feat: flakify, gnome3

chore: nix fmt
refactor: split out more home-manager programs
feat: migrate shell as flake devShell
feat: initial flake structure with colmena
feat: migrate elias-e525 to colmena
feat: migrate steveej-t14 with colmena
feat: configure chromium extensions
chore: remove all overlays and package overrides
chore: delete some of _archive
feat: migrate vmd102066
feat: migrate sj-vps-htz0

nix/home-manager/programs/chromium.nix

@@ -1,14 +1,50 @@
-{...}: {
-  programs.chromium = {enable = true;};
+{
+  name,
+  lib,
+  ...
+}: {
+  programs.chromium = {
+    enable = true;
+    extensions =
+      [
+        #undetectable adblocker
+        {id = "gcfcpohokifjldeandkfjoboemihipmb";}
+
+        # ublock origin
+        {id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";}
+
+        # # YT ad block
+        # {id = "cmedhionkhpnakcndndgjdbohmhepckk";}
+
+        # # Adblock Plus
+        # {id = "cfhdojbkjhnklbpkdaibdccddilifddb";}
+
+        # Cookie Notice Blocker
+        {id = "odhmfmnoejhihkmfebnolljiibpnednn";}
+        # i don't care about cookies
+        {id = "fihnjjcciajhdojfnbdddfaoknhalnja";}
+
+        # NopeCHA
+        {id = "dknlfmjaanfblgfdfebhijalfmhmjjjo";}
+
+        # h264ify
+        {id = "aleakchihdccplidncghkekgioiakgal";}
+
+        # clippy
+        # {id = "honbeilkanbghjimjoniipnnehlmhggk"}
+
+        {
+          id = "dcpihecpambacapedldabdbpakmachpb";
+          updateUrl = "https://raw.githubusercontent.com/iamadamdev/bypass-paywalls-chrome/master/updates.xml";
+        }
+      ]
+      ++ (lib.lists.optionals ((builtins.match "^steveej.*" name) != null) [
+        # Vimium C
+        {id = "hfjbmagddngcpeloejdejnfgbamkjaeg";}
+      ]);
+  };
 
   programs.brave = {enable = true;};
 
-  nixpkgs.config = {
-    chromium = {
-      # 2019-03-05: missing on 19.03 enablePepperPDF = true;
-      # 2021-03-16: missing enablePepperFlash = false;
-    };
-  };
-
   programs.browserpass = {browsers = ["chromium" "brave"];};
 }

nix/home-manager/programs/emacs.nix

@@ -1,22 +0,0 @@
-{pkgs, ...}: {
-  programs.emacs = {
-    enable = true;
-    extraPackages = epkgs:
-      (with epkgs; [
-        nix-mode
-        magit # ; Integrate git <C-x g>
-        zerodark-theme # ; Nicolas' theme
-        undo-tree # ; <C-x u> to show the undo tree
-        # zoom-frm       # ; increase/decrease font size for all buffers %lt;C-x C-+>
-      ])
-      ++ (with epkgs.melpaPackages; [evil])
-      ++ (with epkgs.elpaPackages; [
-        auctex # ; LaTeX mode
-        beacon # ; highlight my cursor when scrolling
-        nameless # ; hide current package name everywhere in elisp code
-      ])
-      ++ (with pkgs; [
-        pkgs.notmuch # From main packages set
-      ]);
-  };
-}

nix/home-manager/programs/espanso.nix

@@ -0,0 +1,64 @@
+{
+  pkgs,
+  config,
+  ...
+}: let
+  passwords = import ../../variables/passwords.crypt.nix;
+in {
+  services.espanso = {
+    enable = true;
+    settings = {
+      matches = let
+        playerctl = ''
+          ${pkgs.coreutils}/bin/env DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/$(${pkgs.coreutils}/bin/id -u)/bus" ${pkgs.playerctl}/bin/playerctl'';
+      in [
+        {
+          trigger = ":vpos";
+          replace = "{{output}}";
+          vars = [
+            {
+              name = "output";
+              type = "script";
+              params = {
+                args = [
+                  (pkgs.writeScript "espanso" ''
+                    #! ${pkgs.python3}/bin/python
+                    import subprocess, os, math, datetime
+
+                    id=str(os.getuid())
+                    result=subprocess.run(args=["${pkgs.playerctl}/bin/playerctl", "position"], env={"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/"+id+"/bus"},capture_output=True)
+                    result.check_returncode()
+
+                    position_secs = math.trunc(float(result.stdout))
+                    position_human = datetime.timedelta(seconds=position_secs)
+                    print("%s - %s" % (position_human, position_secs))
+                  '')
+                ];
+              };
+            }
+          ];
+        }
+        {
+          trigger = ":vtit";
+          replace = "{{output}}";
+          vars = [
+            {
+              name = "output";
+              type = "script";
+              params = {
+                args = [
+                  (pkgs.writeShellScript "espanso"
+                    "${playerctl} metadata title")
+                ];
+              };
+            }
+          ];
+        }
+        {
+          trigger = ":dunno";
+          replace = "¯\\_(ツ)_/¯";
+        }
+      ];
+    };
+  };
+}

nix/home-manager/programs/gnome-desktop.nix

@@ -0,0 +1,112 @@
+{
+  pkgs,
+  config,
+  lib,
+  ...
+}: let
+in {
+  services = {
+    gnome-keyring.enable = false;
+    blueman-applet.enable = true;
+    flameshot.enable = true;
+  };
+
+  # TODO: remove this comment once i'm sure everything works
+  # xdg.configFile."autostart/gnome-keyring-ssh.desktop".text = ''
+  #   [Desktop Entry]
+  #   Type=Application
+  #   Hidden=true
+  # '';
+
+  services.gpg-agent.pinentryFlavor = "gnome3";
+
+  # workaround: usually created by 'home.xsession.enabled=true' and i don't use with gnome
+  systemd.user.targets.tray = {
+    Unit = {
+      Description = "Home Manager System Tray";
+      Requires = ["graphical-session-pre.target"];
+    };
+  };
+
+  home.packages = [
+    pkgs.wmctrl
+  ];
+
+  home.sessionVariables.MOZ_ENABLE_WAYLAND = "1";
+
+  dconf.settings = let
+    manualKeybindings = [
+      {
+        binding = "Print";
+        command = "flameshot gui";
+        name = "flameshot";
+      }
+
+      {
+        binding = "<Super>t";
+        command = "alacritty";
+        name = "alacritty";
+      }
+    ];
+
+    numWorkspaces = 10;
+    customKeybindingBaseName = "org/gnome/settings-daemon/plugins/media-keys/custom-keybindings/custom";
+    customKeybindingsNames =
+      builtins.genList (i: "/${customKeybindingBaseName}${toString i}/")
+      (
+        (builtins.length manualKeybindings)
+        + numWorkspaces # for sending to the workspace
+      );
+
+    workspacesKeyBindingsOffset = builtins.length manualKeybindings;
+
+    # with this we can make use of all number keys [0-9]
+    mapToNumber = i:
+      if i < 10
+      then i
+      else if i == 10
+      then 0
+      else throw "i exceeds 10: ${i}";
+  in
+    {
+      "org/gnome/settings-daemon/plugins/media-keys" = {
+        custom-keybindings = customKeybindingsNames;
+        screenreader = "@as []";
+        screensaver = ["<Alt><Super>l"];
+      };
+
+      # disable the builtin <Super>[1-9] functionality
+      "org/gnome/shell/keybindings" = builtins.listToAttrs (builtins.genList
+        (i: {
+          name = "switch-to-application-${toString (i + 1)}";
+          value = [];
+        })
+        numWorkspaces);
+
+      # remap it to switching to the workspaces
+      "org/gnome/desktop/wm/keybindings" = builtins.listToAttrs (builtins.genList
+        (i: {
+          name = "switch-to-workspace-${toString (i + 1)}";
+          value = [
+            "<Super>${toString (mapToNumber (i + 1))}"
+          ];
+        })
+        numWorkspaces);
+    }
+    // builtins.listToAttrs (builtins.genList
+      (i: {
+        name = "${customKeybindingBaseName}${toString i}";
+        value = builtins.elemAt manualKeybindings i;
+      })
+      (builtins.length manualKeybindings))
+    // builtins.listToAttrs (builtins.genList
+      (i: {
+        name = "${customKeybindingBaseName}${toString (workspacesKeyBindingsOffset + i)}";
+        value = {
+          binding = "<Control><Super>${toString (mapToNumber (i + 1))}";
+          command = "wmctrl -r :ACTIVE: -t ${toString i}";
+          name = "Send to workspace ${toString (i + 1)}";
+        };
+      })
+      numWorkspaces);
+}

nix/home-manager/programs/gpg-agent.nix

@@ -0,0 +1,14 @@
+{lib, ...}: {
+  programs.gpg.enable = true;
+  services.gpg-agent = {
+    enable = true;
+    enableScDaemon = true;
+    enableSshSupport = true;
+    grabKeyboardAndMouse = true;
+    pinentryFlavor = lib.mkDefault "gtk2";
+    extraConfig = "";
+
+    defaultCacheTtl = 0;
+    maxCacheTtl = 0;
+  };
+}

nix/home-manager/programs/homeshick.nix

@@ -5,7 +5,7 @@
 }: let
   # TODO: clean up the impurity in here
 in {
-  home.sessionVariables = {HOMESHICK_DIR = "${pkgs.homeshick}";};
+  home.sessionVariables.HOMESHICK_DIR = "${pkgs.homeshick}";
 
   home.activation.bootstrapRepos = config.lib.dag.entryAfter ["writeBoundary"] ''
     $DRY_RUN_CMD ${

nix/home-manager/programs/libreoffice.nix

@@ -1,8 +1,3 @@
 {pkgs, ...}: {
-  home.sessionVariables = {
-    # Workaround for Libreoffice to force gtk3
-    SAL_USE_VCLPLUGIN = "gtk3";
-  };
-
   home.packages = with pkgs; [libreoffice-fresh];
 }

nix/home-manager/programs/neovim.nix

@@ -1,6 +1,11 @@
-{pkgs, ...}: let
+{
+  pkgs,
+  lib,
+  ...
+}: let
 in {
-  home.sessionVariables = {EDITOR = "nvim";};
+  # FIXME: this doesn't work
+  home.sessionVariables.EDITOR = "nvim";
 
   programs.neovim = {
     enable = true;

nix/home-manager/programs/pass.nix

@@ -1,11 +1,9 @@
 {pkgs, ...}: {
-  home.sessionVariables = {
-    # required by pass-otp
-    PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions";
-    PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
-  };
+  # required by pass-otp
+  home.sessionVariables.PASSWORD_STORE_EXTENSIONS_DIR = "$HOME/.nix-profile/lib/password-store/extensions";
+  home.sessionVariables.PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
 
-  programs.browserpass = {enable = true;};
+  programs.browserpass.enable = true;
 
-  home.packages = with pkgs; [pass qtpass rofi-pass gnupg];
+  home.packages = with pkgs; [pass rofi-pass gnupg];
 }

nix/home-manager/programs/podman.nix

@@ -1,144 +0,0 @@
-{pkgs, ...}: let
-  cniConfigDir = let
-    loopback = pkgs.writeText "00-loopback.conf" ''
-      {
-        "cniVersion": "0.3.0",
-        "type": "loopback"
-      }
-    '';
-
-    podman-bridge = pkgs.writeText "87-podman-bridge.conflist" ''
-      {
-          "cniVersion": "0.3.0",
-          "name": "podman",
-          "plugins": [
-            {
-              "type": "bridge",
-              "bridge": "cni0",
-              "isGateway": true,
-              "ipMasq": true,
-              "ipam": {
-                  "type": "host-local",
-                  "subnet": "10.88.0.0/16",
-                  "routes": [
-                      { "dst": "0.0.0.0/0" }
-                  ]
-              }
-            },
-            {
-              "type": "portmap",
-              "capabilities": {
-                "portMappings": true
-              }
-            }
-          ]
-      }
-    '';
-  in
-    pkgs.runCommand "cniConfig" {} ''
-      set -x
-      mkdir $out;
-      ln -s ${loopback} $out/${loopback.name}
-      ln -s ${podman-bridge} $out/${podman-bridge.name}
-    '';
-
-  containersConf = pkgs.writeText "containers.conf" ''
-    # containers.conf is the default configuration file for all tools using libpod to
-    # manage containers
-
-    [containers]
-
-    # Maximum size of log files (in bytes)
-    # -1 is unlimited
-    log_size_max = -1
-
-
-    [engine]
-
-    # Default transport method for pulling and pushing for images
-    image_default_transport = "docker://"
-
-    #  Paths to search for the conmon container manager binary. If the paths are empty or no valid path was found, then the $PATH environment variable will be used as the fallback.
-    conmon_path = [
-      "${pkgs.conmon}/bin/conmon"
-    ]
-
-    # --runtime ${pkgs.crun}/bin/crun \
-    runtime = "crun"
-
-    # Environment variables to pass into conmon
-    conmon_env_vars = [
-    ]
-
-    # CGroup Manager - valid values are "systemd" and "cgroupfs"
-    cgroup_manager = "systemd"
-
-
-    # Whether to use chroot instead of pivot_root in the runtime
-    no_pivot_root = false
-
-    # Determines whether libpod will reserve ports on the host when they are
-    # forwarded to containers. When enabled, when ports are forwarded to containers,
-    # they are held open by conmon as long as the container is running, ensuring that
-    # they cannot be reused by other programs on the host. However, this can cause
-    # significant memory usage if a container has many ports forwarded to it.
-    # Disabling this can save memory.
-    enable_port_reservation = true
-
-    [network]
-    # Directory containing CNI plugin configuration files
-    network_config_dir = "${cniConfigDir}"
-
-    # Directories where the CNI plugin binaries may be located
-    cni_plugin_dirs = [
-      "${pkgs.cni-plugins}/bin"
-    ]
-
-    # Default CNI network for libpod.
-    # If multiple CNI network configs are present, libpod will use the network with
-    # the name given here for containers unless explicitly overridden.
-    # The default here is set to the name we set in the
-    # 87-podman-bridge.conflist included in the repository.
-    # Not setting this, or setting it to the empty string, will use normal CNI
-    # precedence rules for selecting between multiple networks.
-    default_network = "podman"
-  '';
-in {
-  home.packages = with pkgs; [podman];
-
-  home.file.".config/containers/containers.conf".source = containersConf;
-
-  home.file.".config/containers/registries.conf".text = ''
-    [registries.search]
-    registries = ['docker.io', 'quay.io', 'registry.fedoraproject.org']
-
-    [registries.insecure]
-    registries = []
-
-    #blocked (docker only)
-    [registries.block]
-    registries = []
-  '';
-
-  home.file.".config/containers/storage.conf".text = ''
-    [storage]
-    driver = "btrfs"
-  '';
-
-  home.file.".config/containers/policy.json".text = ''
-    {
-        "default": [
-            {
-                "type": "insecureAcceptAnything"
-            }
-        ],
-        "transports":
-            {
-                "docker-daemon":
-                    {
-                        "": [{"type":"insecureAcceptAnything"}]
-                    }
-            }
-    }
-  '';
-}

nix/home-manager/programs/redshift.nix

@@ -0,0 +1,24 @@
+{
+  pkgs,
+  config,
+  ...
+}: let
+  passwords = import ../../variables/passwords.crypt.nix;
+in {
+  services.redshift = {
+    enable = true;
+    inherit (passwords.location.stefan) longitude latitude;
+    temperature = {
+      day = 6700;
+      night = 3000;
+    };
+    tray = true;
+    settings = {
+      redshift = {
+        brightness-day = 1.0;
+        brightness-night = 0.5;
+        adjustment-method = "randr";
+      };
+    };
+  };
+}

nix/home-manager/programs/vscode/default.nix

@@ -463,6 +463,7 @@
 in {
   programs.vscode = {
     enable = true;
+    package = pkgs.vscodium;
     extensions =
       [] ++ packagedExtensions
       #  ++ marketPlaceExtensions

nix/home-manager/programs/zsh.nix

@@ -1,4 +1,9 @@
-{pkgs}: {...}: let
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: let
   just-plugin = let
     plugin_file = pkgs.writeText "_just" ''
       #compdef just
@@ -31,6 +36,10 @@
       '';
     };
 in {
+  home.file.".profile".text = ''
+    . "${config.home.profileDirectory}/etc/profile.d/hm-session-vars.sh"
+  '';
+
   programs.zsh = {
     enable = true;
 
@@ -65,17 +74,21 @@ in {
       # don't cd into directories when executed
       unsetopt AUTO_CD
 
-      export NIX_PATH="${pkgs.nixPath}"
+      export NIX_PATH="${pkgs.path}"
 
       # print lines without termination
       setopt PROMPT_CR
       setopt PROMPT_SP
       export PROMPT_EOL_MARK=""
-    '';
 
-    sessionVariables = {
-      # Add more envrionment variables here
-    };
+      ${lib.optionalString config.services.gpg-agent.enable ''
+        export SSH_AUTH_SOCK="$XDG_RUNTIME_DIR/gnupg/S.gpg-agent.ssh"
+      ''}
+
+      ${lib.optionalString config.programs.neovim.enable ''
+        export EDITOR="nvim"
+      ''}
+    '';
 
     plugins = [
       {