    kubebuilder
    istioctl
    clusterctl # for kubernetes cluster-api
    kubevirt # virtctl
    kubernetes-helm
    fluxcd
    argocd
    ko # build go project to container image
  ];
  programs.k9s.enable = true;
  catppuccin.k9s.transparent = true;
  programs.kubecolor = {
    enable = true;
    enableAlias = true;
  };
 }
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -2,7 +2,8 @@
  pkgs,
  pkgs-unstable,
  ...
-}: {
+}:
 {
  #############################################################
  #
  #  Basic settings for development environment
@@ -18,8 +19,8 @@
    colmena # nixos's remote deployment tool
    # db related
-    pkgs-unstable.mycli
+    mycli
-    pkgs-unstable.pgcli
+    pgcli
    mongosh
    sqlite
@@ -27,10 +28,10 @@
    minicom
    # ai related
-    pkgs-unstable.python312Packages.huggingface-hub # huggingface-cli
+    python313Packages.huggingface-hub # huggingface-cli
    # misc
-    pkgs-unstable.devbox
+    devbox
    bfg-repo-cleaner # remove large files from git history
    k6 # load testing tool
    protobuf # protocol buffer compiler
@@ -3,8 +3,7 @@
 My editors:
 1. Neovim
-2. Emacs
+2. Helix
 3. Helix
 And `Zellij` for a smooth and stable terminal experience.
@@ -5,14 +5,12 @@
 - paredit/[lispy](https://github.com/doomemacs/doomemacs/tree/master/modules/editor/lispy): too
  complex.
 - [evil-cleverparens](https://github.com/emacs-evil/evil-cleverparens): simple and useful.
- [parinfer(par-in-fer)](https://shaunlebron.github.io/parinfer/): morden, simple, elegant and
+- [parinfer(par-in-fer)](https://shaunlebron.github.io/parinfer/): modern, simple, elegant and
  useful, but works not well with some other completion plugins...
  - to make parinfer works, you should disable sexp & smartparens in any lisp mode.
 Some plugins:
 - Emacs
  - [parinfer-rusT-mode](https://github.com/justinbarclay/parinfer-rust-mode)
 - Neovim
  - [parinfer-rust](https://github.com/eraserhd/parinfer-rust)
  - <https://github.com/Olical/conjure>
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -1,230 +0,0 @@
 # Emacs Editor
 ## Why emacs?
 1. Explore the unknown, just for fun!
 2. Org Mode
 3. Lisp Coding
 4. A top-level tutorial for Emacs(Chinese): <https://nyk.ma/tags/emacs/>
 5. A Beginner's Guide to Emacs(Chinese):
   <https://github.com/emacs-tw/emacs-101-beginner-survival-guide>
 ## Screenshot
 ![](/_img/emacs-2024-01-07.webp)
 ## Useful Links
 - Framework: <https://github.com/doomemacs/doomemacs>
  - key bindings:
    - source code:
      <https://github.com/doomemacs/doomemacs/blob/master/modules/config/default/%2Bevil-bindings.el>
    - docs: <https://github.com/doomemacs/doomemacs/blob/master/modules/editor/evil/README.org>
  - module index: <https://github.com/doomemacs/doomemacs/blob/master/docs/modules.org>
 - LSP Client: <https://github.com/manateelazycat/lsp-bridge>
 - Emacs Wiki: <https://www.emacswiki.org/emacs/SiteMap>
 - Awesome Emacs: <https://github.com/emacs-tw/awesome-emacs#lsp-client>
 - Chinese(rime) support: <https://github.com/DogLooksGood/emacs-rime>
 - modal editing:
  - <https://github.com/emacs-evil/evil>: evil mode, enabled by default in doom-emacs.
  - <https://github.com/meow-edit/meow>
 ## Install or Update
 After deploying this nix flake, run the following command to install or update emacs:
 ```bash
 doom sync
 ```
 when in doubt, run `doom sync`!
 ## Testing
 > via `Justfile` located at the root of this repo.
 ```bash
 # testing
 just emacs-test
 just emacs-purge
 just emacs-reload
 # clear test data
 just emacs-clean
 ```
 ## Limits
 - It's too slow to start up and install(compile/build) packages.
  - I have to use emacs in daemon/client mode to avoid this issue.
 - It's too large in size, not suitable for servers.
  - So vim/neovim is still the best choice for servers.
 - Emacs's markdown-mode works not well with tables, see:
  - https://github.com/jrblevin/markdown-mode/issues/380
 - I use git command frequently, but doomemacs only autoupdates status of git diff / treemacs when
  using magit.
  - I have to learn magit to avoid this issue...
 - GitHub's orgmode support is not well, Markdown is better for GitHub.
  - Use markdown for repo's README.md, and use orgmode for my personal notes and docs only.
 ## Cheetsheet
 Here is the cheetsheet related to my DoomEmacs configs. Please read vim's common cheetsheet at
 [../README.md](../README.md) before reading the following.
 ### Basics
 > Terminal(vterm) is useful in GUI mode, I use Zellij instead in terminal mode.
 | Action                 | Shortcut                                          |
 | ---------------------- | ------------------------------------------------- |
 | Popup Terminal(vterm)  | `SPC + o + t`                                     |
 | Open Terminal          | `SPC + o + T`                                     |
 | Open file tree sidebar | `SPC + o + p`                                     |
 | Frame fullscreen       | `SPC + t + F`                                     |
 | Exit                   | `M-x C-c`                                         |
 | Execute Command        | `M-x`(hold on `Alt`/`option`, and then press `x`) |
 | Eval Lisp Code         | `M-:`(hold on `Alt`/`option`, and then press `:`) |
 ### Window Navigation
 | Action                                     | Shortcut                                                              |
 | ------------------------------------------ | --------------------------------------------------------------------- |
 | Split a window vertically and horizontally | `SPC w v/s`                                                           |
 | Move to a window in a specific direction   | `Ctrl-w + h/j/k/l`                                                    |
 | Move a window to a specific direction      | `Ctrl-w + H/J/K/L`                                                    |
 | Move to the next window                    | `SPC w w`                                                             |
 | Close the current window                   | `SPC w q`                                                             |
 | Rebalance all windows                      | `SPC w =`                                                             |
 | Set window's width(columns)                | `80 SPC w \|` (the Vertical line is escaped due to markdown's limits) |
 | Set window's height                        | `30 SPC w _ `                                                         |
 ### File Tree
 - treemacs: <https://github.com/Alexander-Miller/treemacs/blob/master/src/elisp/treemacs-mode.el>
 - treemacs-evil:
  <https://github.com/Alexander-Miller/treemacs/blob/master/src/extra/treemacs-evil.el>
 | Action                                | Shortcut  |
 | ------------------------------------- | --------- |
 | Resize Treemacs's window              | `>` & `<` |
 | Extra Wide Window                     | `W`       |
 | Rename                                | `R`       |
 | Delete File/Direcoty                  | `d`       |
 | New File                              | `cf`      |
 | New Directory                         | `cd`      |
 | Go to parent                          | `u`       |
 | Run shell command in for current node | `!`       |
 | Refresh file tree                     | `gr`      |
 | Copy project-path into pasteboard     | `yp`      |
 | Copy absolute-path into pasteboard    | `ya`      |
 | Copy relative-path into pasteboard    | `yr`      |
 | Copy file to another location         | `yf`      |
 | Move file to another location         | `m`       |
 | quit                                  | `q`       |
 And bookmarks:
 - Add bookmarks in treemacs: `b`
 - Show Bookmark List: `SPC s m`
 ### Splitting and Buffers
 | Action                  | Shortcut          |
 | ----------------------- | ----------------- |
 | Buffer List             | `<Space> + ,`     |
 | Save all buffers(Tab)   | `<Space> + b + S` |
 | Kill the current buffer | `<Space> + b + k` |
 | Kill all buffers        | `<Space> + b + K` |
 ### Editing and Formatting
 | Action                                     | Shortcut            |
 | ------------------------------------------ | ------------------- |
 | Format Document                            | `<Space> + cf`      |
 | Code Actions                               | `<Space> + ca`      |
 | Rename                                     | `<Space> + cr`      |
 | Opening LSP symbols                        | `<Space> + cS`      |
 | Show all LSP Errors                        | `<Space> + c + x/X` |
 | Show infinite undo history(really useful!) | `<Space> + s + u`   |
 | Open filepath/URL at cursor                | `gf`                |
 | Find files by keyword in path              | `<Space> + <Space>` |
 | Grep string in files (vertico + ripgrep)   | `<Space> + sd`      |
 ### Image Preview(GUI mode only)
 Use `-`, `+` to resize the image, `r` to rotate the image.
 ### Search & replace
 ```bash
 SPC s p foo C-; E C-c C-p :%s/foo/bar/g RET Z Z
 ```
 1. `SPC s p`: search in project
 1. `foo`: the keyword to search
 1. `C-; E`: exports what you’re looking at into a new buffer in grep-mode
 1. `C-c C-p` to run wgrep-change-to-wgrep-mode to make the search results writable.
 1. `:%s/foo/bar/g RET`: replace in the current buffer(just like neovim/vim)
 1. `Z Z`: to write all the changes to their respective files
 ### Projects
 > easily switch between projects without exit emacs!
 | Action                     | Shortcut      |
 | -------------------------- | ------------- |
 | Switch between projects    | `SPC + p + p` |
 | Browse the current project | `SPC + p + .` |
 | Add new project            | `SPC + p + a` |
 ### Workspaces
 > Very useful when run emacs in daemon/client modes
 | Action                      | Shortcut                    |
 | --------------------------- | --------------------------- |
 | Switch between workspaces   | `M-1/2/3/...`(Alt-1/2/3/..) |
 | New Workspace               | `SPC + TAB + n`             |
 | New Named Workspace         | `SPC + TAB + N`             |
 | Delete Workspace            | `SPC + TAB + d`             |
 | Display Workspaces bar blow | `SPC + TAB + TAB`           |
 ### Magit
 > https://github.com/magit/magit
 Magit is a powerful tool that make git operations easy and intuitive.
 | Action                   | Shortcut                 |
 | ------------------------ | ------------------------ |
 | Open Magit               | `C-x g` or `SPC + g + g` |
 | Switch branch            | `SPC + g + b`            |
 | Show buffer's commit log | `SPC + g + L`            |
 Shortcuts in magit's pane:
 > When run `git commit` / `git add` / `git push` /... via magit, multiple Arguments can be set. Set
 > arguments won't trigger a git command immediately. Magit will try to run a git command only after
 > an Action key is pressed.
 | Action                                             | Shortcut                                      |
 | -------------------------------------------------- | --------------------------------------------- |
 | Quit the current Magit pane                        | `q`                                           |
 | Show log                                           | `l`                                           |
 | Show current branch's log                          | `l + l`                                       |
 | Show current reflog                                | `l + r`                                       |
 | Commit                                             | `c`                                           |
 | Stage                                              | `s`                                           |
 | Unstage                                            | `u`                                           |
 | Push                                               | `p`                                           |
 | Pull                                               | `f`                                           |
 | Rebase                                             | `r`                                           |
 | Rebase Interactively                               | `r + i`, select on a commit, then `C-c + C-c` |
 | Stash                                              | `z`                                           |
 | Merge                                              | `m`                                           |
 | Fold/Unfold                                        | `TAB`                                         |
 | Show details of the current unit(commit/stage/...) | `<ENTER>`                                     |
 KeyBinding full list:
 <https://github.com/emacs-evil/evil-collection/tree/master/modes/magit#key-bindings>
@@ -1,132 +0,0 @@
 # ==============================================
 # Based on doomemacs's auther's config:
 #   https://github.com/hlissner/dotfiles/blob/master/modules/editors/emacs.nix
 #
 # Emacs Tutorials:
 #  1. Official: <https://www.gnu.org/software/emacs/tour/index.html>
 #  2. Doom Emacs: <https://github.com/doomemacs/doomemacs/blob/master/docs/index.org>
 #
 {
  config,
  lib,
  pkgs,
  doomemacs,
  ...
 }:
 with lib; let
  cfg = config.modules.editors.emacs;
  envExtra = ''
    export PATH="${config.xdg.configHome}/emacs/bin:$PATH"
  '';
  shellAliases = {
    e = "emacsclient --create-frame"; # gui
    et = "emacsclient --create-frame --tty"; # termimal
  };
  librime-dir = "${config.xdg.dataHome}/emacs/librime";
  parinfer-rust-lib-dir = "${config.xdg.dataHome}/emacs/parinfer-rust";
  myEmacsPackagesFor = emacs: ((pkgs.emacsPackagesFor emacs).emacsWithPackages (epkgs: [
    epkgs.vterm
  ]));
 in {
  options.modules.editors.emacs = {
    enable = mkEnableOption "Emacs Editor";
  };
  config = mkIf cfg.enable (mkMerge [
    {
      home.packages = with pkgs; [
        ## Doom dependencies
        git
        (ripgrep.override {withPCRE2 = true;})
        gnutls # for TLS connectivity
        ## Optional dependencies
        fd # faster projectile indexing
        imagemagick # for image-dired
        fd # faster projectile indexing
        zstd # for undo-fu-session/undo-tree compression
        # go-mode
        # gocode # project archived, use gopls instead
        ## Module dependencies
        # :checkers spell
        (aspellWithDicts (ds: with ds; [en en-computers en-science]))
        # :tools editorconfig
        editorconfig-core-c # per-project style config
        # :tools lookup & :lang org +roam
        sqlite
        # :lang latex & :lang org (latex previews)
        # texlive.combined.scheme-medium
      ];
      programs.bash.bashrcExtra = envExtra;
      programs.zsh.envExtra = envExtra;
      home.shellAliases = shellAliases;
      programs.nushell.shellAliases = shellAliases;
      xdg.configFile."doom" = {
        source = ./doom;
        force = true;
      };
      home.activation.installDoomEmacs = lib.hm.dag.entryAfter ["writeBoundary"] ''
        ${pkgs.rsync}/bin/rsync -avz --chmod=D2755,F744 ${doomemacs}/ ${config.xdg.configHome}/emacs/
        # librime for emacs-rime
        mkdir -p ${librime-dir}
        ${pkgs.rsync}/bin/rsync -avz --chmod=D2755,F744 ${pkgs.librime}/ ${librime-dir}/
        # libparinfer_rust for emacs' parinfer-rust-mode
        mkdir -p ${parinfer-rust-lib-dir}
        ${pkgs.rsync}/bin/rsync -avz --chmod=D2755,F744  ${pkgs.vimPlugins.parinfer-rust}/lib/libparinfer_rust.* ${parinfer-rust-lib-dir}/parinfer-rust.so
      '';
    }
    (mkIf pkgs.stdenv.isLinux (
      let
        # Do not use emacs-nox here, which makes the mouse wheel work abnormally in terminal mode.
        # pgtk (pure gtk) build add native support for wayland.
        # https://www.gnu.org/savannah-checkouts/gnu/emacs/emacs.html#Releases
        emacsPkg = myEmacsPackagesFor pkgs.emacs29-pgtk;
      in {
        home.packages = [emacsPkg];
        services.emacs = {
          enable = true;
          package = emacsPkg;
          client = {
            enable = true;
            arguments = [" --create-frame"];
          };
          startWithUserSession = true;
        };
      }
    ))
    (mkIf pkgs.stdenv.isDarwin (
      let
        # macport adds some native features based on GNU Emacs 29
        # https://bitbucket.org/mituharu/emacs-mac/src/master/README-mac
        emacsPkg = myEmacsPackagesFor pkgs.emacs29;
      in {
        home.packages = [emacsPkg];
        launchd.enable = true;
        launchd.agents.emacs = {
          enable = true;
          config = {
            ProgramArguments = [
              "${pkgs.bash}/bin/bash"
              "-l"
              "-c"
              "${emacsPkg}/bin/emacs --fg-daemon"
            ];
            StandardErrorPath = "${config.home.homeDirectory}/Library/Logs/emacs-daemon.stderr.log";
            StandardOutPath = "${config.home.homeDirectory}/Library/Logs/emacs-daemon.stdout.log";
            RunAtLoad = true;
            KeepAlive = true;
          };
        };
      }
    ))
  ]);
 }
@@ -1,175 +0,0 @@
 ;;; $DOOMDIR/config.el -*- lexical-binding: t; -*-
 ;; Place your private configuration here! Remember, you do not need to run 'doom
 ;; sync' after modifying this file!
 ;; Some functionality uses this to identify you, e.g. GPG configuration, email
 ;; clients, file templates and snippets. It is optional.
 ;; (setq user-full-name "John Doe"
 ;;       user-mail-address "john@doe.com")
 ;; Doom exposes five (optional) variables for controlling fonts in Doom:
 ;;
 ;; - `doom-font' -- the primary font to use
 ;; - `doom-variable-pitch-font' -- a non-monospace font (where applicable)
 ;; - `doom-big-font' -- used for `doom-big-font-mode'; use this for
 ;;   presentations or streaming.
 ;; - `doom-symbol-font' -- for symbols
 ;; - `doom-serif-font' -- for the `fixed-pitch-serif' face
 ;;
 ;; See 'C-h v doom-font' for documentation and more examples of what they
 ;; accept. For example:
 ;;
 (setq doom-font (font-spec :family "JetBrainsMono Nerd Font" :size 18)
      doom-variable-pitch-font (font-spec :family "DejaVu Sans")
      doom-symbol-font (font-spec :family "Symbols Nerd Font Mono")
      doom-big-font (font-spec :family "JetBrainsMono Nerd Font" :size 28))
 ;; Users should inject their own font logic in `after-setting-font-hook'
 ;; Add font for CJK charset
 (defun init-cjk-fonts()
  (dolist (charset '(kana han cjk-misc bopomofo))
    (set-fontset-font (frame-parameter nil 'font)
                      charset (font-spec :family "Source Han Sans SC"))))
 (add-hook 'after-setting-font-hook 'init-cjk-fonts)
 ;; If you or Emacs can't find your font, use 'M-x describe-font' to look them
 ;; up, `M-x eval-region' to execute elisp code, and 'M-x doom/reload-font' to
 ;; refresh your font settings. If Emacs still can't find your font, it likely
 ;; wasn't installed correctly. Font issues are rarely Doom issues!
 ;; There are two ways to load a theme. Both assume the theme is installed and
 ;; available. You can either set `doom-theme' or manually load a theme with the
 ;; `load-theme' function. This is the default:
 ;; other doom's official themes:
 ;;   https://github.com/doomemacs/themes
 (setq doom-theme 'doom-dracula) ;; doom-one doom-dracula doom-nord
 (if (eq system-type 'darwin)
    ;; Transparent Backgroud - for macOS
    ;;(set-frame-parameter (selected-frame) 'alpha '(<active> . <inactive>))
    ;;(set-frame-parameter (selected-frame) 'alpha <both>)
    (progn
      (set-frame-parameter (selected-frame) 'alpha '(85 . 70))
      (add-to-list 'default-frame-alist '(alpha . (85 . 70))))
  ;; Transparent Background - for Linux Xorg/Wayland
  (set-frame-parameter nil 'alpha-background 93) ; For current frame
  (add-to-list 'default-frame-alist '(alpha-background . 93))); For all new frames henceforth
 ;; This determines the style of line numbers in effect. If set to `nil', line
 ;; numbers are disabled. For relative line numbers, set this to `relative'.
 (setq display-line-numbers-type t)
 (setq warning-minimum-level :error)
 ;; If you use `org' and don't want your org files in the default location below,
 ;; change `org-directory'. It must be set before org loads!
 (setq org-directory "~/org/")
 ;; Whenever you reconfigure a package, make sure to wrap your config in an
 ;; `after!' block, otherwise Doom's defaults may override your settings. E.g.
 ;;
 ;;   (after! PACKAGE
 ;;     (setq x y))
 ;;
 ;; The exceptions to this rule:
 ;;
 ;;   - Setting file/directory variables (like `org-directory')
 ;;   - Setting variables which explicitly tell you to set them before their
 ;;     package is loaded (see 'C-h v VARIABLE' to look up their documentation).
 ;;   - Setting doom variables (which start with 'doom-' or '+').
 ;;
 ;; Here are some additional functions/macros that will help you configure Doom.
 ;;
 ;; - `load!' for loading external *.el files relative to this one
 ;; - `use-package!' for configuring packages
 ;; - `after!' for running code after a package has loaded
 ;; - `add-load-path!' for adding directories to the `load-path', relative to
 ;;   this file. Emacs searches the `load-path' when you load packages with
 ;;   `require' or `use-package'.
 ;; - `map!' for binding new keys
 ;;
 ;; To get information about any of these functions/macros, move the cursor over
 ;; the highlighted symbol at press 'K' (non-evil users must press 'C-c c k').
 ;; This will open documentation for it, including demos of how they are used.
 ;; Alternatively, use `C-h o' to look up a symbol (functions, variables, faces,
 ;; etc).
 ;;
 ;; You can also try 'gd' (or 'C-c c d') to jump to their definition and see how
 ;; they are implemented.
 ;; use alejandra to format nix files
 (use-package! lsp-nix
  :ensure lsp-mode
  :after
  (lsp-mode)
  :demand t
  :custom
  (lsp-nix-nil-formatter
   ["alejandra"]))
 (use-package! nushell-mode
  :config
  (setq nushell-enable-auto-indent 1))
 (after! vterm
  (setq vterm-shell "nu")) ; use nushell by defualt
 ;; emacs-rime
 (use-package! rime
  :custom
  (default-input-method "rime")
  (rime-librime-root "~/.local/share/emacs/librime"))
 ;; use parinfer for lisp editing
 (use-package! parinfer-rust-mode
  :hook ((emacs-lisp-mode
          clojure-mode
          scheme-mode
          lisp-mode
          racket-mode
          fennel-mode
          hy-mode) . parinfer-rust-mode)
  :init
  ;; parinfer-rust library do not provide a apple silicon binary.
  ;; fix: https://github.com/doomemacs/doomemacs/issues/6163
  (setq parinfer-rust-auto-download 0)
  ;; we need to download it manually and put it in this path
  (setq parinfer-rust-library "~/.local/share/emacs/parinfer-rust/parinfer-rust.so")
  :config
  (map! :map parinfer-rust-mode-map
        :localleader
        "p" #'parinfer-rust-switch-mode
        "P" #'parinfer-rust-toggle-disable))
 ;; disable smatparens-mode here to void conflict with parinfer
 ;; https://discourse.doomemacs.org/t/disable-smartparens-or-parenthesis-completion/134
 (add-hook 'clojure-mode-hook        #'turn-off-smartparens-mode)
 (add-hook 'scheme-mode-hook         #'turn-off-smartparens-mode)
 (add-hook 'lisp-mode-hook           #'turn-off-smartparens-mode)
 (add-hook 'racket-mode-hook         #'turn-off-smartparens-mode)
 (add-hook 'fennel-mode-hook         #'turn-off-smartparens-mode)
 (add-hook 'hy-mode-hook             #'turn-off-smartparens-mode)
 ;; auto-save
 (use-package super-save
  :ensure t
  :config
  (super-save-mode +1)
  (setq super-save-auto-save-when-idle t)
  (setq auto-save-default nil))
 ;; save on find-file
 (add-to-list 'super-save-hook-triggers 'find-file-hook)
 (use-package! copilot
  :hook
  (prog-mode . copilot-mode)
  :bind
  (:map copilot-completion-map
        ("<tab>" . 'copilot-accept-completion)
        ("TAB" . 'copilot-accept-completion)
        ("C-TAB" . 'copilot-accept-completion-by-word)
        ("C-<tab>" . 'copilot-accept-completion-by-word))
  :config
  (copilot-mode +1))
 (use-package! wakatime-mode :ensure t)
@@ -1,211 +0,0 @@
 ;;; init.el -*- lexical-binding: t; -*-
 ;; This file controls what Doom modules are enabled and what order they load
 ;; in. Remember to run 'doom sync' after modifying it!
 ;; NOTE Press 'SPC h d h' (or 'C-h d h' for non-vim users) to access Doom's
 ;;      documentation. There you'll find a link to Doom's Module Index where all
 ;;      of our modules are listed, including what flags they support.
 ;; NOTE Move your cursor over a module's name (or its flags) and press 'K' (or
 ;;      'C-c c k' for non-vim users) to view its documentation. This works on
 ;;      flags as well (those symbols that start with a plus).
 ;;
 ;;      Alternatively, press 'gd' (or 'C-c c d') on a module to browse its
 ;;      directory (for easy access to its source code).
 (doom! :input
       ;;bidi              ; (tfel ot) thgir etirw uoy gnipleh
       chinese
       ;;japanese
       ;;layout            ; auie,ctsrnm is the superior home row
       :completion
       ;; (company +childframe)  ; conflict with lsp-bridge
                                        ; the ultimate code completion backend
       ;;helm              ; the *other* search engine for love and life
       ;;ido               ; the other *other* search engine...
       ;;ivy               ; a search engine for love and life
       vertico                          ; the search engine of the future
       :ui
       ;;deft              ; notational velocity for Emacs
       doom                             ; what makes DOOM look the way it does
       doom-dashboard                   ; a nifty splash screen for Emacs
       ;;doom-quit         ; DOOM quit-message prompts when you quit Emacs
       ;; (emoji +unicode) ; Emacs 29 provides native support for inserting Unicode emojis.
                                        ; 🙂
       hl-todo            ; highlight TODO/FIXME/NOTE/DEPRECATED/HACK/REVIEW
       indent-guides      ; highlighted indent columns
       ligatures          ; ligatures and symbols to make your code pretty again
       modeline           ; snazzy, Atom-inspired modeline, plus API
       ophints            ; highlight the region an operation acts on
       (popup +defaults)
                                        ; tame sudden yet inevitable temporary windows
       tabs                             ; a tab bar for Emacs
       treemacs                 ; a project drawer, like neotree but cooler
       unicode                  ; extended unicode support for various languages
       (vc-gutter +pretty)
                                        ; vcs diff in the fringe
       vi-tilde-fringe                  ; fringe tildes to mark beyond EOB
       ;;window-select     ; visually switch windows
       workspaces       ; tab emulation, persistence & separate workspaces
       ;;zen               ; distraction-free coding or writing
       :editor
       (evil +everywhere)
                                        ; come to the dark side, we have cookies
       file-templates                   ; auto-snippets for empty files
       fold                             ; (nigh) universal code folding
       (format +onsave)
                                        ; automated prettiness
       ;; multiple-cursors  ; editing in many places at once
       ;; objed             ; text object editing for the innocent, conflict with parinfer
       parinfer          ; turn lisp into python, sort of, conflict with copilot/objed/smartparens
       ;;rotate-text       ; cycle region at point between text candidates
       snippets   ; my elves. They type so I don't have to
       word-wrap         ; soft wrapping with language-aware indent
       :emacs
       dired             ; making dired pretty [functional]
       electric          ; smarter, keyword-based electric-indent
       ibuffer         ; interactive buffer management
       undo              ; persistent, smarter undo for your inevitable mistakes
       vc                ; version-control and Emacs, sitting in a tree
       :term
       ;;eshell            ; the elisp shell that works everywhere
       ;;shell             ; simple shell REPL for Emacs
       ;;term              ; basic terminal emulator for Emacs
       vterm                            ; the best terminal emulation in Emacs
       :checkers
       syntax                        ; tasing you for every semicolon you forget
       (spell +flyspell)
                                        ; tasing you for misspelling mispelling
       grammar                          ; tasing grammar mistake every you make
       :tools
       ;;ansible
       ;;biblio            ; Writes a PhD for you (citation needed)
       ;;collab            ; buffers with friends
       ;;debugger          ; FIXME stepping through code, to help you add bugs
       ;;direnv
       (docker)
       editorconfig      ; let someone else argue about tabs vs spaces
       ;;ein               ; tame Jupyter notebooks with emacs
       (eval +overlay)
                                        ; run code, run (also, repls)
       lookup                   ; navigate your code and its documentation
       lsp    ; lsp-mode, conflict with lsp-bridge
       magit                    ; a git porcelain for Emacs
       ;;make              ; run make tasks from Emacs
       ;;pass              ; password manager for nerds
       pdf                              ; pdf enhancements
       ;;prodigy           ; FIXME managing external services & code builders
       (terraform)
                                        ; infrastructure as code
       tree-sitter                    ; syntax and parsing, sitting in a tree...
       ;;upload            ; map local to remote projects via ssh/ftp
       :os
       (:if IS-MAC macos)
                                        ; improve compatibility with macOS
       tty                              ; improve the terminal Emacs experience
       :lang
       ;;agda              ; types of types of types of types...
       ;;beancount         ; mind the GAAP
       (cc +lsp +tree-sitter)
                                        ; C > C++ == 1
       ;;clojure           ; java with a lisp
       ;;common-lisp       ; if you've seen one lisp, you've seen them all
       ;;coq               ; proofs-as-programs
       ;;crystal           ; ruby at the speed of c
       ;;csharp            ; unity, .NET, and mono shenanigans
       data                     ; config/data formats
       ;;(dart +flutter)   ; paint ui and not much else
       ;;dhall
       ;;elixir            ; erlang done right
       ;;elm               ; care for a cup of TEA?
       emacs-lisp                       ; drown in parentheses
       ;;erlang            ; an elegant language for a more civilized age
       ;;ess               ; emacs speaks statistics
       ;;factor
       ;;faust             ; dsp, but you get to keep your soul
       ;;fortran           ; in FORTRAN, GOD is REAL (unless declared INTEGER)
       ;;fsharp            ; ML stands for Microsoft's Language
       ;;fstar             ; (dependent) types and (monadic) effects and Z3
       ;;gdscript          ; the language you waited for
       (go +lsp +tree-sitter)  ;; disable go-mode, use lsp-bridge instead
                                        ; the hipster dialect
       ;;(graphql)    ; Give queries a REST
       ;;(haskell)    ; a language that's lazier than I am
       ;;hy                ; readability of scheme w/ speed of python
       ;;idris             ; a language you can depend on
       (json +lsp +tree-sitter)
                                        ; At least it ain't XML
       (java +lsp +tree-sitter)
                                        ; the poster child for carpal tunnel syndrome
       (javascript +lsp +tree-sitter)
                                        ; all(hope(abandon(ye(who(enter(here))))))
       ;;julia             ; a better, faster MATLAB
       ;;kotlin            ; a better, slicker Java(Script)
       (latex)
                                        ; writing papers in Emacs has never been so fun
       ;;lean              ; for folks with too much to prove
       ;;ledger            ; be audit you can be
       (lua +lsp +tree-sitter)
                                        ; one-based indices? one-based indices
       (markdown +grip)
                                        ; writing docs for people to ignore
       ;;nim               ; python + lisp at the speed of c
       (nix +lsp +tree-sitter)
                                        ; I hereby declare "nix geht mehr!"
       ;;ocaml             ; an objective camel
       (org +pandoc +hugo +jupyter)  ; organize your plain life in plain text
       ;;php               ; perl's insecure younger brother
       ;;plantuml          ; diagrams for confusing people more
       ;;purescript        ; javascript, but functional
       (python +lsp +tree-sitter +pyright)
                                        ; beautiful is better than ugly
       ;;qt                ; the 'cutest' gui framework ever
       racket           ; a DSL for DSLs
       ;;raku              ; the artist formerly known as perl6
       ;;rest              ; Emacs as a REST client
       ;;rst               ; ReST in peace
       ;;(ruby +rails)     ; 1.step {|i| p "Ruby is #{i.even? ? 'love' : 'life'}"}
       (rust +lsp +tree-sitter)
                                        ; Fe2O3.unwrap().unwrap().unwrap().unwrap()
       ;;scala             ; java, but good
       (scheme +guile)
                                        ; a fully conniving family of lisps
       (sh +lsp +tree-sitter)
                                        ; she sells {ba,z,fi}sh shells on the C xor
       ;;sml
       ;;solidity          ; do you need a blockchain? No.
       ;;swift             ; who asked for emoji variables?
       ;;terra             ; Earth and Moon in alignment for performance.
       (web +lsp +tree-sitter)
                                        ; support for various web languages, including HTML5, CSS, SASS/SCSS, Pug/Jade/Slim, and more
       (yaml +lsp +tree-sitter)
                                        ; JSON, but readable
       ;;zig               ; C, but simpler
       :email
       ;;(mu4e +org +gmail)
       ;;notmuch
       ;;(wanderlust +gmail)
       :app
       ;;calendar
       ;;emms
       ;;everywhere        ; *leave* Emacs!? You must be joking
       ;;irc               ; how neckbeards socialize
       ;;(rss +org)        ; emacs as an RSS reader
       ;;twitter           ; twitter client https://twitter.com/vnought
       :config
       ;;literate
       (default +bindings +smartparens))
@@ -1,64 +0,0 @@
 ;; -*- no-byte-compile: t; -*-
 ;;; $DOOMDIR/packages.el
 ;; To install a package with Doom you must declare them here and run 'doom sync'
 ;; on the command line, then restart Emacs for the changes to take effect -- or
 ;; use 'M-x doom/reload'.
 (package! super-save)
 (package! rime)
 (package! wakatime-mode
  :recipe
  (:host github :repo "wakatime/wakatime-mode" :files
         ("*.el" "dist")))
 (package! nushell-mode :recipe
  (:host github :repo "mrkkrp/nushell-mode"))
 (package! copilot
  :recipe
  (:host github :repo "copilot-emacs/copilot.el" :files
         ("*.el" "dist")))
 ;; To install SOME-PACKAGE from MELPA, ELPA or emacsmirror:
 ;; (package! some-package)
 ;; To install a package directly from a remote git repo, you must specify a
 ;; `:recipe'. You'll find documentation on what `:recipe' accepts here:
 ;; https://github.com/radian-software/straight.el#the-recipe-format
 ;; (package! another-package
 ;;   :recipe (:host github :repo "username/repo"))
 ;; If the package you are trying to install does not contain a PACKAGENAME.el
 ;; file, or is located in a subdirectory of the repo, you'll need to specify
 ;; `:files' in the `:recipe':
 ;; (package! this-package
 ;;   :recipe (:host github :repo "username/repo"
 ;;            :files ("some-file.el" "src/lisp/*.el")))
 ;; If you'd like to disable a package included with Doom, you can do so here
 ;; with the `:disable' property:
 ;; (package! builtin-package :disable t)
 ;; You can override the recipe of a built in package without having to specify
 ;; all the properties for `:recipe'. These will inherit the rest of its recipe
 ;; from Doom or MELPA/ELPA/Emacsmirror:
 ;; (package! builtin-package :recipe (:nonrecursive t))
 ;; (package! builtin-package-2 :recipe (:repo "myfork/package"))
 ;; Specify a `:branch' to install a package from a particular branch or tag.
 ;; This is required for some packages whose default branch isn't 'master' (which
 ;; our package manager can't deal with; see radian-software/straight.el#279)
 ;; (package! builtin-package :recipe (:branch "develop"))
 ;; Use `:pin' to specify a particular commit to install.
 ;; (package! builtin-package :pin "1a2b3c4d5e")
 ;; Doom's packages are pinned to a specific commit and updated from release to
 ;; release. The `unpin!' macro allows you to unpin single packages...
 ;; (unpin! pinned-package)
 ;; ...or multiple packages
 ;; (unpin! pinned-package another-pinned-package)
 ;; ...Or *all* packages (NOT RECOMMENDED; will likely break things)
 ;; (unpin! t)
@@ -20,7 +20,7 @@ Use `:tutor` in helix to start the tutorial.
   1. Helix: delete 2 word: `2w` then `x`. You can always see what you're selecting before you apply
      the action.
   2. Neovim: delete 2 word: `d`. then `2w`. No visual feedback before you apply the action.
-1. Helix - Morden builtin features: LSP, tree-sitter, fuzzy finder, multi cursors, surround and
+1. Helix - Modern builtin features: LSP, tree-sitter, fuzzy finder, multi cursors, surround and
   more.
   1. They're all available in Neovim too, but you need to find and use the right plugins manually,
      which takes time and effort.
@@ -1,16 +1,9 @@
 { pkgs, ... }:
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  # https://github.com/catppuccin/helix
  xdg.configFile."helix/themes".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-helix}/themes/default";
  programs.helix = {
    enable = true;
    package = pkgs.helix;
    settings = {
      theme = "catppuccin_mocha";
      editor = {
        line-number = "relative";
        cursorline = true;
@@ -29,7 +22,10 @@
          w = ":w";
          q = ":q";
        };
-        esc = ["collapse_selection" "keep_primary_selection"];
+        esc = [
          "collapse_selection"
          "keep_primary_selection"
        ];
      };
    };
  };
@@ -84,6 +84,8 @@ plugin.
 | Show line diagnostics         | `gl`           |
 | Show function/variable info   | `K`            |
 | References of a symbol        | `gr`           |
 | Next tab                      | `]b`           |
 | Previous tab                  | `[b`           |
 ### Window Navigation
@@ -94,8 +96,11 @@ plugin.
 ### Splitting and Buffers
-| | Action | Shortcut | | --------------------- | ------------- | | Horizontal Split | `\` | |
+| Action           | Shortcut      |
-Vertical Split | `\|` | | Close Buffer | `<Space> + c` |
+| ---------------- | ------------- |
 | Horizontal Split | `\`           |
 | Vertical Split   | `\|`          |
 | Close Buffer     | `<Space> + c` |
 ### Editing and Formatting
@@ -109,7 +114,18 @@ Vertical Split | `\|` | | Close Buffer | `<Space> + c` |
 | Comment Line(support multiple lines)                  | `<Space> + /`  |
 | Open filepath/URL at cursor(neovim's builtin command) | `gx`           |
 | Find files by name (fzf)                              | `<Space> + ff` |
 | Find files by name (include hidden files)             | `<Space> + fF` |
 | Grep string in files (ripgrep)                        | `<Space> + fw` |
 | Grep string in files (include hidden files)           | `<Space> + fW` |
 ### Git
 | Action                     | Shortcut        |
 | -------------------------- | --------------- |
 | Git Commits (repository)   | `:<Space> + gc` |
 | Git Commits (current file) | `:<Space> + gC` |
 | Git Branches               | `:<Space> + gb` |
 | Git Status                 | `:<Space> + gt` |
 ### Sessions
@@ -163,7 +179,7 @@ Provided by mini.surround plugin.
 | --------------------------------- | --------------- |
 | Show all Yank History             | `:<Space> + yh` |
 | Show undo history                 | `:<Space> + uh` |
-| Show the path of the current file | `:!echo $%`      |
+| Show the path of the current file | `:!echo $%`     |
 ## Additional Resources
@@ -2,6 +2,7 @@
  config,
  lib,
  pkgs,
  pkgs-unstable,
  ...
 }:
 ###############################################################################
@@ -14,37 +15,67 @@ let
    v = "nvim";
    vdiff = "nvim -d";
  };
-in {
+  # the path to nvim directory
-  home.activation.installAstroNvim = lib.hm.dag.entryAfter ["writeBoundary"] ''
+  # to make this symlink work, we need to git clone this repo to your home directory.
-    ${pkgs.rsync}/bin/rsync -avz --chmod=D2755,F744 ${./nvim}/ ${config.xdg.configHome}/nvim/
+  configPath = "${config.home.homeDirectory}/nix-config/home/base/tui/editors/neovim/nvim";
-  '';
+in
 {
  xdg.configFile."nvim".source = config.lib.file.mkOutOfStoreSymlink configPath;
  # Disable catppuccin to avoid conflict with my non-nix config.
  catppuccin.nvim.enable = false;
  home.shellAliases = shellAliases;
  programs.nushell.shellAliases = shellAliases;
-  programs = {
+  programs.neovim = {
-    neovim = {
+    enable = true;
-      enable = true;
+    package = pkgs-unstable.neovim-unwrapped;
-      defaultEditor = true;
+    # defaultEditor = true; # set EDITOR at system-wide level
-      viAlias = true;
+    viAlias = true;
-      vimAlias = true;
+    vimAlias = true;
-      # Currently we use lazy.nvim as neovim's package manager, so comment this one.
+    # These environment variables are needed to build and run binaries
-      #
+    # with external package managers like mason.nvim.
-      # NOTE: These plugins will not be used by astronvim by default!
+    #
-      # We should install packages that will compile locally or download FHS binaries via Nix!
+    # LD_LIBRARY_PATH is also needed to run the non-FHS binaries downloaded by mason.nvim.
-      # and use lazy.nvim's `dir` option to specify the package directory in nix store.
+    # it will be set by nix-ld, so we do not need to set it here again.
-      # so that these plugins can work on NixOS.
+    extraWrapperArgs = with pkgs; [
-      #
+      # LIBRARY_PATH is used by gcc before compilation to search directories
-      # related project:
+      # containing static and shared libraries that need to be linked to your program.
-      #  https://github.com/b-src/lazy-nix-helper.nvim
+      "--suffix"
-      plugins = with pkgs.vimPlugins; [
+      "LIBRARY_PATH"
-        # search all the plugins using https://search.nixos.org/packages
+      ":"
-        telescope-fzf-native-nvim
+      "${lib.makeLibraryPath [
        stdenv.cc.cc
        zlib
      ]}"
-        nvim-treesitter.withAllGrammars
+      # PKG_CONFIG_PATH is used by pkg-config before compilation to search directories
-      ];
+      # containing .pc files that describe the libraries that need to be linked to your program.
-    };
+      "--suffix"
      "PKG_CONFIG_PATH"
      ":"
      "${lib.makeSearchPathOutput "dev" "lib/pkgconfig" [
        stdenv.cc.cc
        zlib
      ]}"
    ];
    # Currently we use lazy.nvim as neovim's package manager, so comment this one.
    #
    # NOTE: These plugins will not be used by astronvim by default!
    # We should install packages that will compile locally or download FHS binaries via Nix!
    # and use lazy.nvim's `dir` option to specify the package directory in nix store.
    # so that these plugins can work on NixOS.
    #
    # related project:
    #  https://github.com/b-src/lazy-nix-helper.nvim
    plugins = with pkgs.vimPlugins; [
      # search all the plugins using https://search.nixos.org/packages
      telescope-fzf-native-nvim
      nvim-treesitter.withAllGrammars
    ];
  };
 }
@@ -0,0 +1,141 @@
 {
  "AstroNvim": { "branch": "main", "commit": "c5e610f614e74c9dd9bf11760c4d0ad2c98c0abe" },
  "Comment.nvim": { "branch": "master", "commit": "e30b7f2008e52442154b66f7c519bfd2f1e32acb" },
  "LuaSnip": { "branch": "master", "commit": "458560534a73f7f8d7a11a146c801db00b081df0" },
  "aerial.nvim": { "branch": "master", "commit": "3284a2cb858ba009c79da87d5e010ccee3c99c4d" },
  "alpha-nvim": { "branch": "main", "commit": "de72250e054e5e691b9736ee30db72c65d560771" },
  "astrocommunity": { "branch": "main", "commit": "2db3ee2ce37f9e2bc9e6ea2c3e2e6292ca4d33bf" },
  "astrocore": { "branch": "main", "commit": "44a3dc0bf1591022b2a6bc89dccdfac1be17bec9" },
  "astrolsp": { "branch": "main", "commit": "909fbe64f3f87d089ff3777751261544557117cc" },
  "astrotheme": { "branch": "main", "commit": "f12dcf64b1f9a05839c3ac2146f550f43bae9dab" },
  "astroui": { "branch": "main", "commit": "e923a84c488d879a260fc9cfb2dc27dd870fb6ac" },
  "autosave.nvim": { "branch": "main", "commit": "348f72cf0241e3e736e3396c4834def2f8ef8d10" },
  "avante.nvim": { "branch": "main", "commit": "508cc4c22c78d565d270df8dec5449db07800296" },
  "catppuccin": { "branch": "main", "commit": "fa42eb5e26819ef58884257d5ae95dd0552b9a66" },
  "clangd_extensions.nvim": {
    "branch": "main",
    "commit": "db28f29be928d18cbfb86fbfb9f83f584f658feb"
  },
  "cmake-tools.nvim": { "branch": "master", "commit": "17244215b1a96e4b2a83a16abd6719197f270f96" },
  "cmp-buffer": { "branch": "main", "commit": "3022dbc9166796b644a841a02de8dd1cc1d311fa" },
  "cmp-conjure": { "branch": "master", "commit": "8c9a88efedc0e5bf3165baa6af8a407afe29daf6" },
  "cmp-dap": { "branch": "master", "commit": "ea92773e84c0ad3288c3bc5e452ac91559669087" },
  "cmp-nvim-lsp": { "branch": "main", "commit": "99290b3ec1322070bcfb9e846450a46f6efa50f0" },
  "cmp-path": { "branch": "main", "commit": "91ff86cd9c29299a64f968ebb45846c485725f23" },
  "cmp_luasnip": { "branch": "master", "commit": "98d9cb5c2c38532bd9bdb481067b20fea8f32e90" },
  "conjure": { "branch": "main", "commit": "5f15eb0322b5530eefb16457c061e7c2ccd7cf13" },
  "crates.nvim": { "branch": "main", "commit": "5d8b1bef686db0fabe5f1bb593744b617e8f1405" },
  "deno-nvim": { "branch": "master", "commit": "5a2f9205df5539c4a0696e73893bf8d1b0cae406" },
  "dressing.nvim": { "branch": "master", "commit": "3a45525bb182730fe462325c99395529308f431e" },
  "flash.nvim": { "branch": "main", "commit": "3c942666f115e2811e959eabbdd361a025db8b63" },
  "flit.nvim": { "branch": "main", "commit": "1ef72de6a02458d31b10039372c8a15ab8989e0d" },
  "friendly-snippets": { "branch": "main", "commit": "efff286dd74c22f731cdec26a70b46e5b203c619" },
  "fzf-lua": { "branch": "main", "commit": "a4404dee0a65d3c2e2b292206d10b16567d088c9" },
  "gitsigns.nvim": { "branch": "main", "commit": "7010000889bfb6c26065e0b0f7f1e6aa9163edd9" },
  "gopher.nvim": { "branch": "main", "commit": "de585144ebde9f0516fb9b542dd42e90c7835b59" },
  "goto-preview": { "branch": "main", "commit": "d1faf6ea992b5bcaaaf2c682e1aba3131a01143e" },
  "guess-indent.nvim": { "branch": "main", "commit": "6cd61f7a600bb756e558627cd2e740302c58e32d" },
  "heirline.nvim": { "branch": "master", "commit": "fae936abb5e0345b85c3a03ecf38525b0828b992" },
  "indent-blankline.nvim": {
    "branch": "master",
    "commit": "005b56001b2cb30bfa61b7986bc50657816ba4ba"
  },
  "lazy.nvim": { "branch": "main", "commit": "6c3bda4aca61a13a9c63f1c1d1b16b9d3be90d7a" },
  "lazydev.nvim": { "branch": "main", "commit": "f59bd14a852ca43db38e3662395354cb2a9b13e0" },
  "leap.nvim": { "branch": "main", "commit": "10c14af4ddfb34dbd7721f0bfb2b4d91f0558907" },
  "lsp_signature.nvim": {
    "branch": "master",
    "commit": "2923666d092300e6d03c8d895991d0bef43f1613"
  },
  "lspkind.nvim": { "branch": "master", "commit": "d79a1c3299ad0ef94e255d045bed9fa26025dab6" },
  "luarocks.nvim": { "branch": "main", "commit": "1db9093915eb16ba2473cfb8d343ace5ee04130a" },
  "markdown-preview.nvim": {
    "branch": "main",
    "commit": "462ce41af003f5cdadab856f3a42dc27e39b89c8"
  },
  "mason-lspconfig.nvim": {
    "branch": "main",
    "commit": "1a31f824b9cd5bc6f342fc29e9a53b60d74af245"
  },
  "mason-null-ls.nvim": { "branch": "main", "commit": "2b8433f76598397fcc97318d410e0c4f7a4bea6a" },
  "mason-nvim-dap.nvim": { "branch": "main", "commit": "4c2cdc69d69fe00c15ae8648f7e954d99e5de3ea" },
  "mason.nvim": { "branch": "main", "commit": "fc98833b6da5de5a9c5b1446ac541577059555be" },
  "mini.ai": { "branch": "main", "commit": "d172ada7b0281044a06cb9a625a862553c457b6f" },
  "mini.bufremove": { "branch": "main", "commit": "285bdac9596ee7375db50c0f76ed04336dcd2685" },
  "mini.surround": { "branch": "main", "commit": "1a2b59c77a0c4713a5bd8972da322f842f4821b1" },
  "neo-tree.nvim": { "branch": "main", "commit": "f481de16a0eb59c985abac8985e3f2e2f75b4875" },
  "neoconf.nvim": { "branch": "main", "commit": "f630568a4d04154803886f21ca60923f12709f0f" },
  "nfnl": { "branch": "main", "commit": "143b595069d98d47b26b80f0e0375420673de4af" },
  "none-ls.nvim": { "branch": "main", "commit": "a117163db44c256d53c3be8717f3e1a2a28e6299" },
  "nui.nvim": { "branch": "main", "commit": "a0fd35fcbb4cb479366f1dc5f20145fd718a3733" },
  "nvim-autopairs": { "branch": "master", "commit": "68f0e5c3dab23261a945272032ee6700af86227a" },
  "nvim-cmp": { "branch": "main", "commit": "1e1900b0769324a9675ef85b38f99cca29e203b3" },
  "nvim-colorizer.lua": {
    "branch": "master",
    "commit": "517df88cf2afb36652830df2c655df2da416a0ae"
  },
  "nvim-dap": { "branch": "master", "commit": "6a5bba0ddea5d419a783e170c20988046376090d" },
  "nvim-dap-go": { "branch": "main", "commit": "8763ced35b19c8dc526e04a70ab07c34e11ad064" },
  "nvim-dap-python": { "branch": "master", "commit": "261ce649d05bc455a29f9636dc03f8cdaa7e0e2c" },
  "nvim-dap-ui": { "branch": "master", "commit": "bc81f8d3440aede116f821114547a476b082b319" },
  "nvim-jdtls": { "branch": "master", "commit": "4d77ff02063cf88963d5cf10683ab1fd15d072de" },
  "nvim-lsp-file-operations": {
    "branch": "master",
    "commit": "9744b738183a5adca0f916527922078a965515ed"
  },
  "nvim-lspconfig": { "branch": "master", "commit": "185b2af444b27d6541c02d662b5b68190e5cf0c4" },
  "nvim-nio": { "branch": "master", "commit": "21f5324bfac14e22ba26553caf69ec76ae8a7662" },
  "nvim-notify": { "branch": "master", "commit": "a3020c2cf4dfc4c4f390c4a21e84e35e46cf5d17" },
  "nvim-scrollbar": { "branch": "main", "commit": "5b103ef0fd2e8b9b4be3878ed38d224522192c6c" },
  "nvim-spectre": { "branch": "master", "commit": "72f56f7585903cd7bf92c665351aa585e150af0f" },
  "nvim-spider": { "branch": "main", "commit": "d4bdc45eac425e77108f068bd0706ff3ac20be7f" },
  "nvim-treesitter": { "branch": "master", "commit": "f8aaf5ce4e27cd20de917946b2ae5c968a2c2858" },
  "nvim-treesitter-textobjects": {
    "branch": "master",
    "commit": "9937e5e356e5b227ec56d83d0a9d0a0f6bc9cad4"
  },
  "nvim-ts-autotag": { "branch": "main", "commit": "a1d526af391f6aebb25a8795cbc05351ed3620b5" },
  "nvim-ts-context-commentstring": {
    "branch": "main",
    "commit": "1b212c2eee76d787bbea6aa5e92a2b534e7b4f8f"
  },
  "nvim-ufo": { "branch": "main", "commit": "61463090a4f55f5d080236ea62f09d1cd8976ff3" },
  "nvim-vtsls": { "branch": "main", "commit": "60b493e641d3674c030c660cabe7a2a3f7a914be" },
  "nvim-web-devicons": { "branch": "master", "commit": "4c3a5848ee0b09ecdea73adcd2a689190aeb728c" },
  "nvim-window-picker": { "branch": "main", "commit": "6382540b2ae5de6c793d4aa2e3fe6dbb518505ec" },
  "orgmode": { "branch": "master", "commit": "b6d14eb0a1553a0ef4114346d67605de82d0f7fb" },
  "package-info.nvim": { "branch": "master", "commit": "4f1b8287dde221153ec9f2acd46e8237d2d0881e" },
  "parinfer-rust": { "branch": "master", "commit": "afe6b1176cd805c000713e23b654fbf4b9f4b156" },
  "plenary.nvim": { "branch": "master", "commit": "857c5ac632080dba10aae49dba902ce3abf91b35" },
  "presence.nvim": { "branch": "main", "commit": "87c857a56b7703f976d3a5ef15967d80508df6e6" },
  "promise-async": { "branch": "main", "commit": "38a4575da9497326badd3995e768b4ccf0bb153e" },
  "refactoring.nvim": { "branch": "master", "commit": "74b608dfee827c2372250519d433cc21cb083407" },
  "render-markdown.nvim": {
    "branch": "main",
    "commit": "c809fc129f842a7055c672593d24be6346bcc673"
  },
  "resession.nvim": { "branch": "master", "commit": "cc819b0489938d03e4f3532a583354f0287c015b" },
  "rustaceanvim": { "branch": "master", "commit": "322224d00a731d75eed6b700d38e460fd30f6e3c" },
  "schemastore.nvim": { "branch": "main", "commit": "e4f80f37cd11ed58a6e914cc30850749f021b6a7" },
  "sentiment.nvim": { "branch": "main", "commit": "54a6db15b630eccfa98c32a76baf90f21c6f1e40" },
  "smart-splits.nvim": { "branch": "master", "commit": "ddb23c1a1cf1507bda487cda7f6e4690965ef9f5" },
  "telescope-fzf-native.nvim": {
    "branch": "main",
    "commit": "1f08ed60cafc8f6168b72b80be2b2ea149813e55"
  },
  "telescope-undo.nvim": { "branch": "main", "commit": "928d0c2dc9606e01e2cc547196f48d2eaecf58e5" },
  "telescope.nvim": { "branch": "0.1.x", "commit": "a17d611a0e111836a1db5295f04945df407c5135" },
  "todo-comments.nvim": { "branch": "main", "commit": "ae0a2afb47cf7395dc400e5dc4e05274bf4fb9e0" },
  "tree-sitter-nu": { "branch": "main", "commit": "d62bb4a0c78e9476a6dd0081761444f6870252ed" },
  "treesj": { "branch": "main", "commit": "3b4a2bc42738a63de17e7485d4cc5e49970ddbcc" },
  "tsc.nvim": { "branch": "main", "commit": "8c1b4ec6a48d038a79ced8674cb15e7db6dd8ef0" },
  "venv-selector.nvim": {
    "branch": "regexp",
    "commit": "c677caa1030808a9f90092e522de7cc20c1390dd"
  },
  "vim-illuminate": { "branch": "master", "commit": "19cb21f513fc2b02f0c66be70107741e837516a1" },
  "vim-repeat": { "branch": "master", "commit": "65846025c15494983dafe5e3b46c8f88ab2e9635" },
  "vim-wakatime": { "branch": "master", "commit": "f39c4a201ae350aaba713b59d4a4fdd88e0811aa" },
  "which-key.nvim": { "branch": "main", "commit": "fcbf4eea17cb299c02557d576f0d568878e354a4" },
  "yanky.nvim": { "branch": "main", "commit": "04775cc6e10ef038c397c407bc17f00a2f52b378" }
 }
@@ -13,8 +13,6 @@ return {
  -- Highly experimental plugin that completely replaces
  -- the UI for messages, cmdline and the popupmenu.
  -- { import = "astrocommunity.utility.noice-nvim" },
  -- Fully featured & enhanced replacement for copilot.vim
  -- <Tab> work with both auto completion in cmp and copilot
  { import = "astrocommunity.media.vim-wakatime" },
  { import = "astrocommunity.motion.leap-nvim" },
  { import = "astrocommunity.motion.flit-nvim" },
@@ -54,6 +52,4 @@ return {
  -- Lua implementation of CamelCaseMotion, with extra consideration of punctuation.
  { import = "astrocommunity.motion.nvim-spider" },
  -- AI Assistant
  { import = "astrocommunity.completion.copilot-lua-cmp" },
 }
@@ -1,7 +1,7 @@
 require("lazy").setup({
  {
    "AstroNvim/AstroNvim",
-    version = "^4", -- Remove version tracking to elect for nighly AstroNvim
+    version = "^4", -- Remove version tracking to elect for nightly AstroNvim
    import = "astronvim.plugins",
    opts = { -- AstroNvim options must be set here with the `import` key
      mapleader = " ", -- This ensures the leader key must be configured before Lazy is set up
@@ -12,7 +12,7 @@ return {
    features = {
      autoformat = true, -- enable or disable auto formatting on start
      codelens = true, -- enable/disable codelens refresh on start
-      inlay_hints = false, -- enable/disable inlay hints on start
+      inlay_hints = true, -- enable/disable inlay hints on start
      semantic_tokens = true, -- enable/disable semantic token highlighting
    },
    -- customize lsp formatting options
@@ -52,8 +52,9 @@ return {
      "terraformls", -- terraform hcl
      "marksman", -- markdown ls
      "nickel_ls", -- nickel language server
-      "nil_ls", -- nix language server
+      -- "nil_ls", -- nix language server
-      "bufls", -- protocol buffer language server
+      "nixd", -- another nix language server
      "buf_ls", -- protocol buffer language server
      "dockerls", -- dockerfile
      "cmake", -- cmake language server
      "sqls", -- sql language server
@@ -64,7 +65,7 @@ return {
      "jdtls", -- java language server, provides only basic features
      "rust_analyzer", -- rust
      "pyright", -- python
-      "ruff_lsp", -- extremely fast Python linter and code transformation
+      "ruff", -- extremely fast Python linter and code transformation
      -- "julials", -- julia language server
      -- "zls", -- zig language server
      "lua_ls", -- lua
@@ -72,7 +73,7 @@ return {
      "nushell", -- nushell language server
      ---- Web Development
-      "tsserver", -- typescript/javascript language server
+      "ts_ls", -- typescript/javascript language server
      "tailwindcss", -- tailwindcss language server
      "html", -- html language server
      "cssls", -- css language server
@@ -101,6 +102,18 @@ return {
        filetypes = { "scheme", "scm" },
        single_file_support = true,
      },
      rust_analyzer = {
        settings = {
          -- Make the rust-analyzer use its own profile,
          -- so you can run cargo build without that being blocked while rust-analyzer runs.
          ["rust-analyzer"] = {
            cargo = {
              extraEnv = { CARGO_PROFILE_RUST_ANALYZER_INHERITS = "dev" },
              extraArgs = { "--profile", "rust-analyzer" },
            },
          },
        },
      },
    },
    -- customize how language servers are attached
    handlers = {
@@ -0,0 +1,157 @@
 local prefix = "<Leader>A"
 return {
  "yetone/avante.nvim",
  event = "User AstroFile", -- load on file open because Avante manages it's own bindings
  cmd = {
    "AvanteAsk",
    "AvanteBuild",
    "AvanteEdit",
    "AvanteRefresh",
    "AvanteSwitchProvider",
    "AvanteShowRepoMap",
    "AvanteModels",
    "AvanteChat",
    "AvanteChatNew",
    "AvanteToggle",
    "AvanteClear",
    "AvanteFocus",
    "AvanteStop",
  },
  version = false, -- Never set this value to "*"! Never!
  opts = {
    provider = "openrouter_claude_4",
    cursor_applying_provider = "openrouter_claude_4",
    behaviour = {
      -- auto_suggestions = true,
      enable_cursor_planning_mode = true, -- enable cursor planning mode!
    },
    -- WARNING: Since auto-suggestions are a high-frequency operation and therefore expensive,
    -- currently designating it as `copilot` provider is dangerous because: https://github.com/yetone/avante.nvim/issues/1048
    -- Of course, you can reduce the request frequency by increasing `suggestion.debounce`.
    auto_suggestions_provider = "ollama",
    suggestion = {
      debounce = 750, -- wait for x ms before suggestion
      throttle = 1200, -- wait for at least x ms before the next suggestion
    },
    web_search_engine = {
      provider = "google", -- tavily, serpapi, searchapi, google, kagi, brave, or searxng
      proxy = nil, -- proxy support, e.g., http://127.0.0.1:7890
    },
    providers = {
      ollama = {
        endpoint = "http://192.168.5.100:11434", -- Note that there is no /v1 at the end.
        model = "modelscope.cn/unsloth/Qwen3-30B-A3B-GGUF",
        -- model = "modelscope.cn/unsloth/Qwen3-32B-GGUF",
      },
      -- ==============================================
      -- https://aistudio.google.com/prompts/new_chat
      -- ==============================================
      gemini = {
        api_key_name = "GEMINI_API_KEY",
        model = "gemini-2.5-pro-preview-06-05",
        timeout = 30000, -- Timeout in milliseconds, increase this for reasoning models
        temperature = 0,
        max_completion_tokens = 8192, -- Increase this to include reasoning tokens (for reasoning models)
        --reasoning_effort = "medium", -- low|medium|high, only used for reasoning models
      },
      -- ==============================================
      -- https://openrouter.ai/rankings
      -- ==============================================
      openrouter_claude_4 = {
        __inherited_from = "openai",
        endpoint = "https://openrouter.ai/api/v1",
        api_key_name = "OPENROUTER_API_KEY",
        model = "anthropic/claude-sonnet-4",
      },
      -- ==============================================
      -- https://bailian.console.aliyun.com/?tab=model
      -- ==============================================
      aliyun_qwen3 = {
        __inherited_from = "openai",
        api_key_name = "DASHSCOPE_API_KEY",
        endpoint = "https://dashscope.aliyuncs.com/compatible-mode/v1",
        -- model = "qwen-coder-plus-latest",
        model = "qwen3-235b-a22b",
        -- disable_tools = true,
      },
      aliyun_dpr1 = {
        __inherited_from = "openai",
        api_key_name = "DASHSCOPE_API_KEY",
        endpoint = "https://dashscope.aliyuncs.com/compatible-mode/v1",
        model = "deepseek-r1-0528",
        disable_tools = true,
      },
      -- ==============================================
      -- https://console.volcengine.com/ark/region:ark+cn-beijing/model?feature=&vendor=DeepSeek&view=VENDOR_VIEW
      -- ==============================================
      ark_dpr1 = {
        __inherited_from = "openai",
        api_key_name = "ARK_API_KEY",
        endpoint = "https://ark.cn-beijing.volces.com/api/v3",
        model = "deepseek-r1-250528",
        -- disable_tools = true,
      },
      -- ==============================================
      -- https://cloud.siliconflow.cn/models
      -- ==============================================
      sflow_dpr1 = {
        __inherited_from = "openai",
        api_key_name = "SILICONFLOW_API_KEY",
        endpoint = "https://api.siliconflow.cn/v1",
        model = "Pro/deepseek-ai/DeepSeek-R1",
        -- disable_tools = true,
      },
      -- ==============================================
      -- https://platform.deepseek.com/usage
      -- ==============================================
      dp_coder = {
        __inherited_from = "openai",
        api_key_name = "DEEPSEEK_API_KEY",
        endpoint = "https://api.deepseek.com",
        model = "deepseek-coder",
      },
      -- deepseek chat v3
      dp_chat = {
        __inherited_from = "openai",
        api_key_name = "DEEPSEEK_API_KEY",
        endpoint = "https://api.deepseek.com",
        model = "deepseek-chat",
        -- disable_tools = true,
      },
      -- deepseek r1
      dp_r1 = {
        __inherited_from = "openai",
        api_key_name = "DEEPSEEK_API_KEY",
        endpoint = "https://api.deepseek.com",
        model = "deepseek-reasoner",
        -- disable_tools = true,
      },
    },
  },
  -- if you want to build from source then do `make BUILD_FROM_SOURCE=true`
  build = "make",
  -- build = "powershell -ExecutionPolicy Bypass -File Build.ps1 -BuildFromSource false" -- for windows
  dependencies = {
    "nvim-treesitter/nvim-treesitter",
    { "stevearc/dressing.nvim", optional = true },
    "nvim-lua/plenary.nvim",
    "MunifTanjim/nui.nvim",
    { "AstroNvim/astrocore", opts = function(_, opts) opts.mappings.n[prefix] = { desc = " Avante" } end },
    --- The below dependencies are optional,
    -- "echasnovski/mini.pick", -- for file_selector provider mini.pick
    "nvim-telescope/telescope.nvim", -- for file_selector provider telescope
    "hrsh7th/nvim-cmp", -- autocompletion for avante commands and mentions
    "ibhagwan/fzf-lua", -- for file_selector provider fzf
    "nvim-tree/nvim-web-devicons", -- or echasnovski/mini.icons
    -- "zbirenbaum/copilot.lua", -- for providers='copilot'
    {
      -- Make sure to set this up properly if you have lazy=true
      "MeanderingProgrammer/render-markdown.nvim",
      opts = {
        file_types = { "markdown", "Avante" },
      },
      ft = { "markdown", "Avante" },
    },
  },
 }
@@ -1,10 +0,0 @@
 -- Custom copilot-lua to enable filetypes: markdown
 return {
  "zbirenbaum/copilot.lua",
  opts = function(_, opts)
    opts.filetypes = {
      yaml = true,
      markdown = true,
    }
  end,
 }
@@ -1,4 +1,7 @@
 -- Customize Mason plugins
 --
 -- NOTE: Issue - mason.nvim does not support NixOS:
 -- https://github.com/williamboman/mason.nvim/issues/428
 ---@type LazySpec
 return {
@@ -60,4 +63,16 @@ return {
    --   })
    -- end,
  },
  {
    "williamboman/mason.nvim",
    opts = function(_, opts)
      -- Where Mason should put its bin location in your PATH. Can be one of:
      -- - "prepend" (default, Mason's bin location is put first in PATH)
      -- - "append" (Mason's bin location is put at the end of PATH)
      -- - "skip" (doesn't modify PATH)
      ---@type '"prepend"' | '"append"' | '"skip"'
      opts.PATH = "append" -- use mason's package only when no other package is found
    end,
  },
 }
@@ -1,13 +1,15 @@
 -- File explorer(Custom configs)
 return {
  "nvim-neo-tree/neo-tree.nvim",
-  opts = {
+  opts = function(_, opts)
-    filesystem = {
+    opts.filesystem.filtered_items = {
-      filtered_items = {
+      visible = true, -- visible by default
-        visible = true, -- visible by default
+      hide_dotfiles = false,
-        hide_dotfiles = false,
+      hide_gitignored = false,
-        hide_gitignored = false,
+    }
-      },
+    opts.filesystem.follow_current_file = {
-    },
+      enabled = true, -- This will find and focus the file in the active buffer every time
-  },
+      leave_dirs_open = false, -- `false` closes auto expanded dirs, such as with `:Neotree reveal`
    }
  end,
 }
@@ -39,7 +39,7 @@ return {
      formatting.shfmt, -- Shell formatter
      formatting.terraform_fmt, -- Terraform formatter
      formatting.stylua, -- Lua formatter
-      formatting.alejandra, -- Nix formatter
+      -- formatting.alejandra, -- Nix formatter
      formatting.sqlfluff.with { -- SQL formatter
        extra_args = { "--dialect", "postgres" }, -- change to your dialect
      },
@@ -24,6 +24,7 @@ return {
    opts.ensure_installed = require("astrocore").list_insert_unique(opts.ensure_installed, {
      -- please add only the tree-sitters that are not available in nixpkgs here
      "just",
      "kdl",
      "csv",
      "xml",
@@ -41,15 +41,15 @@ return {
  { "max397574/better-escape.nvim", enabled = false },
  -- You can also easily customize additional setup of plugins that is outside of the plugin's setup call
-  {
+  -- {
-    "L3MON4D3/LuaSnip",
+  --   "L3MON4D3/LuaSnip",
-    config = function(plugin, opts)
+  --   config = function(plugin, opts)
-      require "astronvim.plugins.configs.luasnip"(plugin, opts) -- include the default astronvim config that calls the setup call
+  --     require "astronvim.plugins.configs.luasnip"(plugin, opts) -- include the default astronvim config that calls the setup call
-      -- add more custom luasnip configuration such as filetype extend or custom snippets
+  --     -- add more custom luasnip configuration such as filetype extend or custom snippets
-      local luasnip = require "luasnip"
+  --     local luasnip = require "luasnip"
-      luasnip.filetype_extend("javascript", { "javascriptreact" })
+  --     luasnip.filetype_extend("javascript", { "javascriptreact" })
-    end,
+  --   end,
-  },
+  -- },
  {
    "windwp/nvim-autopairs",
@@ -1,155 +1,156 @@
-{pkgs, ...}: {
+{
-  nixpkgs.config = {
+  pkgs,
-    programs.npm.npmrc = ''
+  pkgs-unstable,
-      prefix = ''${HOME}/.npm-global
+  ...
-    '';
+}:
-  };
+{
  home.packages =
    with pkgs;
    (
      # -*- Data & Configuration Languages -*-#
      [
        #-- nix
        nil
        nixd
        statix # Lints and suggestions for the nix programming language
        deadnix # Find and remove unused code in .nix source files
        nixfmt # Nix Code Formatter
-  home.packages = with pkgs; (
+        #-- nickel lang
-    # -*- Data & Configuration Languages -*-#
+        nickel
    [
      #-- nix
      nil
      # rnix-lsp
      # nixd
      statix # Lints and suggestions for the nix programming language
      deadnix # Find and remove unused code in .nix source files
      alejandra # Nix Code Formatter
-      #-- nickel lang
+        #-- json like
-      nickel
+        # terraform  # install via brew on macOS
        terraform-ls
        jsonnet
        jsonnet-language-server
        taplo # TOML language server / formatter / validator
        nodePackages.yaml-language-server
        actionlint # GitHub Actions linter
-      #-- json like
+        #-- dockerfile
-      # terraform  # install via brew on macOS
+        hadolint # Dockerfile linter
-      terraform-ls
+        nodePackages.dockerfile-language-server-nodejs
      jsonnet
      jsonnet-language-server
      taplo # TOML language server / formatter / validator
      nodePackages.yaml-language-server
      actionlint # GitHub Actions linter
-      #-- dockerfile
+        #-- markdown
-      hadolint # Dockerfile linter
+        marksman # language server for markdown
-      nodePackages.dockerfile-language-server-nodejs
+        glow # markdown previewer
        pandoc # document converter
        pkgs-unstable.hugo # static site generator
-      #-- markdown
+        #-- sql
-      marksman # language server for markdown
+        sqlfluff
      glow # markdown previewer
      pandoc # document converter
      hugo # static site generator
-      #-- sql
+        #-- protocol buffer
-      sqlfluff
+        buf # linting and formatting
      ]
      ++
        #-*- General Purpose Languages -*-#
        [
          #-- c/c++
          cmake
          cmake-language-server
          gnumake
          checkmake
          # c/c++ compiler, required by nvim-treesitter!
          gcc
          gdb
          # c/c++ tools with clang-tools, the unwrapped version won't
          # add alias like `cc` and `c++`, so that it won't conflict with gcc
          # llvmPackages.clang-unwrapped
          clang-tools
          lldb
          vscode-extensions.vadimcn.vscode-lldb.adapter # codelldb - debugger
-      #-- protocol buffer
+          #-- python
-      buf # linting and formatting
+          pipx # Install and Run Python Applications in Isolated Environments
-    ]
+          uv # python project package manager
-    ++
+          pyright # python language server
-    #-*- General Purpose Languages -*-#
+          (python313.withPackages (
-    [
+            ps: with ps; [
-      #-- c/c++
+              ruff
-      cmake
+              black # python formatter
-      cmake-language-server
+              # debugpy
      gnumake
      checkmake
      # c/c++ compiler, required by nvim-treesitter!
      gcc
      gdb
      # c/c++ tools with clang-tools, the unwrapped version won't
      # add alias like `cc` and `c++`, so that it won't conflict with gcc
      # llvmPackages.clang-unwrapped
      clang-tools
      lldb
-      #-- python
+              # my commonly used python packages
-      pyright # python language server
+              jupyter
-      (python311.withPackages (
+              ipython
-        ps:
+              pandas
-          with ps; [
+              requests
-            ruff-lsp
+              pyquery
-            black # python formatter
+              pyyaml
-            # debugpy
+              boto3
            ]
          ))
-            # my commonly used python packages
+          #-- rust
-            jupyter
+          # we'd better use the rust-overlays for rust development
-            ipython
+          pkgs-unstable.rustc
-            pandas
+          pkgs-unstable.rust-analyzer
-            requests
+          pkgs-unstable.cargo # rust package manager
-            pyquery
+          pkgs-unstable.rustfmt
-            pyyaml
+          pkgs-unstable.clippy # rust linter
            boto3
-            ## emacs's lsp-bridge dependenciesge
+          #-- golang
-            # epc
+          go
-            # orjson
+          gomodifytags
-            # sexpdata
+          iferr # generate error handling code for go
-            # six
+          impl # generate function implementation for go
-            # setuptools
+          gotools # contains tools like: godoc, goimports, etc.
-            # paramiko
+          gopls # go language server
-            # rapidfuzz
+          delve # go debugger
          ]
      ))
-      #-- rust
+          # -- java
-      rust-analyzer
+          jdk17
-      cargo # rust package manager
+          gradle
-      rustfmt
+          maven
          spring-boot-cli
          jdt-language-server
-      #-- golang
+          #-- zig
-      go
+          zls
      gomodifytags
      iferr # generate error handling code for go
      impl # generate function implementation for go
      gotools # contains tools like: godoc, goimports, etc.
      gopls # go language server
      delve # go debugger
-      # -- java
+          #-- lua
-      jdk17
+          stylua
-      gradle
+          lua-language-server
      maven
      spring-boot-cli
      jdt-language-server
-      #-- zig
+          #-- bash
-      zls
+          nodePackages.bash-language-server
          shellcheck
          shfmt
        ]
      #-*- Web Development -*-#
      ++ [
        nodePackages.nodejs
        nodePackages.typescript
        nodePackages.typescript-language-server
        # HTML/CSS/JSON/ESLint language servers extracted from vscode
        nodePackages.vscode-langservers-extracted
        nodePackages."@tailwindcss/language-server"
        emmet-ls
      ]
      # -*- Lisp like Languages -*-#
      # ++ [
      #   guile
      #   racket-minimal
      #   fnlfmt # fennel
      #   (
      #     if pkgs.stdenv.isLinux && pkgs.stdenv.isx86
      #     then pkgs-unstable.akkuPackages.scheme-langserver
      #     else pkgs.emptyDirectory
      #   )
      # ]
      ++ [
        proselint # English prose linter
-      #-- lua
+        #-- verilog / systemverilog
-      stylua
+        verible
      lua-language-server
-      #-- bash
+        #-- Optional Requirements:
-      nodePackages.bash-language-server
+        nodePackages.prettier # common code formatter
-      shellcheck
+        fzf
-      shfmt
+        gdu # disk usage analyzer, required by AstroNvim
-    ]
+        (ripgrep.override { withPCRE2 = true; }) # recursively searches directories for a regex pattern
-    #-*- Web Development -*-#
+      ]
-    ++ [
+    );
      nodePackages.nodejs
      nodePackages.typescript
      nodePackages.typescript-language-server
      # HTML/CSS/JSON/ESLint language servers extracted from vscode
      nodePackages.vscode-langservers-extracted
      nodePackages."@tailwindcss/language-server"
      emmet-ls
    ]
    # -*- Lisp like Languages -*-#
    ++ [
      guile
      racket-minimal
      fnlfmt # fennel
    ]
    ++ [
      proselint # English prose linter
      #-- verilog / systemverilog
      verible
      #-- Optional Requirements:
      nodePackages.prettier # common code formatter
      fzf
      gdu # disk usage analyzer, required by AstroNvim
      (ripgrep.override {withPCRE2 = true;}) # recursively searches directories for a regex pattern
    ]
  );
 }
@@ -16,7 +16,7 @@ using a Cloud provider for key management.
 Both age, Sops & GnuPG provide asymmetric encryption, which is useful for encrypting files for a
 specific user.
-For morden use, age is recommended, as it use [AEAD encryption function -
+For modern use, age is recommended, as it use [AEAD encryption function -
 ChaCha20-Poly1305][age Format v1], If you do not want to manage the keys by yourself, Sops is
 recommended, as it use KMS for key management.
@@ -1,4 +1,9 @@
-{pkgs, ...}: {
+{
  pkgs,
  pkgs-unstable,
  ...
 }:
 {
  home.packages = with pkgs; [
    age
    sops
@@ -96,15 +96,15 @@ Key management is the core of OpenPGP standard / GnuPG.
 GnuPG uses public-key cryptography so that users may communicate securely. In a public-key system,
 each user has a pair of keys consisting of a private key and a public key. **A user's private key is
-kept secret; it need **never be revealed. The public key may be given to anyone with whom the user
+kept secret; it need NEVER be revealed. The public key may be given to anyone with whom the user
-wants to communicate\*\*. GnuPG uses a somewhat more sophisticated scheme in which a user has a
+wants to communicate**. GnuPG uses a somewhat more sophisticated scheme in which a user has a
 primary keypair and then zero or more additional subordinate keypairs. The primary and subordinate
 keypairs are bundled to facilitate key management and the bundle can often be considered simply as
 one keypair, or a keyring/keychain(which contains multiple sub key-pairs).
 Let's generate a keypair interactively:
-> Now in 2024, GnuPG 2.4.1 defaults to ECC algorithm (9) and Curve 25519 for ECC, which is morden
+> Now in 2024, GnuPG 2.4.1 defaults to ECC algorithm (9) and Curve 25519 for ECC, which is modern
 > and safe, I would recommend to use these defaults directly.
 ```bash
@@ -229,9 +229,9 @@ The **best practice** is:
   backup it to somewhere else, and import it to another machine to use your keypair.
 5. Backup your Primary key's revocation certificate to somewhere safe, it's the last way to rescure
   your safety if your primary key is compromised!
-6. It's a big problem if your revocation certificate is compromised, but not the bigest one. because
+6. It's a big problem if your revocation certificate is compromised, but not the biggest one.
-   it's only used to revoke your keypair, your data is still safe. But you should generate a new
+   because it's only used to revoke your keypair, your data is still safe. But you should generate a
-   keypair and revoke the old one immediately.
+   new keypair and revoke the old one immediately.
 7. It will be a big problem if your primary key is compromised, and you don't have a revocation
   certificate to revoke it. But since OpenPGP do not have a good way to distribute revocation
   certificate, even you have a revocation certificate, it's still hard to distribute it to
@@ -628,7 +628,7 @@ uid                   [ultimate] test <test@test.t>
 sub   cv25519/0x9E78E897B6490D6B 2024-01-09 [E]
 # encrypt some file before revoke the keypair
-› gpg -aer test@test.t README.md > README.md.asc
+› gpg -are test@test.t README.md > README.md.asc
 # try to decrypt the file, it should works
 › gpg -d README.md.asc
@@ -695,7 +695,7 @@ gpg: reason for revocation: No reason specified
 # ......
 # try to encrypt some file via the revoked key, it will fail.
-› gpg -aer 9E78E897B6490D6B README.md
+› gpg -are 9E78E897B6490D6B README.md
 gpg: 9E78E897B6490D6B: skipped: Unusable public key
 gpg: README.md: encryption failed: Unusable public key
 ```
@@ -2,7 +2,8 @@
  config,
  mysecrets,
  ...
-}: {
+}:
 {
  programs.gpg = {
    enable = true;
    homedir = "${config.home.homeDirectory}/.gnupg";
@@ -3,9 +3,11 @@
  config,
  lib,
  ...
-}: let
+}:
 let
  passwordStoreDir = "${config.xdg.dataHome}/password-store";
-in {
+in
 {
  programs.password-store = {
    enable = true;
    package = pkgs.pass.withExtensions (exts: [
@@ -33,7 +35,7 @@ in {
        "C2A313F98166C942" # S - Ryan Yin (For pass & ssh only) <ryan4yin@linux.com>
      ];
      PASSWORD_STORE_CLIP_TIME = "60";
-      PASSWORD_STORE_GENERATED_LENGTH = "15";
+      PASSWORD_STORE_GENERATED_LENGTH = "12";
      PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
    };
  };
@@ -1,18 +1,12 @@
-{pkgs-unstable, ...}: let
+{
  config,
  pkgs-unstable,
  ...
 }:
 let
  inherit (pkgs-unstable) nu_scripts;
-in {
+in
-  programs.bash = {
+{
    # load the alias file for work
    bashrcExtra = ''
      alias_for_work=/etc/agenix/alias-for-work.bash
      if [ -f $alias_for_work ]; then
        . $alias_for_work
      else
        echo "No alias file found for work"
      fi
    '';
  };
  programs.nushell = {
    # load the alias file for work
    # the file must exist, otherwise nushell will complain about it!
@@ -21,19 +15,39 @@ in {
    # https://github.com/nushell/nushell/issues/8214
    extraConfig = ''
      source /etc/agenix/alias-for-work.nushell
      # using claude-code with kimi k2
      $env.ANTHROPIC_BASE_URL = "https://api.moonshot.cn/anthropic/"
      $env.ANTHROPIC_API_KEY = $env.MOONSHOT_API_KEY
      # Directories in this constant are searched by the
      # `use` and `source` commands.
      const NU_LIB_DIRS = $NU_LIB_DIRS ++ ['${nu_scripts}/share/nu_scripts']
      # completion
-      use ${nu_scripts}/share/nu_scripts/custom-completions/git/git-completions.nu *
+      use custom-completions/cargo/cargo-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/glow/glow-completions.nu *
+      use custom-completions/curl/curl-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/just/just-completions.nu *
+      use custom-completions/git/git-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/make/make-completions.nu *
+      use custom-completions/glow/glow-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/man/man-completions.nu *
+      use custom-completions/just/just-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/nix/nix-completions.nu *
+      use custom-completions/make/make-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/cargo/cargo-completions.nu *
+      use custom-completions/man/man-completions.nu *
-      use ${nu_scripts}/share/nu_scripts/custom-completions/zellij/zellij-completions.nu *
+      use custom-completions/nix/nix-completions.nu *
      use custom-completions/ssh/ssh-completions.nu *
      use custom-completions/tar/tar-completions.nu *
      use custom-completions/tcpdump/tcpdump-completions.nu *
      use custom-completions/zellij/zellij-completions.nu *
      # use custom-completions/zoxide/zoxide-completions.nu *
      # alias
-      # use ${nu_scripts}/share/nu_scripts/aliases/git/git-aliases.nu *
+      # use aliases/git/git-aliases.nu *
-      use ${nu_scripts}/share/nu_scripts/aliases/eza/eza-aliases.nu *
+      use aliases/eza/eza-aliases.nu *
-      use ${nu_scripts}/share/nu_scripts/aliases/bat/bat-aliases.nu *
+      use aliases/bat/bat-aliases.nu *
      # modules
      use modules/argx *
      use modules/lg *
      use modules/kubernetes *
    '';
  };
 }
@@ -1,41 +1,38 @@
-{mysecrets, ...}: {
+{
  config,
  mysecrets,
  ...
 }:
 {
  home.file.".ssh/romantic.pub".source = "${mysecrets}/public/romantic.pub";
  programs.ssh = {
    enable = true;
-    # All my ssh private key are generated by `ssh-keygen -t ed25519 -a 256 -C "xxx@xxx"`
+    # "a private key that is used during authentication will be added to ssh-agent if it is running"
-    # Config format:
+    addKeysToAgent = "yes";
-    #   Host —  given the pattern used to match against the host name given on the command line.
+
-    #   HostName — specify nickname or abbreviation for host
+    matchBlocks = {
-    #   IdentityFile — the location of your SSH key authentication file for the account.
+      "github.com" = {
-    # Format in details:
+        # "Using SSH over the HTTPS port for GitHub"
-    #   https://www.ssh.com/academy/ssh/config
+        # "(port 22 is banned by some proxies / firewalls)"
-    extraConfig = ''
+        hostname = "ssh.github.com";
-      # a private key that is used during authentication will be added to ssh-agent if it is running
+        port = 443;
-      AddKeysToAgent yes
+        user = "git";
      Host 192.168.*
        # allow to securely use local SSH agent to authenticate on the remote machine.
        # It has the same effect as adding cli option `ssh -A user@host`
        ForwardAgent yes
        # romantic holds my homelab~
        IdentityFile /etc/agenix/ssh-key-romantic
        # Specifies that ssh should only use the identity file explicitly configured above
        # required to prevent sending default identity files first.
-        IdentitiesOnly yes
+        identitiesOnly = true;
      };
-      Host gtr5
+      "192.168.*" = {
-        HostName 192.168.5.172
+        # "allow to securely use local SSH agent to authenticate on the remote machine."
-        Port 22
+        # "It has the same effect as adding cli option `ssh -A user@host`"
-
+        forwardAgent = true;
-      Host um560
+        # "romantic holds my homelab~"
-        HostName 192.168.5.173
+        identityFile = "/etc/agenix/ssh-key-romantic";
-        Port 22
+        identitiesOnly = true;
-
+      };
-      Host s500plus
+    };
        HostName 192.168.5.174
        Port 22
    '';
  };
 }
@@ -1,3 +1,7 @@
 // Generating a new Example config via:
 //   zellij setup --dump-config
 // If you'd like to override the default keybindings completely, be sure to change "keybinds" to "keybinds clear-defaults=true"
 keybinds clear-defaults=true {
    normal {
@@ -36,6 +40,7 @@ keybinds clear-defaults=true {
        bind "w" { ToggleFloatingPanes; SwitchToMode "Normal"; }
        bind "e" { TogglePaneEmbedOrFloating; SwitchToMode "Normal"; }
        bind "c" { SwitchToMode "RenamePane"; PaneNameInput 0;}
        bind "i" { TogglePanePinned; SwitchToMode "Normal"; }
    }
    move {
        bind "Ctrl h" { SwitchToMode "Normal"; }
@@ -54,6 +59,9 @@ keybinds clear-defaults=true {
        bind "n" { NewTab; SwitchToMode "Normal"; }
        bind "x" { CloseTab; SwitchToMode "Normal"; }
        bind "s" { ToggleActiveSyncTab; SwitchToMode "Normal"; }
        bind "b" { BreakPane; SwitchToMode "Normal"; }
        bind "]" { BreakPaneRight; SwitchToMode "Normal"; }
        bind "[" { BreakPaneLeft; SwitchToMode "Normal"; }
        bind "1" { GoToTab 1; SwitchToMode "Normal"; }
        bind "2" { GoToTab 2; SwitchToMode "Normal"; }
        bind "3" { GoToTab 3; SwitchToMode "Normal"; }
@@ -110,7 +118,38 @@ keybinds clear-defaults=true {
        bind "Ctrl o" { SwitchToMode "Normal"; }
        bind "Ctrl s" { SwitchToMode "Scroll"; }
        bind "d" { Detach; }
        bind "w" {
            LaunchOrFocusPlugin "session-manager" {
                floating true
                move_to_focused_tab true
            };
            SwitchToMode "Normal"
        }
        bind "c" {
            LaunchOrFocusPlugin "configuration" {
                floating true
                move_to_focused_tab true
            };
            SwitchToMode "Normal"
        }
        bind "p" {
            LaunchOrFocusPlugin "plugin-manager" {
                floating true
                move_to_focused_tab true
            };
            SwitchToMode "Normal"
        }
        bind "a" {
            LaunchOrFocusPlugin "zellij:about" {
                floating true
                move_to_focused_tab true
            };
            SwitchToMode "Normal"
        }
    }
    // Allow to use tmux inside zellij
    //
    // tmux {
    //     bind "[" { SwitchToMode "Scroll"; }
    //     bind "Ctrl b" { Write 2; SwitchToMode "Normal"; }
@@ -137,7 +176,10 @@ keybinds clear-defaults=true {
    shared_except "locked" {
        bind "Ctrl g" { SwitchToMode "Locked"; }
        bind "Ctrl q" { Quit; }
        bind "Alt f" { ToggleFloatingPanes; }
        bind "Alt n" { NewPane; }
        bind "Alt i" { MoveTab "Left"; }
        bind "Alt o" { MoveTab "Right"; }
        bind "Alt h" "Alt Left" { MoveFocusOrTab "Left"; }
        bind "Alt l" "Alt Right" { MoveFocusOrTab "Right"; }
        bind "Alt j" "Alt Down" { MoveFocus "Down"; }
@@ -168,20 +210,40 @@ keybinds clear-defaults=true {
    shared_except "move" "locked" {
        bind "Ctrl h" { SwitchToMode "Move"; }
    }
    // shared_except "tmux" "locked" {
    //     bind "Ctrl b" { SwitchToMode "Tmux"; }
    // }
 }
 // Plugin aliases - can be used to change the implementation of Zellij
 // changing these requires a restart to take effect
 plugins {
-    tab-bar { path "tab-bar"; }
+    tab-bar location="zellij:tab-bar"
-    status-bar { path "status-bar"; }
+    status-bar location="zellij:status-bar"
-    strider { path "strider"; }
+    strider location="zellij:strider"
-    compact-bar { path "compact-bar"; }
+    compact-bar location="zellij:compact-bar"
    session-manager location="zellij:session-manager"
    welcome-screen location="zellij:session-manager" {
        welcome_screen true
    }
    filepicker location="zellij:strider" {
        cwd "/"
    }
    configuration location="zellij:configuration"
    plugin-manager location="zellij:plugin-manager"
    about location="zellij:about"
 }
 // Plugins to load in the background when a new session starts
 load_plugins {
  // "file:/path/to/my-plugin.wasm"
  // "https://example.com/my-plugin.wasm"
 }
 // Choose what to do when zellij receives SIGTERM, SIGINT, SIGQUIT or SIGHUP
 // eg. when terminal window with an active zellij session is closed
 // (Requires restart)
 // Options:
 //   - detach (Default)
 //   - quit
@@ -197,10 +259,13 @@ plugins {
 // Choose the path to the default shell that zellij will use for opening new panes
 // Default: $SHELL
 // Change to nushell
 //
 default_shell "nu"
 // Choose the path to override cwd that zellij will use for opening new panes
 //
 // default_cwd ""
 // Toggle between having pane frames around the panes
 // Options:
 //   - true (default)
@@ -215,76 +280,38 @@ default_shell "nu"
 //
 // auto_layout true
-// Define color themes for Zellij
+// Whether sessions should be serialized to the cache folder (including their tabs/panes, cwds and running commands) so that they can later be resurrected
-// For more examples, see: https://github.com/zellij-org/zellij/tree/main/example/themes
+// (Requires restart)
-// Once these themes are defined, one of them should to be selected in the "theme" section of this file
+// Options:
 //   - true (default)
 //   - false
 //
-themes {
+// session_serialization false
  // https://github.com/zellij-org/zellij/blob/main/zellij-utils/assets/themes/catppuccin.kdl
  catppuccin-latte {
    bg "#acb0be" // Surface2
    fg "#acb0be" // Surface2
    red "#d20f39"
    green "#40a02b"
    blue "#1e66f5"
    yellow "#df8e1d"
    magenta "#ea76cb" // Pink
    orange "#fe640b" // Peach
    cyan "#04a5e5" // Sky
    black "#dce0e8" // Crust
    white "#4c4f69" // Text
  }
-  catppuccin-frappe {
+// Whether pane viewports are serialized along with the session, default is false
-    bg "#626880" // Surface2
+// (Requires restart)
-    fg "#c6d0f5"
+// Options:
-    red "#e78284"
+//   - true
-    green "#a6d189"
+//   - false (default)
-    blue "#8caaee"
+//
-    yellow "#e5c890"
+// serialize_pane_viewport true
    magenta "#f4b8e4" // Pink
    orange "#ef9f76" // Peach
    cyan "#99d1db" // Sky
    black "#292c3c" // Mantle
    white "#c6d0f5"
  }
-  catppuccin-macchiato {
+// Scrollback lines to serialize along with the pane viewport when serializing sessions, 0
-    bg "#5b6078" // Surface2
+// defaults to the scrollback size. If this number is higher than the scrollback size, it will
-    fg "#cad3f5"
+// also default to the scrollback size. This does nothing if `serialize_pane_viewport` is not true.
-    red "#ed8796"
+// (Requires restart)
-    green "#a6da95"
+//
-    blue "#8aadf4"
+// scrollback_lines_to_serialize 10000
    yellow "#eed49f"
    magenta "#f5bde6" // Pink
    orange "#f5a97f" // Peach
    cyan "#91d7e3" // Sky
    black "#1e2030" // Mantle
    white "#cad3f5"
  }
  catppuccin-mocha {
    bg "#585b70" // Surface2
    fg "#cdd6f4"
    red "#f38ba8"
    green "#a6e3a1"
    blue "#89b4fa"
    yellow "#f9e2af"
    magenta "#f5c2e7" // Pink
    orange "#fab387" // Peach
    cyan "#89dceb" // Sky
    black "#181825" // Mantle
    white "#cdd6f4"
  }
 }
 // Choose the theme that is specified in the themes section.
 // Default: default
 //
 theme "catppuccin-mocha"
 // The name of the default layout to load on startup
 // Default: "default"
 // (Requires restart)
 //
 // default_layout "compact"
@@ -296,6 +323,7 @@ theme "catppuccin-mocha"
 // Toggle enabling the mouse mode.
 // On certain configurations, or terminals this could
 // potentially interfere with copying text.
 // (Requires restart)
 // Options:
 //   - true (default)
 //   - false
@@ -305,6 +333,7 @@ theme "catppuccin-mocha"
 // Configure the scroll back buffer size
 // This is the number of lines zellij stores for each pane in the scroll back
 // buffer. Excess number of lines are discarded in a FIFO fashion.
 // (Requires restart)
 // Valid values: positive integers
 // Default value: 10000
 //
@@ -342,14 +371,52 @@ theme "catppuccin-mocha"
 // When attaching to an existing session with other users,
 // should the session be mirrored (true)
 // or should each user have their own cursor (false)
 // (Requires restart)
 // Default: false
 //
 // mirror_session true
 // The folder in which Zellij will look for layouts
 // (Requires restart)
 //
 // layout_dir "/path/to/my/layout_dir"
 // The folder in which Zellij will look for themes
 // (Requires restart)
 //
 // theme_dir "/path/to/my/theme_dir"
 // Enable or disable the rendering of styled and colored underlines (undercurl).
 // May need to be disabled for certain unsupported terminals
 // (Requires restart)
 // Default: true
 //
 // styled_underlines false
 // Enable or disable writing of session metadata to disk (if disabled, other sessions might not know
 // metadata info on this session)
 // (Requires restart)
 // Default: false
 //
 // disable_session_metadata true
 // Enable or disable support for the enhanced Kitty Keyboard Protocol (the host terminal must also support it)
 // (Requires restart)
 // Default: true (if the host terminal supports it)
 //
 // support_kitty_keyboard_protocol false
 // Whether to stack panes when resizing beyond a certain size
 // Default: true
 //
 // stacked_resize false
 // Whether to show release notes on first version run
 // Default: true
 //
 show_release_notes false
 // Whether to show startup tips on session start
 // Default: true
 //
 show_startup_tips false
@@ -1,11 +1,18 @@
 { pkgs, ... }:
 let
  shellAliases = {
    "zj" = "zellij";
  };
-in {
+in
 {
  programs.zellij = {
    enable = true;
    package = pkgs.zellij;
  };
  xdg.configFile."zellij/config.kdl".source = ./config.kdl;
  # Disable catppuccin to avoid conflict with my non-nix config.
  catppuccin.zellij.enable = false;
  # auto start zellij in nushell
  programs.nushell.extraConfig = ''
    # auto start zellij
@@ -28,6 +35,4 @@ in {
  # only works in bash/zsh, not nushell
  home.shellAliases = shellAliases;
  programs.nushell.shellAliases = shellAliases;
  xdg.configFile."zellij/config.kdl".source = ./config.kdl;
 }
@@ -0,0 +1,337 @@
 # Place a copy of this config to ~/.aerospace.toml
 # After that, you can edit ~/.aerospace.toml to your liking
 # You can use it to add commands that run after login to macOS user session.
 # 'start-at-login' needs to be 'true' for 'after-login-command' to work
 # Available commands: https://nikitabobko.github.io/AeroSpace/commands
 after-login-command = []
 # You can use it to add commands that run after AeroSpace startup.
 # 'after-startup-command' is run after 'after-login-command'
 # Available commands : https://nikitabobko.github.io/AeroSpace/commands
 after-startup-command = [
  # Highlight focused windows with colored borders
  #
  # JankyBorders has a built-in detection of already running process,
  # so it won't be run twice on AeroSpace restart
  'exec-and-forget borders active_color=0xffe1e3e4 inactive_color=0xff494d64 width=5.0',
 ]
 # Start AeroSpace at login
 start-at-login = true
 # Normalizations. See: https://nikitabobko.github.io/AeroSpace/guide#normalization
 enable-normalization-flatten-containers = true
 enable-normalization-opposite-orientation-for-nested-containers = true
 # See: https://nikitabobko.github.io/AeroSpace/guide#layouts
 # The 'accordion-padding' specifies the size of accordion padding
 # You can set 0 to disable the padding feature
 accordion-padding = 30
 # Possible values: tiles|accordion
 default-root-container-layout = 'tiles'
 # Possible values: horizontal|vertical|auto
 # 'auto' means: wide monitor (anything wider than high) gets horizontal orientation,
 #               tall monitor (anything higher than wide) gets vertical orientation
 default-root-container-orientation = 'auto'
 # Mouse follows focus when focused monitor changes
 # Drop it from your config, if you don't like this behavior
 # See https://nikitabobko.github.io/AeroSpace/guide#on-focus-changed-callbacks
 # See https://nikitabobko.github.io/AeroSpace/commands#move-mouse
 # Fallback value (if you omit the key): on-focused-monitor-changed = []
 on-focused-monitor-changed = ['move-mouse monitor-lazy-center']
 # You can effectively turn off macOS "Hide application" (cmd-h) feature by toggling this flag
 # Useful if you don't use this macOS feature, but accidentally hit cmd-h or cmd-alt-h key
 # Also see: https://nikitabobko.github.io/AeroSpace/goodies#disable-hide-app
 automatically-unhide-macos-hidden-apps = false
 # Possible values: (qwerty|dvorak|colemak)
 # See https://nikitabobko.github.io/AeroSpace/guide#key-mapping
 [key-mapping]
 preset = 'qwerty'
 # Gaps between windows (inner-*) and between monitor edges (outer-*).
 # Possible values:
 # - Constant:     gaps.outer.top = 8
 # - Per monitor:  gaps.outer.top = [{ monitor.main = 16 }, { monitor."some-pattern" = 32 }, 24]
 #                 In this example, 24 is a default value when there is no match.
 #                 Monitor pattern is the same as for 'workspace-to-monitor-force-assignment'.
 #                 See:
 #                 https://nikitabobko.github.io/AeroSpace/guide#assign-workspaces-to-monitors
 [gaps]
 inner.horizontal = 3
 inner.vertical = 3
 outer.left = 3
 outer.bottom = 3
 outer.top = 3
 outer.right = 3
 # ['main'] binding mode declaration
 # See: https://nikitabobko.github.io/AeroSpace/guide#binding-modes
 # ['main'] binding mode must be always presented
 # Fallback value (if you omit the key): mode.main.binding = {}
 [mode.main.binding]
 # All possible keys:
 # - Letters.        a, b, c, ..., z
 # - Numbers.        0, 1, 2, ..., 9
 # - Keypad numbers. keypad0, keypad1, keypad2, ..., keypad9
 # - F-keys.         f1, f2, ..., f20
 # - Special keys.   minus, equal, period, comma, slash, backslash, quote, semicolon,
 #                   backtick, leftSquareBracket, rightSquareBracket, space, enter, esc,
 #                   backspace, tab, pageUp, pageDown, home, end, forwardDelete,
 #                   sectionSign (ISO keyboards only, european keyboards only)
 # - Keypad special. keypadClear, keypadDecimalMark, keypadDivide, keypadEnter, keypadEqual,
 #                   keypadMinus, keypadMultiply, keypadPlus
 # - Arrows.         left, down, up, right
 # All possible modifiers: cmd, alt, ctrl, shift
 # All possible commands: https://nikitabobko.github.io/AeroSpace/commands
 # See: https://nikitabobko.github.io/AeroSpace/commands#exec-and-forget
 # You can uncomment the following lines to open up terminal with alt + enter shortcut
 # (like in i3)
 alt-enter = '''exec-and-forget osascript -e '
    tell application "kitty"
        do script
        activate
    end tell'
    '''
 # See: https://nikitabobko.github.io/AeroSpace/commands#layout
 alt-slash = 'layout tiles horizontal vertical'
 alt-comma = 'layout accordion horizontal vertical'
 # See: https://nikitabobko.github.io/AeroSpace/commands#focus
 alt-h = 'focus left'
 alt-j = 'focus down'
 alt-k = 'focus up'
 alt-l = 'focus right'
 # See: https://nikitabobko.github.io/AeroSpace/commands#move
 alt-shift-h = 'move left'
 alt-shift-j = 'move down'
 alt-shift-k = 'move up'
 alt-shift-l = 'move right'
 # See: https://nikitabobko.github.io/AeroSpace/commands#resize
 alt-shift-minus = 'resize smart -50'
 alt-shift-equal = 'resize smart +50'
 # See: https://nikitabobko.github.io/AeroSpace/commands#workspace
 alt-1 = 'workspace 1Kitty'
 alt-2 = 'workspace 2Alacritty'
 alt-3 = 'workspace 3Work'
 alt-4 = 'workspace 4Firefox'
 alt-5 = 'workspace 5Chrome'
 alt-6 = 'workspace 6Chat'
 alt-7 = 'workspace 7Music'
 alt-8 = 'workspace 8Mail'
 alt-9 = 'workspace 9File'
 alt-0 = 'workspace 0Other'
 alt-a = 'workspace A'          # In your config, you can drop workspace bindings that you don't need
 alt-b = 'workspace B'
 # See: https://nikitabobko.github.io/AeroSpace/commands#move-node-to-workspace
 alt-shift-1 = 'move-node-to-workspace 1Kitty'
 alt-shift-2 = 'move-node-to-workspace 2Alacritty'
 alt-shift-3 = 'move-node-to-workspace 3Work'
 alt-shift-4 = 'move-node-to-workspace 4Firefox'
 alt-shift-5 = 'move-node-to-workspace 5Chrome'
 alt-shift-6 = 'move-node-to-workspace 6Chat'
 alt-shift-7 = 'move-node-to-workspace 7Music'
 alt-shift-8 = 'move-node-to-workspace 8Mail'
 alt-shift-9 = 'move-node-to-workspace 9File'
 alt-shift-0 = 'move-node-to-workspace 0Other'
 alt-shift-a = 'move-node-to-workspace A'
 alt-shift-b = 'move-node-to-workspace B'
 # See: https://nikitabobko.github.io/AeroSpace/commands#workspace-back-and-forth
 alt-tab = 'workspace-back-and-forth'
 # See: https://nikitabobko.github.io/AeroSpace/commands#move-workspace-to-monitor
 alt-shift-tab = 'move-workspace-to-monitor --wrap-around next'
 # See: https://nikitabobko.github.io/AeroSpace/commands#mode
 alt-shift-semicolon = 'mode service'
 # 'service' binding mode declaration.
 # See: https://nikitabobko.github.io/AeroSpace/guide#binding-modes
 [mode.service.binding]
 esc = ['reload-config', 'mode main']
 r = ['flatten-workspace-tree', 'mode main'] # reset layout
 f = [
  'layout floating tiling',
  'mode main',
 ] # Toggle between floating and tiling layout
 backspace = ['close-all-windows-but-current', 'mode main']
 # sticky is not yet supported https://github.com/nikitabobko/AeroSpace/issues/2
 #s = ['layout sticky tiling', 'mode main']
 alt-shift-h = ['join-with left', 'mode main']
 alt-shift-j = ['join-with down', 'mode main']
 alt-shift-k = ['join-with up', 'mode main']
 alt-shift-l = ['join-with right', 'mode main']
 down = 'volume down'
 up = 'volume up'
 shift-down = ['volume set 0', 'mode main']
 # Declare 'resize' binding mode
 [mode.resize.binding]
 h = 'resize width -50'
 j = 'resize height +50'
 k = 'resize height -50'
 l = 'resize width +50'
 enter = 'mode main'
 esc = 'mode main'
 [exec]
 inherit-env-vars = true
 [exec.env-vars]
 PATH = '/opt/homebrew/bin:/opt/homebrew/sbin:${PATH}'
 # =================================================================
 #
 # Assign apps on particular workspaces
 #
 # Use this command to get IDs of running applications:
 #   aerospace list-apps
 #
 # =================================================================
 [[on-window-detected]]
 if.app-id = 'net.kovidgoyal.kitty'
 run = 'move-node-to-workspace 1Kitty'
 [[on-window-detected]]
 if.app-id = 'org.alacritty'
 run = 'move-node-to-workspace 2Alacritty'
 [[on-window-detected]]
 if.app-id = 'com.tencent.WeWorkMac'
 run = 'move-node-to-workspace 3Work'
 [[on-window-detected]]
 # if.app-id = 'com.tencent.WeWorkMac'
 if.app-id = 'com.tinyspeck.slackmacgap'
 run = 'move-node-to-workspace 3Work'
 [[on-window-detected]]
 if.app-id = 'org.mozilla.firefox'
 run = 'move-node-to-workspace 4Firefox'
 [[on-window-detected]]
 if.app-id = 'com.google.Chrome'
 run = 'move-node-to-workspace 5Chrome'
 [[on-window-detected]]
 if.app-id = 'ru.keepcoder.Telegram'
 run = 'move-node-to-workspace 6Chat'
 [[on-window-detected]]
 if.app-id = 'com.tencent.xinWeChat'
 run = 'move-node-to-workspace 6Chat'
 [[on-window-detected]]
 if.app-id = 'com.tencent.qq'
 run = 'move-node-to-workspace 6Chat'
 [[on-window-detected]]
 if.app-id = 'com.tencent.QQMusicMac'
 run = 'move-node-to-workspace 7Music'
 [[on-window-detected]]
 if.app-id = 'com.netease.163music'
 run = 'move-node-to-workspace 7Music'
 [[on-window-detected]]
 if.app-id = 'com.apple.mail'
 run = 'move-node-to-workspace 8Mail'
 # calendar
 [[on-window-detected]]
 if.app-id = 'com.apple.iCal'
 run = 'move-node-to-workspace 8Mail'
 [[on-window-detected]]
 if.app-id = 'com.apple.finder'
 run = ['layout floating', 'move-node-to-workspace 9File']
 [[on-window-detected]]
 if.app-id = 'com.apple.iBooksX'
 run = ['layout floating', 'move-node-to-workspace 9File']
 [[on-window-detected]]
 if.app-id = 'net.cozic.joplin-desktop'
 run = ['layout floating', 'move-node-to-workspace 9File']
 # Book/Picture Preview
 [[on-window-detected]]
 if.app-id = 'com.apple.Preview'
 run = ['layout floating', 'move-node-to-workspace 9File']
 [[on-window-detected]]
 if.app-id = 'com.microsoft.VSCode'
 run = ['layout floating', 'move-node-to-workspace 9File']
 [[on-window-detected]]
 if.app-id = 'com.todesktop.230313mzl4w4u92' # Cursor AI Editor
 run = ['layout floating', 'move-node-to-workspace 9File']
 [[on-window-detected]]
 if.app-id = 'org.wireshark.Wireshark'
 run = ['layout floating', 'move-node-to-workspace 0Other']
 [[on-window-detected]]
 if.app-id = 'ai.elementlabs.lmstudio'
 run = ['layout floating', 'move-node-to-workspace 0Other']
 [[on-window-detected]]
 if.app-id = 'us.zoom.xos'
 run = 'move-node-to-workspace 0Other'
 # Auth UI - do not move it
 [[on-window-detected]]
 if.app-id = 'com.apple.SecurityAgent'
 run = ['layout floating']
 # System Settings - do not move it
 [[on-window-detected]]
 if.app-id = 'com.apple.systempreferences'
 run = ['layout floating']
 # Clash Verge - has problem with floating
 [[on-window-detected]]
 if.app-id = 'io.github.clash-verge-rev.clash-verge-rev'
 run = ['move-node-to-workspace 0Other']
 # Make all windows float by default
 [[on-window-detected]]
 check-further-callbacks = true
 run = ['layout floating']
 # =================================================================
 # Multiple monitor configuration
 # =================================================================
 [workspace-to-monitor-force-assignment]
 1Kitty = ['main']                # Non-main monitor in case when there are only two monitors'
 2Alacritty = ['main']            # "Main" monitor ("main" as in System Settings → Displays → Use as)
 3Work = ['built-in']
 4Firefox = ['main']
 5Chrome = ['main']
 6Chat = ['built-in']
 7Music = ['built-in']
 8Mail = ['main']
 9File = ['main']
 0Other = ['main']
@@ -0,0 +1,5 @@
 { config, ... }:
 {
  home.file.".aerospace.toml".source =
    config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/nix-config/home/darwin/aerospace/aerospace.toml";
 }
@@ -2,14 +2,16 @@
  mylib,
  myvars,
  ...
-}: {
+}:
 {
  home.homeDirectory = "/Users/${myvars.username}";
-  imports =
+  imports = (mylib.scanPaths ./.) ++ [
-    (mylib.scanPaths ./.)
+    ../base/core
-    ++ [
+    ../base/tui
-      ../base/core
+    ../base/gui
-      ../base/tui
+    ../base/home.nix
-      ../base/gui
+  ];
-      ../base/home.nix
+
-    ];
+  # enable management of XDG base directories on macOS.
  xdg.enable = true;
 }
@@ -1,6 +1,13 @@
-{pkgs, ...}: {
+{
  config,
  pkgs,
  ...
 }:
 {
  home.packages = with pkgs; [
    clash-meta
  ];
-  home.file.".proxychains/proxychains.conf".source = ./proxychains.conf;
+
  home.file.".proxychains/proxychains.conf".source =
    config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/nix-config/home/darwin/proxy/proxychains.conf";
 }
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
 {
  # Squirrel Input Method
  home.file."Library/Rime" = {
    # my custom squirrel data (flypy input method)
@@ -1,9 +1,10 @@
 { lib, ... }:
 let
  envExtra = ''
    export PATH="$PATH:/opt/homebrew/bin:/usr/local/bin"
  '';
  # copied from the content generated by `conda init bash`
-  initExtra = ''
+  initContent = ''
    arch=$(uname -m)
    if [ "aarch64" = "$arch" ] ||  [ "arm64" = "$arch" ]; then
@@ -20,7 +21,8 @@ let
      true
    fi
  '';
-in {
+in
 {
  # Homebrew's default install location:
  #   /opt/homebrew for Apple Silicon
  #   /usr/local for macOS Intel
@@ -28,10 +30,10 @@ in {
  # in /opt/homebrew for Apple Silicon and /usr/local for Rosetta 2 to coexist and use bottles.
  programs.bash = {
    enable = true;
-    bashrcExtra = envExtra + initExtra;
+    bashrcExtra = lib.mkAfter (envExtra + initContent);
  };
  programs.zsh = {
    enable = true;
-    inherit envExtra initExtra;
+    inherit envExtra initContent;
  };
 }
@@ -1,3 +0,0 @@
 {myvars, ...}: {
  programs.ssh.extraConfig = myvars.networking.ssh.extraConfig;
 }
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -2,11 +2,13 @@
  config,
  myvars,
  ...
-}: let
+}:
 let
  d = config.xdg.dataHome;
  c = config.xdg.configHome;
  cache = config.xdg.cacheHome;
-in rec {
+in
 rec {
  home.homeDirectory = "/home/${myvars.username}";
  # environment variables that always set at login
@@ -1,11 +1,11 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
 {
  # Linux Only Packages, not available on Darwin
  home.packages = with pkgs; [
    # misc
    libnotify
    wireguard-tools # manage wireguard vpn manually, via wg-quick
    ventoy # create bootable usb
    virt-viewer # vnc connect to VM, used by kubevirt
  ];
@@ -2,7 +2,6 @@
 3. `base`: all common configurations for all desktops.
 4. `hyprland`: Hyprland's configuration.
 5. `i3`: i3's configuration.
 ## Why install I3/Hyprland in Home Manager instead of a NixOS Module?
@@ -1,61 +1,78 @@
 {
  lib,
  pkgs,
  pkgs-unstable,
  # pkgs-stable,
  nur-ryan4yin,
  blender-bin,
  ...
-}: {
+}:
-  home.packages = with pkgs; [
+{
-    # creative
+  home.packages =
-    blender # 3d modeling
+    with pkgs;
-    # gimp      # image editing, I prefer using figma in browser instead of this one
+    [
-    inkscape # vector graphics
+      # creative
-    krita # digital painting
+      # gimp      # image editing, I prefer using figma in browser instead of this one
-    musescore # music notation
+      inkscape # vector graphics
-    # reaper # audio production
+      krita # digital painting
-    # sonic-pi # music programming
+      musescore # music notation
      # reaper # audio production
      # sonic-pi # music programming
-    # this app consumes a lot of storage, so do not install it currently
+      # 2d game design
-    # kicad     # 3d printing, eletrical engineering
+      # aseprite # Animated sprite editor & pixel art tool
-    # fpga
+      # this app consumes a lot of storage, so do not install it currently
-    pkgs-unstable.python312Packages.apycula # gowin fpga
+      # kicad     # 3d printing, eletrical engineering
-    pkgs-unstable.yosys # fpga synthesis
+    ]
-    pkgs-unstable.nextpnr # fpga place and route
+    ++ (lib.optionals pkgs.stdenv.isx86_64 [
-    pkgs-unstable.openfpgaloader # fpga programming
+      # https://github.com/edolstra/nix-warez/blob/master/blender/flake.nix
-    nur-ryan4yin.packages.${pkgs.system}.gowin-eda-edu-ide # app: `gowin-env` => `gw_ide` / `gw_pack` / ...
+      blender-bin.packages.${pkgs.system}.blender_4_2 # 3d modeling
-  ];
+
      ldtk # A modern, versatile 2D level editor
      # fpga
      python313Packages.apycula # gowin fpga
      yosys # fpga synthesis
      nextpnr # fpga place and route
      openfpgaloader # fpga programming
      # nur-ryan4yin.packages.${pkgs.system}.gowin-eda-edu-ide # app: `gowin-env` => `gw_ide` / `gw_pack` / ...
    ]);
  programs = {
    # live streaming
    obs-studio = {
-      enable = true;
+      enable = pkgs.stdenv.isx86_64;
-      plugins = with pkgs.obs-studio-plugins; [
+      plugins =
-        # screen capture
+        with pkgs.obs-studio-plugins;
-        wlrobs
+        [
-        # obs-ndi
+          # screen capture
-        obs-vaapi
+          wlrobs
-        obs-nvfbc
+          # obs-ndi
-        obs-teleport
+          # obs-nvfbc
-        # obs-hyperion
+          obs-teleport
-        droidcam-obs
+          # obs-hyperion
-        obs-vkcapture
+          droidcam-obs
-        obs-gstreamer
+          obs-vkcapture
-        obs-3d-effect
+          obs-gstreamer
-        input-overlay
+          input-overlay
-        obs-multi-rtmp
+          obs-multi-rtmp
-        obs-source-clone
+          obs-source-clone
-        obs-shaderfilter
+          obs-shaderfilter
-        obs-source-record
+          obs-source-record
-        obs-livesplit-one
+          obs-livesplit-one
-        looking-glass-obs
+          looking-glass-obs
-        obs-vintage-filter
+          obs-vintage-filter
-        obs-command-source
+          obs-command-source
-        obs-move-transition
+          obs-move-transition
-        obs-backgroundremoval
+          obs-backgroundremoval
-        advanced-scene-switcher
+          # advanced-scene-switcher
-        obs-pipewire-audio-capture
+          obs-pipewire-audio-capture
-      ];
+        ]
        ++ (lib.optionals pkgs.stdenv.isx86_64 [
          obs-vaapi
          obs-3d-effect
        ]);
    };
  };
 }
@@ -1,3 +1,4 @@
-{mylib, ...}: {
+{ mylib, ... }:
 {
  imports = mylib.scanPaths ./.;
 }
@@ -1,4 +1,5 @@
-{pkgs, ...}: {
+{ pkgs, ... }:
 {
  home.packages = with pkgs; [
    android-tools
  ];
@@ -2,7 +2,8 @@
  pkgs,
  lib,
  ...
-}: {
+}:
 {
  # Adjust the color temperature(& brightness) of your screen according to
  # your surroundings. This may help your eyes hurt less if you are
  # working in front of the screen at night.
@@ -16,18 +17,21 @@
    # has problem with wayland, so disable it
    tray = false;
    temperature = {
-      day = 5700;
+      day = 6000;
-      night = 4000;
+      night = 4500;
    };
    # https://gitlab.com/chinstrap/gammastep/-/blob/master/gammastep.conf.sample?ref_type=heads
    settings = {
      general = {
        fade = "1"; # gradually apply the new screen temperature/brightness over a couple of seconds.
        # it is a fake brightness adjustment obtained by manipulating the gamma ramps,
        # which means that it does not reduce the backlight　of the screen.
        # Preferably only use it if your normal backlight adjustment is too coarse-grained.
-        brightness-day = "1.0";
+        #
-        brightness-night = "0.8";
+        # brightness-day = "1.3";
        # brightness-night = "1";
        location-provider = "manual";
        # by default, Redshift will use the current elevation of the sun
@@ -1,26 +0,0 @@
 # Vertical Candidate List
 Vertical Candidate List=False
 # Use Per Screen DPI
 PerScreenDPI=True
 # Use mouse wheel to go to prev or next page
 WheelForPaging=True
 # Font
 Font="Sans 10"
 # Menu Font
 MenuFont="Sans 10"
 # Tray Font
 TrayFont="Sans Bold 10"
 # Tray Label Outline Color
 TrayOutlineColor=#000000
 # Tray Label Text Color
 TrayTextColor=#ffffff
 # Prefer Text Icon
 PreferTextIcon=False
 # Show Layout Name In Icon
 ShowLayoutNameInIcon=True
 # Use input method language to display text
 UseInputMethodLangaugeToDisplayText=True
 # Theme macchiato, frappe, latte, mocha
 Theme=catppuccin-mocha
 # Force font DPI on Wayland
 ForceWaylandDPI=0
@@ -1,10 +1,5 @@
 { pkgs, ... }:
 {
  pkgs,
  nur-ryan4yin,
  ...
 }: {
  home.file.".local/share/fcitx5/themes".source = "${nur-ryan4yin.packages.${pkgs.system}.catppuccin-fcitx5}/src";
  xdg.configFile = {
    "fcitx5/profile" = {
      source = ./profile;
@@ -12,11 +7,12 @@
      # so we need to force replace it in every rebuild to avoid file conflict.
      force = true;
    };
    "fcitx5/conf/classicui.conf".source = ./classicui.conf;
  };
  i18n.inputMethod = {
-    enabled = "fcitx5";
+    enable = true;
    type = "fcitx5";
    fcitx5.waylandFrontend = true;
    fcitx5.addons = with pkgs; [
      # for flypy chinese input method
      fcitx5-rime
--- a/Show More
+++ b/Show More
		`@@ -0,0 +1,2 @@`
							`plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"`
							`disable_checkpoint = true`