feat(elias-e525): bump to 25.05

Justfile

@@ -230,8 +230,8 @@ switch-gpg-card key-id="6EEFA706CB17E89B":
     # Connect the new device and then run this script to make it known to gnupg.
     #
     set -xe
-    if [[ -n "{{key-id}}" ]]; then
+    if [[ -n "{{ key-id }}" ]]; then
-        KEY_ID="{{key-id}}"
+        KEY_ID="{{ key-id }}"
     else
         KEY_ID=$(gpg --card-status | rg sec | rg -o '[0-9A-Z]{16}')
     fi

flake.lock

@@ -28,11 +28,11 @@
         "stable": "stable"
       },
       "locked": {
-        "lastModified": 1731527002,
+        "lastModified": 1746816769,
-        "narHash": "sha256-dI9I6suECoIAmbS4xcrqF8r2pbmed8WWm5LIF1yWPw8=",
+        "narHash": "sha256-ymQzXrfHVT8/RJiGbfrNjEeuzXQan46lUJdxEhgivdM=",
         "owner": "zhaofengli",
         "repo": "colmena",
-        "rev": "e3ad42138015fcdf2524518dd564a13145c72ea1",
+        "rev": "df694ee23be7ed7b2d8b42c245a640f0724eb06c",
         "type": "github"
       },
       "original": {
@@ -56,27 +56,6 @@
         "type": "github"
       }
     },
-    "devshell": {
-      "inputs": {
-        "nixpkgs": [
-          "nixvim",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1728330715,
-        "narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
-        "owner": "numtide",
-        "repo": "devshell",
-        "rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "devshell",
-        "type": "github"
-      }
-    },
     "disko": {
       "inputs": {
         "nixpkgs": [
@@ -184,20 +163,6 @@
         "type": "github"
       }
     },
-    "flake-compat_4": {
-      "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
-        "revCount": 57,
-        "type": "tarball",
-        "url": "https://api.flakehub.com/f/pinned/edolstra/flake-compat/1.0.1/018afb31-abd1-7bff-a5e4-cff7e18efb7a/source.tar.gz"
-      },
-      "original": {
-        "type": "tarball",
-        "url": "https://flakehub.com/f/edolstra/flake-compat/1.tar.gz"
-      }
-    },
     "flake-parts": {
       "inputs": {
         "nixpkgs-lib": "nixpkgs-lib"
@@ -267,11 +232,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1730504689,
+        "lastModified": 1743550720,
-        "narHash": "sha256-hgmguH29K2fvs9szpq2r3pz2/8cJd2LPS+b4tfNFCwE=",
+        "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "506278e768c2a08bec68eb62932193e341f55c90",
+        "rev": "c621e8422220273271f52058f618c94e405bb0f5",
         "type": "github"
       },
       "original": {
@@ -318,7 +283,7 @@
     },
     "flake-utils_10": {
       "inputs": {
-        "systems": "systems_5"
+        "systems": "systems_6"
       },
       "locked": {
         "lastModified": 1710146030,
@@ -478,79 +443,6 @@
         "type": "github"
       }
     },
-    "git-hooks": {
-      "inputs": {
-        "flake-compat": [
-          "nixvim",
-          "flake-compat"
-        ],
-        "gitignore": "gitignore",
-        "nixpkgs": [
-          "nixvim",
-          "nixpkgs"
-        ],
-        "nixpkgs-stable": [
-          "nixvim",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1732021966,
-        "narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "cachix",
-        "repo": "git-hooks.nix",
-        "type": "github"
-      }
-    },
-    "gitignore": {
-      "inputs": {
-        "nixpkgs": [
-          "nixvim",
-          "git-hooks",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1709087332,
-        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
-        "type": "github"
-      },
-      "original": {
-        "owner": "hercules-ci",
-        "repo": "gitignore.nix",
-        "type": "github"
-      }
-    },
-    "home-manager": {
-      "inputs": {
-        "nixpkgs": [
-          "nixvim",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733175814,
-        "narHash": "sha256-zFOtOaqjzZfPMsm1mwu98syv3y+jziAq5DfWygaMtLg=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "bf23fe41082aa0289c209169302afd3397092f22",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
     "ixx": {
       "inputs": {
         "flake-utils": [
@@ -565,16 +457,16 @@
         ]
       },
       "locked": {
-        "lastModified": 1729958008,
+        "lastModified": 1737371634,
-        "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
+        "narHash": "sha256-fTVAWzT1UMm1lT+YxHuVPtH+DATrhYfea3B0MxG/cGw=",
         "owner": "NuschtOS",
         "repo": "ixx",
-        "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
+        "rev": "a1176e2a10ce745ff8f63e4af124ece8fe0b1648",
         "type": "github"
       },
       "original": {
         "owner": "NuschtOS",
-        "ref": "v0.0.6",
+        "ref": "v0.0.7",
         "repo": "ixx",
         "type": "github"
       }
@@ -614,27 +506,6 @@
         "type": "github"
       }
     },
-    "nix-darwin": {
-      "inputs": {
-        "nixpkgs": [
-          "nixvim",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733105089,
-        "narHash": "sha256-Qs3YmoLYUJ8g4RkFj2rMrzrP91e4ShAioC9s+vG6ENM=",
-        "owner": "lnl7",
-        "repo": "nix-darwin",
-        "rev": "c6b65d946097baf3915dd51373251de98199280d",
-        "type": "github"
-      },
-      "original": {
-        "owner": "lnl7",
-        "repo": "nix-darwin",
-        "type": "github"
-      }
-    },
     "nix-eval-jobs": {
       "inputs": {
         "flake-parts": "flake-parts_3",
@@ -974,6 +845,22 @@
         "type": "github"
       }
     },
+    "nixpkgs-2505": {
+      "locked": {
+        "lastModified": 1747953325,
+        "narHash": "sha256-y2ZtlIlNTuVJUZCqzZAhIw5rrKP4DOSklev6c8PyCkQ=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "55d1f923c480dadce40f5231feb472e81b0bab48",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-25.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs-gimp": {
       "locked": {
         "lastModified": 1735507908,
@@ -1136,24 +1023,19 @@
     },
     "nixvim": {
       "inputs": {
-        "devshell": "devshell",
-        "flake-compat": "flake-compat_4",
         "flake-parts": "flake-parts_4",
-        "git-hooks": "git-hooks",
-        "home-manager": "home-manager",
-        "nix-darwin": "nix-darwin",
         "nixpkgs": [
           "nixpkgs"
         ],
         "nuschtosSearch": "nuschtosSearch",
-        "treefmt-nix": "treefmt-nix_3"
+        "systems": "systems_5"
       },
       "locked": {
-        "lastModified": 1733355056,
+        "lastModified": 1748175278,
-        "narHash": "sha256-EOldkOLdgUVIa8ZJiHkqjD6yaW+AZiZwd94aBqfZERY=",
+        "narHash": "sha256-nXrZ25veLlj1WwVblFO28oHSOabjORGn8YLQ/9OtuSA=",
         "owner": "nix-community",
         "repo": "nixvim",
-        "rev": "277dbeb607210f6a6db656ac7eee9eef3143070c",
+        "rev": "f54941e333ea2afd0b03ba09f5cb90bb1c6f8130",
         "type": "github"
       },
       "original": {
@@ -1168,7 +1050,7 @@
         "nixpkgs": [
           "nixpkgs"
         ],
-        "treefmt-nix": "treefmt-nix_4"
+        "treefmt-nix": "treefmt-nix_3"
       },
       "locked": {
         "lastModified": 1737225765,
@@ -1194,11 +1076,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1733006402,
+        "lastModified": 1745046075,
-        "narHash": "sha256-BC1CecAQISV5Q4LZK72Gx0+faemOwaChiD9rMVfDPoA=",
+        "narHash": "sha256-8v4y6k16Ra/fiecb4DxhsoOGtzLKgKlS+9/XJ9z0T2I=",
         "owner": "NuschtOS",
         "repo": "search",
-        "rev": "16307548b7a1247291c84ae6a12c0aacb07dfba2",
+        "rev": "066afe8643274470f4a294442aadd988356a478f",
         "type": "github"
       },
       "original": {
@@ -1276,10 +1158,11 @@
         "nixago": "nixago",
         "nixos-anywhere": "nixos-anywhere",
         "nixpkgs": [
-          "nixpkgs-2411"
+          "nixpkgs-2505"
         ],
         "nixpkgs-2211": "nixpkgs-2211",
         "nixpkgs-2411": "nixpkgs-2411",
+        "nixpkgs-2505": "nixpkgs-2505",
         "nixpkgs-gimp": "nixpkgs-gimp",
         "nixpkgs-unstable": "nixpkgs-unstable",
         "nixpkgs-vscodium": "nixpkgs-vscodium",
@@ -1295,7 +1178,7 @@
         "rperf": "rperf",
         "sops-nix": "sops-nix",
         "srvos": "srvos",
-        "treefmt-nix": "treefmt-nix_5",
+        "treefmt-nix": "treefmt-nix_4",
         "yofi": "yofi"
       }
     },
@@ -1392,16 +1275,16 @@
     },
     "stable": {
       "locked": {
-        "lastModified": 1730883749,
+        "lastModified": 1746557022,
-        "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=",
+        "narHash": "sha256-QkNoyEf6TbaTW5UZYX0OkwIJ/ZMeKSSoOMnSDPQuol0=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede",
+        "rev": "1d3aeb5a193b9ff13f63f4d9cc169fb88129f860",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-24.05",
+        "ref": "nixos-24.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -1481,6 +1364,21 @@
         "type": "github"
       }
     },
+    "systems_6": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "treefmt-nix": {
       "inputs": {
         "nixpkgs": [
@@ -1525,27 +1423,6 @@
       }
     },
     "treefmt-nix_3": {
-      "inputs": {
-        "nixpkgs": [
-          "nixvim",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1732894027,
-        "narHash": "sha256-2qbdorpq0TXHBWbVXaTqKoikN4bqAtAplTwGuII+oAc=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "6209c381904cab55796c5d7350e89681d3b2a8ef",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
-    },
-    "treefmt-nix_4": {
       "inputs": {
         "nixpkgs": [
           "nur",
@@ -1566,7 +1443,7 @@
         "type": "github"
       }
     },
-    "treefmt-nix_5": {
+    "treefmt-nix_4": {
       "inputs": {
         "nixpkgs": [
           "nixpkgs"

flake.nix

@@ -11,8 +11,9 @@
     nixpkgs-2211.url = "github:nixos/nixpkgs/nixos-22.11";
     radicalePkgs.follows = "nixpkgs-2211";
     nixpkgs-2411.url = "github:nixos/nixpkgs/nixos-24.11";
+    nixpkgs-2505.url = "github:nixos/nixpkgs/nixos-25.05";
     nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
-    nixpkgs.follows = "nixpkgs-2411";
+    nixpkgs.follows = "nixpkgs-2505";
     flake-parts.url = "github:hercules-ci/flake-parts";
     get-flake.url = "github:ursi/get-flake";
 
@@ -132,7 +133,7 @@
     flake-parts.lib.mkFlake { inherit inputs; } (
       { withSystem, ... }:
       {
-        flake.colmena =
+        flake.colmenaHive = inputs.colmena.lib.makeHive (
           lib.lists.foldl (sum: cur: lib.attrsets.recursiveUpdate sum cur)
             { meta.nixpkgs = import inputs.nixpkgs.outPath { system = builtins.elemAt systems 0; }; }
             # FIXME: this doesn't seem to work to apply overlays into a node's nixpkgs import
@@ -152,7 +153,7 @@
                   "steveej-t14"
                   "steveej-x13s"
                   "steveej-x13s-rmvbl"
-                  # "elias-e525"
+                  "elias-e525"
                   # "justyna-p300"
 
                   # "srv0-dmz0"
@@ -162,19 +163,50 @@
 
                   "sj-srv1"
                 ]
-            );
+            )
+        );
 
         flake.lib = {
           inherit withSystem;
+
+          prsFn =
+            {
+              lib,
+              prs,
+              skim,
+              rustPlatform,
+              makeWrapper,
+            }:
+
+            prs.overrideAttrs (attrs: rec {
+              pname = "prs";
+
+              src = self.inputs.prs;
+              version = self.inputs.prs.shortRev;
+
+              nativeBuildInputs = attrs.nativeBuildInputs ++ [
+                makeWrapper
+              ];
+
+              cargoDeps = rustPlatform.fetchCargoVendor {
+                inherit src;
+                hash = "sha256-6kCqrwcHFy7cEl2JM+CzTWDM9abepumzdcJLq1ChzUk=";
+              };
+
+              postFixup = ''
+                wrapProgram $out/bin/prs \
+                  --prefix PATH : ${lib.makeBinPath [ skim ]}
+              '';
+            });
         };
 
         # this makes nixos-anywhere work
         flake.nixosConfigurations =
           let
-            colmenaHive = (inputs.colmena.lib.makeHive self.outputs.colmena).nodes;
+            colmenaHiveNodes = self.outputs.colmenaHive.nodes;
             router0-dmz0 = (inputs.get-flake (self + "/nix/os/devices/router0-dmz0")).nixosConfigurations;
           in
-          colmenaHive
+          colmenaHiveNodes
           // {
             router0-dmz0 = router0-dmz0.native;
 
@@ -211,72 +243,6 @@
 
                 craneLib = craneLibFn inputs'.fenix.packages.stable.toolchain;
 
-                _prsPackage =
-                  {
-                    lib,
-                    rustPlatform,
-                    installShellFiles,
-                    pkg-config,
-                    python3,
-                    glib,
-                    gpgme,
-                    gtk3,
-                    stdenv,
-                    cargoHash ? "sha256-T57RqIzurpYLHyeFhvqxmC+DoB6zUf+iTu1YkMmwtp8=",
-                    src,
-                    version,
-                    makeWrapper,
-                    skim,
-                  }:
-
-                  rustPlatform.buildRustPackage rec {
-                    pname = "prs";
-
-                    inherit src version cargoHash;
-
-                    nativeBuildInputs = [
-                      gpgme
-                      installShellFiles
-                      pkg-config
-                      python3
-                      makeWrapper
-                    ];
-
-                    cargoBuildFlags = [
-                      "--no-default-features"
-                      "--features=alias,backend-gpgme,clipboard,notify,select-fzf-bin,select-skim-bin,tomb,totp"
-                    ];
-
-                    buildInputs = [
-                      glib
-                      gpgme
-                      gtk3
-                    ];
-
-                    postInstall = lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform) ''
-                      for shell in bash fish zsh; do
-                        installShellCompletion --cmd prs --$shell <($out/bin/prs internal completions $shell --stdout)
-                      done
-                    '';
-
-                    postFixup = ''
-                      wrapProgram $out/bin/prs \
-                        --prefix PATH : ${lib.makeBinPath [ skim ]}
-                    '';
-
-                    meta = with lib; {
-                      description = "Secure, fast & convenient password manager CLI using GPG and git to sync";
-                      homepage = "https://gitlab.com/timvisee/prs";
-                      changelog = "https://gitlab.com/timvisee/prs/-/blob/v${version}/CHANGELOG.md";
-                      license = with licenses; [
-                        lgpl3Only # lib
-                        gpl3Only # everything else
-                      ];
-                      maintainers = with maintainers; [ dotlambda ];
-                      mainProgram = "prs";
-                    };
-                  };
-
                 local-xwayland = pkgs.writeShellScriptBin "local-xwayland" ''
                   set -x
                   ${pkgs.wayland-proxy-virtwl}/bin/wayland-proxy-virtwl \
@@ -293,12 +259,6 @@
 
                 inherit (inputs'.colmena.packages) colmena;
 
-                prs = pkgs.callPackage _prsPackage {
-                  src = inputs.prs;
-                  version = inputs.prs.shortRev;
-                  cargoHash = "sha256-oXuAKOHIfwUvcS0qXDTe68DN+MUNS4TAKV986vxdeh8=";
-                };
-
                 nomad = inputs'.nixpkgs-unstable.legacyPackages.nomad_1_6;
 
                 ledger-live-desktop-wrapped = pkgs.writeShellScriptBin "ledger-live-desktop-wrapped" ''

nix/devShells.nix

@@ -84,6 +84,8 @@
       screen
 
       inputs'.nixpkgs-unstable.legacyPackages.kanidm
+
+      (flameshot.override { enableWlrSupport = true; })
     ];
 
     # Set Environment Variables

nix/home-manager/configuration/graphical-fullblown.nix

@@ -131,7 +131,7 @@ in
       # FIXME: depends on insecure openssl 1.1.1t
       # kotatogram-desktop
       pkgsUnstable.tdesktop
-      pkgsUnstable.signal-desktop-source
+      pkgsUnstable.signal-desktop
 
       # Virtualization
       virt-manager

nix/home-manager/configuration/graphical-gnome3.nix

@@ -1,8 +1,8 @@
 { pkgs, ... }:
 {
   home.packages = with pkgs; [
-    gnome.gnome-tweaks
+    gnome-tweaks
-    gnome.gnome-keyring
+    gnome-keyring
-    gnome.seahorse
+    seahorse
   ];
 }

nix/home-manager/configuration/graphical-removable.nix

@@ -24,7 +24,7 @@
 
     # Process/System Administration
     htop
-    gnome.gnome-tweaks
+    gnome-tweaks
     xorg.xhost
     dmidecode
     evtest
@@ -39,8 +39,8 @@
     lzop
 
     # Password Management
-    gnome.gnome-keyring
+    gnome-keyring
-    gnome.seahorse
+    seahorse
 
     # Remote Control Tools
     remmina

nix/home-manager/profiles/gnome-desktop.nix

@@ -16,7 +16,7 @@
   #   Hidden=true
   # '';
 
-  services.gpg-agent.pinentryPackage = pkgs.pinentry-gnome3;
+  services.gpg-agent.pinentry.package = pkgs.pinentry-gnome3;
 
   dconf.settings =
     let

nix/home-manager/profiles/sway-desktop.nix

@@ -39,7 +39,7 @@ in
     enable = true;
   };
 
-  services.gpg-agent.pinentryPackage = pkgs.pinentry-gnome3;
+  services.gpg-agent.pinentry.package = pkgs.pinentry-gnome3;
 
   home.packages = [
     pkgs.swayidle
@@ -161,7 +161,8 @@ in
           # TODO: i've been hitting this one accidentally way too often. find a better place.
           # "${modifier}+Shift+e" = "exec ${pkgs.sway}/bin/swaymsg exit";
           "${modifier}+q" = "kill";
-          "${modifier}+Shift+q" = "exec ${pkgs.sway}/bin/swaymsg -t get_tree | ${pkgs.jq}/bin/jq 'recurse(.nodes[], .floating_nodes[]) | select(.focused).pid' | ${pkgs.findutils}/bin/xargs -L1 kill -9";
+          "${modifier}+Shift+q" =
+            "exec ${pkgs.sway}/bin/swaymsg -t get_tree | ${pkgs.jq}/bin/jq 'recurse(.nodes[], .floating_nodes[]) | select(.focused).pid' | ${pkgs.findutils}/bin/xargs -L1 kill -9";
 
           "${modifier}+x" = "exec ${swapOutputWorkspaces}";
 
@@ -212,6 +213,13 @@ in
 
         # this maps to focus_on_window_activation
         focus.newWindow = "urgent";
+
+        window.commands = [
+          {
+            command = "border pixel 0, floating enable, fullscreen disable, move absolute position 0 0";
+            criteria.app_id= "flameshot";
+          }
+        ];
       };
   };
 

nix/home-manager/programs/firefox.nix

@@ -40,14 +40,20 @@ let
 
   search = {
     force = true;
-    default = "DuckDuckGo";
+    default = "ddg";
-    privateDefault = "DuckDuckGo";
+    privateDefault = "ddg";
+
+    order = [
+      "ddg"
+      "ecosia"
+      "google"
+    ];
   };
 
   mkProfile =
     override:
     lib.recursiveUpdate {
-      extensions = ryceeAddons ++ customAddons;
+      extensions.packages = ryceeAddons ++ customAddons;
       inherit search;
 
       settings = {
@@ -173,6 +179,7 @@ let
 
         # enable pipewire (and libcamera) sources
         "media.webrtc.camera.allow-pipewire" = true;
+
       };
 
       userChrome =
@@ -320,7 +327,7 @@ in
   };
   programs.firefox = {
     enable = true;
-    package = pkgs.firefox-esr;
+    package = pkgs.firefox;
 
     profiles = mkProfiles {
       "personal" = mkProfile {
@@ -376,8 +383,33 @@ in
         id = 12;
         color = colors.pink;
       };
+      "tech-research" = mkProfile {
+        id = 13;
+        color = colors.purple;
+      };
     };
 
+    # policies = {
+    #   # search via policy. the other one doesn't always work because of schema version mismatch
+    #   SearchEngines = {
+    #     Default = "Qwant";
+    #     PreventInstalls = true;
+
+    #     Add = [
+    #       {
+    #         Method = "GET";
+    #         Alias = "qwant";
+    #         Description = "Description";
+    #         # PostData= "name=value&q={searchTerms}";
+
+    #         Name = "Qwant";
+    #         SuggestURLTemplate = "https://api.qwant.com/api/suggest/?q={searchTerms}";
+    #         URLTemplate = "https://www.qwant.com/?q={searchTerms}";
+    #       }
+    #     ];
+    #   };
+    # };
+
   };
 
   # create one desktop entry for each profile

nix/home-manager/programs/gpg-agent.nix

@@ -1,4 +1,9 @@
-{ lib, pkgs, osConfig, ... }:
+{
+  lib,
+  pkgs,
+  osConfig,
+  ...
+}:
 {
   home.packages = [ pkgs.gcr ];
 
@@ -8,7 +13,7 @@
     enableScDaemon = !osConfig.services.pcscd.enable;
     enableSshSupport = true;
     grabKeyboardAndMouse = true;
-    pinentryPackage = lib.mkDefault pkgs.pinentry-gtk2;
+    pinentry.package = lib.mkDefault pkgs.pinentry-gtk2;
     extraConfig = ''
       no-allow-external-cache
     '';

nix/home-manager/programs/neovim.nix

@@ -68,6 +68,8 @@
 
       # This plugin trims trailing whitespace and lines.
       trim.enable = true;
+
+      web-devicons.enable = true;
     };
 
     # plugins = with pkgs;

nix/home-manager/programs/pass.nix

@@ -5,12 +5,13 @@
   # home.sessionVariables.PASSWORD_STORE_ENABLE_EXTENSIONS = "true";
   # programs.browserpass.enable = true;
 
-  home.packages = with pkgs; [
+  home.packages = [
-    gnupg
+    pkgs.gnupg
 
     # broken on wayland
     # rofi-pass
 
-    repoFlake.packages.${pkgs.system}.prs
+    (pkgs.callPackage repoFlake.lib.prsFn {
+    })
   ];
 }

nix/home-manager/programs/vscode/default.nix

@@ -12,7 +12,7 @@ in
   programs.vscode = {
     enable = true;
     package = pkgsVscodium.vscodium;
-    extensions =
+    profiles.default.extensions =
       with pkgsVscodium.vscode-extensions;
       [
         eamodio.gitlens

nix/home-manager/programs/zsh.nix

@@ -48,8 +48,8 @@ in
 
     # will be called again by oh-my-zsh
     enableCompletion = false;
-    enableAutosuggestions = true;
+    autosuggestion.enable = true;
-    initExtra =
+    initContent =
       let
         inNixShell = ''$([[ -n "$IN_NIX_SHELL" ]] && printf " 🐚")'';
       in

nix/os/containers/mailserver.nix

@@ -66,7 +66,6 @@
       services.dovecot2 = {
         enable = true;
 
-        modules = [ pkgs.dovecot_pigeonhole ];
         protocols = [ "sieve" ];
 
         enableImap = true;
@@ -98,6 +97,10 @@
         '';
       };
 
+      environment.systemPackages = [
+        pkgs.dovecot_pigeonhole
+      ];
+
       environment.etc."dovecot/users".source = config.sops.secrets.email_dovecot_steveej.path;
 
       systemd.services.steveej-getmail-stefanjunker = {

nix/os/containers/syncthing.nix

@@ -70,7 +70,6 @@
         };
       };
 
-
       # TODO: find out if smbpasswd file is still used and set it here. or find an alternative
       # sops.secrets.smbpasswd = {
       # };

nix/os/containers/webserver.nix

@@ -66,7 +66,11 @@ in
           extraConfig = ''
             redir /hedgedoc* https://hedgedoc.${domain}
 
-            file_server /*/* {
+            basic_auth /justyna/202505_prt_teil1* {
+                prt $2a$14$y7tZYZxTlJ2JFsBtRM.D8Ok0oHhWt53mGXk.xJMLXc/JF.bTtOWaq
+            }
+
+            file_server /* {
               browse
               root /var/www/stefanjunker.de/htdocs/caddy
               pass_thru
@@ -406,7 +410,6 @@ in
             domain = "kanidm.${domain}";
             origin = "https://kanidm.${domain}";
 
-
             bindaddress = "127.0.0.1:8444";
 
             # don't expose ldap

nix/os/devices/elias-e525/default.nix

@@ -16,8 +16,8 @@ in
   meta.nodeNixpkgs.${nodeName} = import nodeFlake.inputs.nixpkgs.outPath { inherit system; };
 
   ${nodeName} = {
-    deployment.targetHost = "elias-e525.lan";
+    deployment.targetHost = "elias-e525";
-    deployment.replaceUnknownProfiles = false;
+    deployment.replaceUnknownProfiles = true;
     # deployment.allowLocalDeployment = true;
 
     imports = [

nix/os/devices/elias-e525/flake.lock

@@ -7,32 +7,32 @@
         ]
       },
       "locked": {
-        "lastModified": 1703113038,
+        "lastModified": 1748665073,
-        "narHash": "sha256-oxkyzjpD+mNT7arzU/zHrkNHLuY9tKwmnD2MNaZiSDw=",
+        "narHash": "sha256-RMhjnPKWtCoIIHiuR9QKD7xfsKb3agxzMfJY8V9MOew=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "0c2353d5d930c3d93724df6858aef064a31b3c00",
+        "rev": "282e1e029cb6ab4811114fc85110613d72771dea",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "release-23.11",
+        "ref": "release-25.05",
         "repo": "home-manager",
         "type": "github"
       }
     },
-    "nixpkgs": {
+    "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1703068421,
+        "lastModified": 1749024892,
-        "narHash": "sha256-WSw5Faqlw75McIflnl5v7qVD/B3S2sLh+968bpOGrWA=",
+        "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d65bceaee0fb1e64363f7871bc43dc1c6ecad99f",
+        "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-23.11",
+        "ref": "nixos-25.05",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -40,7 +40,10 @@
     "root": {
       "inputs": {
         "home-manager": "home-manager",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": [
+          "nixpkgs-stable"
+        ],
+        "nixpkgs-stable": "nixpkgs-stable"
       }
     }
   },

nix/os/devices/elias-e525/flake.nix

@@ -1,8 +1,9 @@
 {
-  inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-23.11";
+  inputs.nixpkgs.follows = "nixpkgs-stable";
+  inputs.nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
 
   inputs.home-manager = {
-    url = "github:nix-community/home-manager/release-23.11";
+    url = "github:nix-community/home-manager/release-25.05";
     inputs.nixpkgs.follows = "nixpkgs";
   };
 

nix/os/devices/elias-e525/system.nix

@@ -14,21 +14,23 @@
 
   services.fprintd.enable = true;
   security.pam.services = {
-    login.fprintAuth = true;
+    # conflicts with nixpkgs' gdm.nix
+    # login.fprintAuth = true;
     sudo.fprintAuth = true;
   };
 
   services = {
     xserver = {
-      layout = lib.mkForce "de";
+      xkb.layout = lib.mkForce "de";
-      xkbVariant = lib.mkForce "";
+      xkb.variant = lib.mkForce "";
-      xkbOptions = lib.mkForce "";
+      xkb.options = lib.mkForce "";
-      displayManager.autoLogin.enable = lib.mkForce false;
       displayManager.gdm.enable = lib.mkForce true;
       displayManager.lightdm.enable = lib.mkForce false;
       desktopManager.gnome.enable = true;
     };
 
+    displayManager.autoLogin.enable = lib.mkForce false;
+
     # dbus.packages = [ pkgs.gnome3.dconf ];
     # udev.packages = [ pkgs.gnome3.gnome-settings-daemon ];
   };
@@ -37,7 +39,7 @@
 
   services.xserver.videoDrivers = [ "modesetting" ];
 
-  boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
+  # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
 
   nix.gc = {
     automatic = true;

nix/os/devices/elias-e525/user.nix

@@ -19,12 +19,12 @@ in
   users.extraUsers.elias = mkUser {
     uid = 1001;
     openssh.authorizedKeys.keys = keys.users.steveej.openssh;
-    passwordFile = config.sops.secrets.sharedUsers-elias.path;
+    hashedPasswordFile = config.sops.secrets.sharedUsers-elias.path;
   };
 
   users.extraUsers.justyna = mkUser {
     uid = 1002;
     openssh.authorizedKeys.keys = keys.users.steveej.openssh;
-    passwordFile = config.sops.secrets.sharedUsers-justyna.path;
+    hashedPasswordFile = config.sops.secrets.sharedUsers-justyna.path;
   };
 }

nix/os/devices/sj-srv1/default.nix

@@ -17,6 +17,7 @@ in
 
   ${nodeName} = {
     deployment.targetHost = "${nodeName}.dmz.internal";
+    # deployment.targetHost = "www.stefanjunker.de";
     deployment.replaceUnknownProfiles = false;
 
     imports = [

nix/os/devices/sj-srv1/flake.lock

@@ -7,32 +7,32 @@
         ]
       },
       "locked": {
-        "lastModified": 1747020534,
+        "lastModified": 1747556831,
-        "narHash": "sha256-D/6rkiC6w2p+4SwRiVKrWIeYzun8FBg7NlMKMwQMxO0=",
+        "narHash": "sha256-Qb84nbYFFk0DzFeqVoHltS2RodAYY5/HZQKE8WnBDsc=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "b4bbdc6fde16fc2051fcde232f6e288cd22007ca",
+        "rev": "d0bbd221482c2713cccb80220f3c9d16a6e20a33",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "release-24.11",
+        "ref": "release-25.05",
         "repo": "home-manager",
         "type": "github"
       }
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1746957726,
+        "lastModified": 1747953325,
-        "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=",
+        "narHash": "sha256-y2ZtlIlNTuVJUZCqzZAhIw5rrKP4DOSklev6c8PyCkQ=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94",
+        "rev": "55d1f923c480dadce40f5231feb472e81b0bab48",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-24.11",
+        "ref": "nixos-25.05",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -55,11 +55,11 @@
     },
     "nixpkgs-master": {
       "locked": {
-        "lastModified": 1747142919,
+        "lastModified": 1748090750,
-        "narHash": "sha256-84jJ5uDXws7EYch+4fxmfoCCTWRWZCXCCVM0Dh65ZH8=",
+        "narHash": "sha256-q98rD+6llf/9ABNZc0lbSgGVjqMvkx4QL8LTs1jt+FY=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "60bdd7db9e890967224c2244be45beecd7d6e448",
+        "rev": "a9e3bbb8995849e5daa0cf5e03a09c1df63bf933",
         "type": "github"
       },
       "original": {
@@ -71,11 +71,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1747114929,
+        "lastModified": 1748074755,
-        "narHash": "sha256-GnQGiZiOnGfxM9oVhgqOJk0Qv1aZ11p5Aloac2tdoKY=",
+        "narHash": "sha256-b3SC3Q3cXr4tdCN3WVTFqMP8I9OwaXXcj1aVoSVaygw=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "fab95ba4b9523f310644e6e6087c0014535c8e02",
+        "rev": "c3ee76c437067f1ae09d6e530df46a3f80977992",
         "type": "github"
       },
       "original": {

nix/os/devices/sj-srv1/flake.nix

@@ -1,12 +1,12 @@
 {
-  inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
+  inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
   inputs.nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable-small";
   inputs.nixpkgs-master.url = "github:nixos/nixpkgs/master";
 
   inputs.nixpkgs-kanidm.url = "github:steveej-forks/nixpkgs/kanidm";
 
   inputs.home-manager = {
-    url = "github:nix-community/home-manager/release-24.11";
+    url = "github:nix-community/home-manager/release-25.05";
     inputs.nixpkgs.follows = "nixpkgs";
   };
 

nix/os/devices/steveej-x13s/configuration.nix

@@ -87,7 +87,7 @@
     {
       networking.nat = {
         enable = true;
-        internalInterfaces = ["ve-+"];
+        internalInterfaces = [ "ve-+" ];
         # externalInterface = "enu1u1u2";
         # Lazy IPv6 connectivity for the container
         # enableIPv6 = true;
@@ -283,5 +283,6 @@
 
   nix.settings.sandbox = lib.mkForce "relaxed";
 
-  systemd.user.services.wireplumber.environment.LIBCAMERA_IPA_PROXY_PATH = "${pkgs.libcamera}/libexec/libcamera";
+  systemd.user.services.wireplumber.environment.LIBCAMERA_IPA_PROXY_PATH =
+    "${pkgs.libcamera}/libexec/libcamera";
 }

nix/os/devices/steveej-x13s/flake.lock

@@ -3,11 +3,11 @@
     "ath11k-firmware": {
       "flake": false,
       "locked": {
-        "lastModified": 1741293326,
+        "lastModified": 1746643896,
-        "narHash": "sha256-Ew0d2h1pHqJB8SC0pEYezU5lMknvlcYazVVYCtjW3OY=",
+        "narHash": "sha256-QXZHcbMNX0f2RQBrCCYRS3dLU1q/02J3HjnWuv8Oaaw=",
         "ref": "refs/heads/main",
-        "rev": "bc6359cb7ad38b7bc4de6580b7a3c70851c0cafb",
+        "rev": "1e7cd757828d414f71da82f480696540473bd475",
-        "revCount": 173,
+        "revCount": 174,
         "type": "git",
         "url": "https://git.codelinaro.org/clo/ath-firmware/ath11k-firmware.git"
       },
@@ -38,11 +38,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745812220,
+        "lastModified": 1748225455,
-        "narHash": "sha256-hotBG0EJ9VmAHJYF0yhWuTVZpENHvwcJ2SxvIPrXm+g=",
+        "narHash": "sha256-AzlJCKaM4wbEyEpV3I/PUq5mHnib2ryEy32c+qfj6xk=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "d0c543d740fad42fe2c035b43c9d41127e073c78",
+        "rev": "a894f2811e1ee8d10c50560551e50d6ab3c392ba",
         "type": "github"
       },
       "original": {
@@ -215,15 +215,15 @@
         ]
       },
       "locked": {
-        "lastModified": 1737233786,
+        "lastModified": 1748455938,
-        "narHash": "sha256-WO6owkCecetn7bbu/ofy8aftO3rPCHUeq5GlVLsfS4M=",
+        "narHash": "sha256-mQ/iNzPra2WtDQ+x2r5IadcWNr0m3uHvLMzJkXKAG/8=",
-        "owner": "steveej-forks",
+        "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "40ecdf4fc8bb698b8cbdb2ddb0ed5b1868e43c1a",
+        "rev": "02077149e2921014511dac2729ae6dadb4ec50e2",
         "type": "github"
       },
       "original": {
-        "owner": "steveej-forks",
+        "owner": "nix-community",
         "ref": "master",
         "repo": "home-manager",
         "type": "github"
@@ -232,16 +232,16 @@
     "linux-jhovold": {
       "flake": false,
       "locked": {
-        "lastModified": 1745847827,
+        "lastModified": 1748260494,
-        "narHash": "sha256-ewM7Rpd6On6ys3OkcWOtR7TNWSRZRLZpRP7L9syhn6s=",
+        "narHash": "sha256-0KTN63q+86g++BVQPOm7MHAVQvj+t3aJFsPwE+wDk2U=",
         "owner": "jhovold",
         "repo": "linux",
-        "rev": "1786db28b335abb5a0fa1e8a27e9950a73f64acf",
+        "rev": "ababc24306a694b74995cffc4e9c51aa84b9af8a",
         "type": "github"
       },
       "original": {
         "owner": "jhovold",
-        "ref": "wip/sc8280xp-6.15-rc4",
+        "ref": "wip/sc8280xp-6.15",
         "repo": "linux",
         "type": "github"
       }
@@ -257,11 +257,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1745920427,
+        "lastModified": 1747734538,
-        "narHash": "sha256-E5uUuKv7Mn0/EfmffRQZpSeATcSzJFVeYVF6Cn7KbJc=",
+        "narHash": "sha256-bFKEPbwffDSvoG6KBDH87ebbnFq1IyqAfLyg2zlwlIY=",
         "owner": "threefoldtech",
         "repo": "mycelium",
-        "rev": "1eec5651bf5f194b7f7875ec2483582ccebf1cc1",
+        "rev": "71cb99dc65f47d4baced0288df1d299bf960505e",
         "type": "github"
       },
       "original": {
@@ -317,11 +317,11 @@
         "x13s-bt-linux-firmware": "x13s-bt-linux-firmware"
       },
       "locked": {
-        "lastModified": 1745914252,
+        "lastModified": 1748459535,
-        "narHash": "sha256-u8hbsI+oW+cO+omdGeY6Q+Z/NvVZaHIZS70f1mq1gac=",
+        "narHash": "sha256-U7n47n4oIhKKiCVzGBOz0vdoihmjLBJFPvdp+gFapmU=",
         "ref": "bump",
-        "rev": "8bd7972c74b12b45aee190ce2ddd6960a0771af6",
+        "rev": "903961b6ad426a1092d3b05501b8f17bcde3c0ab",
-        "revCount": 147,
+        "revCount": 151,
         "type": "git",
         "url": "https://forgejo.www.stefanjunker.de/steveej/nixos-x13s.git"
       },
@@ -345,11 +345,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1746055187,
+        "lastModified": 1748037224,
-        "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=",
+        "narHash": "sha256-92vihpZr6dwEMV6g98M5kHZIttrWahb9iRPBm1atcPk=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5",
+        "rev": "f09dede81861f3a83f7f06641ead34f02f37597f",
         "type": "github"
       },
       "original": {
@@ -361,11 +361,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1745930157,
+        "lastModified": 1748370509,
-        "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=",
+        "narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae",
+        "rev": "4faa5f5321320e49a78ae7848582f684d64783e9",
         "type": "github"
       },
       "original": {
@@ -389,28 +389,7 @@
           "nixpkgs-unstable"
         ],
         "nixpkgs-stable": "nixpkgs-stable",
-        "nixpkgs-unstable": "nixpkgs-unstable",
+        "nixpkgs-unstable": "nixpkgs-unstable"
-        "signal-desktop": "signal-desktop"
-      }
-    },
-    "signal-desktop": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1745037528,
-        "narHash": "sha256-twzHVBNEX6daUCFwtjn3X7WaJnwRqHeAxX0MB7kosHo=",
-        "owner": "youwen5",
-        "repo": "signal-desktop-flake",
-        "rev": "1b41af6489574da6ba1e0186235c87acbf57163f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "youwen5",
-        "repo": "signal-desktop-flake",
-        "type": "github"
       }
     },
     "systems": {

nix/os/devices/steveej-x13s/flake.nix

@@ -10,8 +10,8 @@
     disko.inputs.nixpkgs.follows = "nixpkgs";
 
     home-manager = {
-      url = "github:steveej-forks/home-manager/master";
+      # url = "github:steveej-forks/home-manager/master";
-      # url = "github:nix-community/home-manager/master";
+      url = "github:nix-community/home-manager/master";
       # url = "github:nix-community/home-manager/release-24.11";
       inputs.nixpkgs.follows = "nixpkgs";
     };
@@ -49,11 +49,6 @@
       url = "github:erikarvstedt/extra-container";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-
-    signal-desktop = {
-      url = "github:youwen5/signal-desktop-flake";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
   };
 
   outputs =
@@ -100,10 +95,8 @@
         inherit mkNixosConfiguration;
       };
 
-      overlays.default =
+      overlays.default = _final: _previous: {
-        _final: _previous:
+      };
-        {
-        };
 
       nixosConfigurations = {
         native = mkNixosConfiguration { system = nativeSystem; };

nix/os/profiles/graphical-gnome-xorg.nix

@@ -1,9 +1,9 @@
 { pkgs, lib, ... }:
 {
+  services.libinput.enable = true;
+  services.libinput.touchpad.naturalScrolling = true;
   services.xserver = {
     enable = true;
-    libinput.enable = true;
-    libinput.touchpad.naturalScrolling = true;
 
     videoDrivers = [
       "qxl"
@@ -15,9 +15,9 @@
       "vmware"
       "modesetting"
     ];
-    layout = "us";
+    xkb.layout = "us";
-    xkbVariant = "altgr-intl";
+    xkb.variant = "altgr-intl";
-    xkbOptions = "nodeadkeys";
+    xkb.options = "nodeadkeys";
 
     desktopManager = {
       # FIXME: gnome should be moved to user session
@@ -41,14 +41,13 @@
 
   # TODO: fully delegate graphical session to home-manager config
   services.gnome = {
-    gnome-online-miners.enable = lib.mkForce false;
     games.enable = false;
     gnome-remote-desktop.enable = false;
     gnome-user-share.enable = false;
     rygel.enable = false;
     sushi.enable = false;
-    tracker.enable = false;
+    tinysparql.enable = false;
-    tracker-miners.enable = false;
+    localsearch.enable = false;
 
     gnome-browser-connector.enable = false;
     gnome-initial-setup.enable = false;
@@ -72,9 +71,8 @@
       orca
       gnome-photos
       gnome-tour
-    ])
+
-    ++ (with pkgs.gnome; [
+      snapshot # webcam tool
-      cheese # webcam tool
       gnome-music
       gnome-terminal
       gedit # text editor
@@ -83,23 +81,24 @@
       evince # document viewer
       gnome-characters
       totem # video player
-      tali # poker game
-      iagno # go game
-      hitori # sudoku game
-      atomix # puzzle game
     ]);
 
-  hardware.pulseaudio = {
+  services.pipewire = {
+    audio.enable = true;
     enable = true;
-    package = pkgs.pulseaudioFull;
+    alsa.enable = true;
-    support32Bit = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    wireplumber.enable = true;
+    # If you want to use JACK applications, uncomment this
+    #jack.enable = true;
   };
 
   services.dbus.packages = with pkgs; [ dconf ];
 
   # More Services
   environment.systemPackages = [
-    pkgs.gnome.adwaita-icon-theme
+    pkgs.adwaita-icon-theme
     pkgs.gnomeExtensions.appindicator
   ];
 }

nix/os/profiles/graphical/system.nix

@@ -19,7 +19,7 @@
 
   # hardware related services
   services.pcscd.enable = true;
-  hardware.opengl.enable = true;
+  hardware.graphics.enable = true;
 
   services.udev.packages = [
     pkgs.libu2f-host
@@ -53,8 +53,6 @@
   services.printing = {
     enable = true;
     drivers = with pkgs; [
-      mfcl3770cdwlpr
-      mfcl3770cdwcupswrapper
     ];
   };
 }

nix/os/snippets/nix-settings.nix

@@ -36,5 +36,5 @@ in
     inherit (nodeFlake.inputs.nixpkgs) narHash;
   };
 
-  nix.package = pkgsUnstable.nixVersions.latest;
+  nix.package = pkgs.nixVersions.latest;
 }

nix/os/snippets/sway-desktop.nix

@@ -16,7 +16,7 @@ in
     Option "OffTime" "0"
   '';
 
-  hardware.opengl.enable = true;
+  hardware.graphics.enable = true;
 
   services.gvfs = {
     enable = true;