Merge remote-tracking branch 'refs/remotes/origin/main'

2025-10-13 16:28:48 +02:00 · 2025-10-13 16:28:48 +02:00 · 7f358ab0c5
commit 7f358ab0c5
parent 9e043e4a3a 2970491f62
29 changed files with 337 additions and 192 deletions
--- a/flake.lock
+++ b/flake.lock
@ -28,43 +28,43 @@
        ]
      },
      "locked": {
-        "lastModified": 1745557122,
-        "narHash": "sha256-eqSo9ugzsqhFgaDFYUZj943nurlX4L6f+AW0skJ4W+M=",
+        "lastModified": 1757808926,
+        "narHash": "sha256-K6PEI5PYY94TVMH0mX3MbZNYFme7oNRKml/85BpRRAo=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "dd26f75fb4ec1c731d4b1396eaf4439ce40a91c1",
+        "rev": "f21d9167782c086a33ad53e2311854a8f13c281e",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
-        "ref": "release-24.11",
+        "ref": "release-25.05",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1745742390,
-        "narHash": "sha256-1rqa/XPSJqJg21BKWjzJZC7yU0l/YTVtjRi0RJmipus=",
+        "lastModified": 1757810152,
+        "narHash": "sha256-Vp9K5ol6h0J90jG7Rm4RWZsCB3x7v5VPx588TQ1dkfs=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "26245db0cb552047418cfcef9a25da91b222d6c7",
+        "rev": "9a094440e02a699be5c57453a092a8baf569bdad",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
-        "ref": "nixos-24.11",
+        "ref": "nixos-25.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
-        "lastModified": 1745794561,
-        "narHash": "sha256-T36rUZHUART00h3dW4sV5tv4MrXKT7aWjNfHiZz7OHg=",
+        "lastModified": 1757745802,
+        "narHash": "sha256-hLEO2TPj55KcUFUU1vgtHE9UEIOjRcH/4QbmfHNF820=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "5461b7fa65f3ca74cef60be837fd559a8918eaa0",
+        "rev": "c23193b943c6c689d70ee98ce3128239ed9e32d1",
        "type": "github"
      },
      "original": {
@ -77,15 +77,14 @@
    "nur": {
      "inputs": {
        "flake-parts": "flake-parts",
-        "nixpkgs": "nixpkgs_2",
-        "treefmt-nix": "treefmt-nix"
+        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
-        "lastModified": 1745913556,
-        "narHash": "sha256-hKf2z9fw7vwRBa4CCijolsZt+fqSCixSGai2MS0l+Wg=",
+        "lastModified": 1757946652,
+        "narHash": "sha256-PpPoePu9UIJdjtuaQ1xLM8PVqekI2s9im7r3SWgpVtU=",
        "owner": "nix-community",
        "repo": "nur",
-        "rev": "670e6a286982af78be5fc0b5109356db2d361119",
+        "rev": "9c4ccef96fa4d2411b89a3696d3e871047219b93",
        "type": "github"
      },
      "original": {
@ -100,27 +99,6 @@
        "nixpkgs": "nixpkgs",
        "nur": "nur"
      }
-    },
-    "treefmt-nix": {
-      "inputs": {
-        "nixpkgs": [
-          "nur",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1733222881,
-        "narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "rev": "49717b5af6f80172275d47a418c9719a31a78b53",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "treefmt-nix",
-        "type": "github"
-      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -2,8 +2,8 @@
  description = "Complete system and home config";

  inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
-    home-manager.url = "github:nix-community/home-manager/release-24.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
+    home-manager.url = "github:nix-community/home-manager/release-25.05";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";
    nur.url = "github:nix-community/nur";
  };
@ -22,7 +22,7 @@
          ./system/desktop.nix
          ./system/hardware/nova.nix
          ./system/gnome.nix
-          ./system/sway.nix
+          ./system/ergodox.nix
          ./system/steam.nix
          ./system/btrbk.nix
          ./system/yubikey.nix
@ -84,6 +84,23 @@
        ];
      };

+      homer = nixpkgs.lib.nixosSystem {
+        specialArgs = { inherit inputs; };
+        modules = [
+          {
+            networking.hostName = "homer";
+          }
+          ./system
+          ./system/desktop.nix
+          ./system/hardware/homer.nix
+          ./system/gnome.nix
+          ./system/steam.nix
+          ./system/media.nix
+          # ./system/btrbk.nix
+          ./system/guest.nix
+        ];
+      };
+
    };

    homeConfigurations = {
--- a/home/alt.nix
+++ b/home/alt.nix
@ -47,6 +47,7 @@
    ./firefox.nix
    ./foot.nix
    ./fish.nix
+    ./vifm
    ./tmux
    ./nvim
  ];
--- a/home/calendars.nix
+++ b/home/calendars.nix
@ -59,32 +59,38 @@ in

  accounts.calendar.basePath = "${config.xdg.dataHome}/calendars";
  accounts.calendar.accounts = {
+
    till = calDefaults // {
      khal.enable = true;
      primary = true;
      khal.color = "light blue";
      remote = myRemote "personal";
    };
+
    mitlisa = calDefaults // {
      khal.enable = true;
      khal.color = "light magenta";
      remote = myRemote "lisa-und-till";
    };
+
    family = calDefaults // {
      khal.enable = true;
      khal.color = "dark magenta";
      remote = myRemote "family";
    };
+
    bdays = calDefaults // {
      khal.enable = true;
      khal.color = "yellow";
      remote = myRemote "geburtstage";
    };
+
    polit = calDefaults // {
      khal.enable = true;
      khal.color = "dark gray";
      remote = myRemote "polit";
    };
+
    ihg = calDefaults // {
      khal.enable = true;
      khal.color = "dark cyan";
@ -93,6 +99,7 @@ in
        url  = "https://geocom.uni-frankfurt.de/radicale/ihg/5012a739-dbaf-334b-f093-8db1860bc26e/";
      };
    };
+
    "eintracht_m" = calDefaults // {
      khal.enable = true;
      khal.color = "light red";
@ -101,6 +108,7 @@ in
        url  = "http://i.cal.to/ical/257/eintrachtfrankfurt/spielplan/28ae0d30.f781380b-e6f28bd4.ics";
      };
    };
+
    "eintracht_f" = calDefaults // {
      khal.enable = true;
      khal.color = "dark red";
@ -109,6 +117,16 @@ in
        url  = "http://i.cal.to/ical/5940/eintrachtfrankfurt/spielplan-frauen-profis/28ae0d30.f781380b-1763bff2.ics";
      };
    };
+
+    "feiertage" = calDefaults // {
+      khal.enable = true;
+      khal.color = "dark green";
+      remote = {
+        type = "http";
+        url  = "https://ics.tools/Feiertage/hessen.ics";
+      };
+    };
+
    "grid" = calDefaults // {
      khal.enable = true;
      khal.color = "light green";
--- a/home/castget/castget.conf
+++ b/home/castget/castget.conf
@ -1,27 +1,34 @@
 # vim: set ft=conf

-[drei90]
-url=http://feeds.feedburner.com/Drei90
-id3album=drei90
+[2.5admins]
+url=https://2.5admins.com/feed/podcast

 [50plus2]
 url=https://50plus2.podigee.io/feed/mp3
-id3album=50+2
+album_tag=50+2
+
+[drei90]
+url=http://feeds.feedburner.com/Drei90
+album_tag=drei90
+
+[efpodcast]
+url=https://www.eintracht-podcast.de/feed/mp3

 [latenightlinux]
 url=https://latenightlinux.com/feed/mp3

-[linuxdevtime]
-url=https://latenightlinux.com/feed/extra
-
 [linuxafterdark]
 url=https://linuxafterdark.net/feed/podcast

+[linuxdevtime]
+url=https://latenightlinux.com/feed/extra
+
 [linuxmatters]
 url=https://linuxmatters.sh/episode/index.xml

-[2.5admins]
-url=https://2.5admins.com/feed/podcast
+[logbuchnetzpolitik]
+url=https://feeds.metaebene.me/lnp/mp3
+album_tag=Logbuch Netzpolitik

 [schlusskonferenz]
 url=https://schlusskonferenz.podigee.io/feed/mp3
@ -31,20 +38,16 @@ url=https://tribuenengespraech.podigee.io/feed/mp3

 [wettbrötchen]
 url=https://www.wett-broetchen.de/feed/mp3
-id3album=Wettbrötchen
+album_tag=Wettbrötchen

-[efpodcast]
-url=https://www.eintracht-podcast.de/feed/mp3
+[edeltalk]
+url=https://cdn.julephosting.de/podcasts/573-edeltalk-mit-dominik-kevin/feed.rss
+album_tag=Edeltalk

-# [edeltalk]
-# url=https://cdn.julephosting.de/podcasts/573-edeltalk-mit-dominik-kevin/feed.rss
-# id3album=Edeltalk
-
-[logbuchnetzpolitik]
-url=https://feeds.metaebene.me/lnp/mp3
-id3album=Logbuch Netzpolitik
+[youredeadtome]
+url=https://podcasts.files.bbci.co.uk/p07mdbhg.rss

 [*]
-id3contenttype=Podcast
+genre_tag=Podcast
 spool=/home/till/.local/share/podcasts
 filename=%(channel_title)_%(date)_%(title).mp3
--- a/home/default.nix
+++ b/home/default.nix
@ -5,7 +5,6 @@
  home.packages = with pkgs; [

    # messenger
-    element-desktop
    signal-desktop
    tdesktop

@ -18,6 +17,7 @@
    jdk
    poppler_utils
    zotero
+    lorem

    # graphics
    gimp
@ -29,14 +29,14 @@

    # media
    bookworm
-    heroic
    anki-bin
-    freetube
    qbittorrent
    nicotine-plus

    #  other
    quickemu
+    keymapp
+    gnome-solanum

  ];

@ -50,6 +50,6 @@
  ];

  programs.obs-studio.enable = true;
-  programs.kitty.enable = true;
+  programs.freetube.enable = true;

 }
--- a/home/firefox.nix
+++ b/home/firefox.nix
@ -1,4 +1,4 @@
-{ config, pkgs, ... }:
+{ config, pkgs, osConfig, ... }:

 {
  programs.firefox = {
@ -38,17 +38,19 @@
      ${config.home.username} = {
        name = config.home.username;
        isDefault = true;
-        extensions = with pkgs.nur.repos.rycee.firefox-addons; [
+        extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
+          adaptive-tab-bar-colour
          auto-tab-discard
          keepassxc-browser
          tampermonkey
          ublock-origin
          vimium
+          web-archives
          zotero-connector
        ];
        search = {
          force = true;
-          default = "Google";
+          default = "ddg";
          engines = {
            "Nix Packages" = {
              urls = [{
@ -63,66 +65,67 @@
            };
            "NixOS Wiki" = {
              urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
-              iconUpdateURL = "https://nixos.wiki/favicon.png";
+              icon = "https://nixos.wiki/favicon.png";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@nw" ];
            };
            "NixOS Options" = {
              urls = [{ template = "https://search.nixos.org/options?query={searchTerms}"; }];
-              iconUpdateURL = "https://nixos.org/favicon.png";
+              icon = "https://nixos.org/favicon.png";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@no" ];
            };
            "Home manager options" = {
-              urls = [{ template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=release-24.11"; }];
-              iconUpdateURL = "https://mipmip.github.io/home-manager-option-search/images/favicon.png";
+              # urls = [{ template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=release-${osConfig.system.nixos.release}"; }];
+              urls = [{ template = "https://home-manager-options.extranix.com/?query={searchTerms}&release=release-25.05"; }];
+              icon = "https://mipmip.github.io/home-manager-option-search/images/favicon.png";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@hm" ];
            };
            "Google maps" = {
              urls = [{ template = "http://maps.google.com/?q={searchTerms}"; }];
-              iconUpdateURL = "https://www.google.com/images/branding/product/ico/maps15_bnuw3a_32dp.ico";
+              icon = "https://www.google.com/images/branding/product/ico/maps15_bnuw3a_32dp.ico";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@gm" ];
            };
            "Google scholar" = {
              urls = [{ template = "https://scholar.google.com/scholar?q={searchTerms}"; }];
-              iconUpdateURL = "https://scholar.google.com/favicon.ico";
+              icon = "https://scholar.google.com/favicon.ico";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@gs" ];
            };
            "UB" = {
              urls = [{ template = "https://ubffm.hds.hebis.de/Search/Results?lookfor={searchTerms}"; }];
-              iconUpdateURL = "https://ubffm.hds.hebis.de/themes/ubffm/images/favicon.ico";
+              icon = "https://ubffm.hds.hebis.de/themes/ubffm/images/favicon.ico";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@ub" ];
            };
            "SciHub" = {
              urls = [{ template = "https://libgen.is/search.php?req={searchTerms}"; }];
-              iconUpdateURL = "https://libgen.is/favicon.ico";
+              icon = "https://libgen.is/favicon.ico";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@lg" ];
            };
            "Libgen" = {
              urls = [{ template = "https://libgen.is/search.php?req={searchTerms}"; }];
-              iconUpdateURL = "https://libgen.is/favicon.ico";
+              icon = "https://libgen.is/favicon.ico";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@lg" ];
            };
            "Urban Dictionary" = {
              urls = [{ template = "https://www.urbandictionary.com/define.php?term={searchTerms}"; }];
-              iconUpdateURL = "https://www.urbandictionary.com/favicon-32x32.png";
+              icon = "https://www.urbandictionary.com/favicon-32x32.png";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@ud" ];
            };
            "Leo" = {
              urls = [{ template = "https://dict.leo.org/englisch-deutsch/{searchTerms}"; }];
-              iconUpdateURL = "https://dict.leo.org/img/favicons/ende-32.png";
+              icon = "https://dict.leo.org/img/favicons/ende-32.png";
              updateInterval = 24 * 60 * 60 * 1000;
              definedAliases = [ "@leo" ];
            };
            "Wikipedia".metaData.alias = "@wiki";
-            "Bing".metaData.hidden = true;
+            "bing".metaData.hidden = true;
            "Amazon.de".metaData.hidden = true;
          };
        };
@ -138,7 +141,7 @@
          user_pref("browser.warnOnQuitShortcut", false);
          user_pref("dom.security.https_only_mode", true);
          user_pref("extensions.formautofill.creditCards.enabled", false);
-          user_pref("extensions.pocket.enabled", true);
+          user_pref("extensions.pocket.enabled", false);
          user_pref("intl.accept_languages", "de-de,en-us,en");
          user_pref("intl.regional_prefs.use_os_locales", true);
          user_pref("media.eme.enabled", true);
--- a/home/fish.nix
+++ b/home/fish.nix
@ -2,28 +2,12 @@
 {
  home.shellAliases = {
    top      = "btm --battery";
-    linkbox   = "ln -s (pwd) ~/box/";
-    rloft     = "tmux source-file ~/.config/tmux/rloft.conf";
-    liftbox   = "ssh tstraube@login.server.uni-frankfurt.de \"rm -r box/*\" && scp -vr ~/box/ tstraube@login.server.uni-frankfurt.de:box/";
-    ktiubox   = "rsync -vaL --delete ~/box/ root@ktiu.net:/var/www/html/box/";
    ymd       = "date +'%Y-%m-%d'";
-    pulluni   = "ssh tstraube@login.server.uni-frankfurt.de \"cd uni-tstraube && git pull\"";
-    pullstat  = "tar czf - -C ~/teach/2025_statistik/skript/public/ . | ssh tstraube@login.server.uni-frankfurt.de 'tar xzf - -C ~/public_html/c/stat25'";
-    pullgrid  = "ssh till@geocom.uni-frankfurt.de \"cd /var/www/grid && git pull\"";
-    buildfk   = "curl -X POST -d '{}' https://api.netlify.com/build_hooks/65dc8705b91d7cbaf0a1e1b5";
-    showbox   = "chromium-browser -app=https://user.uni-frankfurt.de/~tstraube/box";
-    showc     = "chromium-browser -app=https://user.uni-frankfurt.de/~tstraube/c/";
-    castget   = "castget -prvC ~/.config/castget/castget.conf";
-    castsync  = "rsync -va --remove-source-files --progress --stats ~/.local/share/podcasts/ /run/media/till/CLIP\\ JAM/Podcasts/";
-    musicsync = "rsync -va --ignore-existing --progress --stats ~/media/music/sync/ /run/media/till/CLIP\\ JAM/Music/";
-    cb        = "cd $(sed 's|^file://||' /home/till/.config/gtk-3.0/bookmarks | fzf --height 10% --reverse)";
-    univpn    = "secret-tool lookup server uni-frankfurt.de account tstraube | sudo openconnect --config=/home/till/.config/openconnect/config --passwd-on-stdin";
+    dmy       = "date +'%-d.-%-m.%Y'";
    v         = "nvim";
    r         = "R --no-save --no-restore";
    R         = "R --no-save --no-restore";
    cdg       = "cd \$(git rev-parse --show-toplevel)";
-    map       = "telnet mapscii.me";
-    weather   = "curl wttr.in/frankfurt";
  };
  programs.fish = {
    enable = true;
@ -37,14 +21,6 @@

      function fish_greeting; end

-      function pod --description 'Full service podcast refresh'
-        castget
-        udisksctl mount -b /dev/disk/by-label/CLIP\\x20JAM
-        musicsync
-        castsync
-        udisksctl unmount -b /dev/disk/by-label/CLIP\\x20JAM
-      end
-
      function startrloft --description 'Starts R with custom environment'
        set -lx R_ENVIRON_USER "~/.config/rloft/RLoft_environ"
        R -q
@ -62,10 +38,6 @@
        end
      end

-      function lipsum --description 'Create placeholder text'
-        nix-shell -p perl536Packages.TextLorem --run 'lorem '(echo $argv)
-      end
-
      set -U fish_prompt_pwd_dir_length 0

      function fish_prompt --description "Write out the prompt"
@ -93,7 +65,7 @@
      set __fish_git_prompt_char_upstream_ahead '+'
      set __fish_git_prompt_char_upstream_behind '-'

-      test -f '/home/till/.config/netlify/helper/path.fish.inc' && source '/home/till/.config/netlify/helper/path.fish.inc'
+      test -f ${config.xdg.configHome}/alias.fish && source ${config.xdg.configHome}/alias.fish
    '';
  };
 }
--- a/home/foot.nix
+++ b/home/foot.nix
@ -8,6 +8,7 @@
        shell = "${pkgs.fish}/bin/fish -c 'tmux attach'";
        pad = "17x17";
        font = "JetBrains Mono:size=14";
+        # font = "Adwaita Mono:size=14";
        initial-window-mode = "maximized";
        line-height = "19";
      };
--- a/home/gnome/default.nix
+++ b/home/gnome/default.nix
@ -7,8 +7,10 @@
    size = 32;
  };

-  home.packages = with pkgs; [
-    gnomeExtensions.run-or-raise
+  home.packages = with pkgs.gnomeExtensions; [
+    run-or-raise
+    removable-drive-menu
+    system-monitor
  ];

  dconf.settings = {
--- a/home/guest.nix
+++ b/home/guest.nix
@ -33,9 +33,11 @@
    wl-clipboard
    qbittorrent
    vlc
+    mpv
    # mullvad-vpn
    ffmpeg
    libnotify
+    # freetube
  ];

  imports = [
@ -45,6 +47,7 @@
    ./fish.nix
    ./tmux
    ./nvim
+    ./fonts.nix
  ];

  programs.nix-index = {
--- a/home/minimal.nix
+++ b/home/minimal.nix
@ -31,6 +31,7 @@
    fzf
    jq
    progress
+    rename
    silver-searcher
    tldr
    tmux
--- a/home/nvim/default.nix
+++ b/home/nvim/default.nix
@ -1,25 +1,29 @@
 { config, pkgs, ... }:

 {
-  home.packages = with pkgs.nodePackages; [
-    typescript-language-server
+  imports = [ ./khard-dump.nix ];
+  home.packages = with pkgs; [
+    nodePackages.typescript-language-server
+    marksman
  ];
-
  programs.neovim = {
    extraConfig = builtins.readFile ./config.vim;
    enable = true;
    defaultEditor = true;
    plugins = with pkgs.vimPlugins;
+
    let 
      woof = pkgs.vimUtils.buildVimPlugin {
        name = "woof.vim";
        src = builtins.fetchGit {
-          url = "ssh://git@ktiu.net/home/git/woof.vim/";
+          url = "ssh://git@shorbut.ktiu.net/home/git/woof.vim/";
          ref = "main";
-          rev = "ea2ed3afb7c00a6b1672351e22195c0f8dd5d696";
+          rev = "4425fa50137a71ba4c48c3a09c3db1aad06705dc";
        };
      };
-    in [
+    in
+
+    [
      {
        plugin = woof;
        config = ''
@ -56,7 +60,6 @@
          \)
        '';
      }
-
      {
        plugin = goyo;
        config = ''
@ -65,7 +68,6 @@
          nnoremap ]og :Goyo!<return>
        '';
      }
-
      {
        plugin = limelight-vim;
        config = ''
@ -76,12 +78,10 @@
          nnoremap ]of :Limelight!<return>
        '';
      }
-
      {
        plugin = nvim-colorizer-lua;
        config = "lua require 'colorizer'.setup()";
      }
-
      {
        plugin = papercolor-theme;
        config = ''
@ -89,7 +89,6 @@
          colorscheme PaperColor
        '';
      }
-
      typescript-vim
      {
        plugin = ultisnips;
--- a/home/nvim/khard-dump.nix
+++ b/home/nvim/khard-dump.nix
@ -0,0 +1,29 @@
+{ config, pkgs, ... }:
+
+{
+  systemd.user.timers = {
+    khard-dump = {
+      Unit = {
+        Description = "Timer to run khard-dump service";
+      };
+      Timer = {
+        OnCalendar = "*:00/10";
+        Unit = "khard-dump.service";
+      };
+    };
+  };
+
+  systemd.user.services = {
+    khard-dump = {
+      Unit = {
+        Description = "Dumps contact info to custom cache file";
+      };
+      Service = {
+        ExecStart = "${pkgs.writeScript "khard-dump" ''
+          #! ${pkgs.stdenv.shell}
+          ${pkgs.khard.outPath}/bin/khard email --parsable --remove-first-line | awk 'BEGIN{FS=OFS="\t"}{print $2, $1}\' > ${config.xdg.cacheHome}/khard-dump
+        ''}";
+      };
+    };
+  };
+}
--- a/home/nvim/lsp.vim
+++ b/home/nvim/lsp.vim
@ -69,7 +69,7 @@ lua <<EOF

  local nvim_lsp = require('lspconfig')
  local capabilities = require('cmp_nvim_lsp').default_capabilities()
-  local servers = { "r_language_server", "ts_ls", "astro", "texlab" }
+  local servers = { "r_language_server", "ts_ls", "astro", "texlab", "marksman" }
  for _, lsp in ipairs(servers) do
    nvim_lsp[lsp].setup {
      on_attach = on_attach,
--- a/home/nvim/test.md
+++ b/home/nvim/test.md
--- a/home/r.nix
+++ b/home/r.nix
@ -7,7 +7,7 @@
        lectuR = pkgs.rPackages.buildRPackage {
          name = "lectuR";
          src = builtins.fetchGit {
-            url = "ssh://git@ktiu.net/home/git/lectuR/";
+            url = "ssh://git@shorbut.ktiu.net/home/git/lectuR/";
            ref = "main";
            rev = "0aafe4eb057a7ec12b8d6ac40ce0bfc8dab80c2b";
          };
@ -17,7 +17,7 @@
        publishR = pkgs.rPackages.buildRPackage {
          name = "publishR";
          src = builtins.fetchGit {
-            url = "ssh://git@ktiu.net/home/git/publishR/";
+            url = "ssh://git@shorbut.ktiu.net/home/git/publishR/";
            ref = "main";
            rev = "ee137a66ca3b713205ac44e5165292e7ad6388b6";
          };
@ -27,9 +27,9 @@
        goethR = pkgs.rPackages.buildRPackage {
          name = "goethR";
          src = builtins.fetchGit {
-            url = "ssh://git@ktiu.net/home/git/goethR/";
+            url = "ssh://git@arielle.ktiu.net/home/git/goethR/";
            ref = "main";
-            rev = "a3a0363d1fbdf6be19e3597d9484615cd2c47cc0";
+            rev = "f84139455723907258c98384dca9cc58ddfff0ed";
          };
          propagatedBuildInputs = [];
          nativeBuildInputs = [];
@ -44,6 +44,7 @@
        eurostat
        extrafont
        ggplot2
+        ggridges
        jsonlite
        kableExtra
        knitr
@ -60,6 +61,7 @@
        RColorBrewer
        readODS
        revealjs
+        restatis
        rlist
        rmarkdown
        rnaturalearth
--- a/home/slim-desktop.nix
+++ b/home/slim-desktop.nix
@ -60,7 +60,7 @@
    # secrets
    libsecret
    keepassxc
-    yubikey-manager-qt
+    yubioath-flutter

    # geospatial
    duckdb
--- a/system/cosmic.nix
+++ b/system/cosmic.nix
@ -0,0 +1,5 @@
+{ config, pkgs, ... }:
+
+{
+   services.desktopManager.cosmic.enable = true;
+}
--- a/system/desktop.nix
+++ b/system/desktop.nix
@ -29,7 +29,7 @@
    ];
  };

-  hardware.pulseaudio.enable = false;
+  services.pulseaudio.enable = false;

  services.pipewire = {
    enable = true;
@ -70,8 +70,8 @@
    dbus.enable = true;
    flatpak.enable = true;
    fwupd.enable = true;
-    mullvad-vpn.enable = true;
-    mullvad-vpn.package = pkgs.mullvad-vpn;
+    # mullvad-vpn.enable = true;
+    # mullvad-vpn.package = pkgs.mullvad-vpn;
    printing.enable = true;
  };

--- a/system/ergodox.nix
+++ b/system/ergodox.nix
@ -0,0 +1,9 @@
+{ config, pkgs, ... }:
+
+{
+  services.udev = {
+    extraRules = ''
+      KERNEL=="hidraw*", SUBSYSTEM=="hidraw", MODE="0660", GROUP="wheel"
+    '';
+  };
+}
--- a/system/guest.nix
+++ b/system/guest.nix
@ -10,5 +10,8 @@
      "networkmanager"
    ];
    shell = pkgs.fish;
+    openssh.authorizedKeys.keyFiles = [
+      ./ssh/till${"@"}nova.pub
+    ];
  };
 }
--- a/system/hardware/homer.nix
+++ b/system/hardware/homer.nix
@ -0,0 +1,67 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/hardware/network/broadcom-43xx.nix")
+      (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+  boot.extraModprobeConfig = ''
+    options snd_hda_intel power_save=0
+  '';
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/809e9e9e-ff44-4ecb-8754-e3f2000e5788";
+      fsType = "btrfs";
+      options = [ "subvol=root" ];
+    };
+
+  boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/68a19b7d-358a-419c-9507-1e103526f44a";
+
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/809e9e9e-ff44-4ecb-8754-e3f2000e5788";
+      fsType = "btrfs";
+      options = [ "subvol=home" ];
+    };
+
+  fileSystems."/nix" =
+    { device = "/dev/disk/by-uuid/809e9e9e-ff44-4ecb-8754-e3f2000e5788";
+      fsType = "btrfs";
+      options = [ "subvol=nix" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/553D-668A";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  fileSystems."/var/mediathek" = {
+   device = "/dev/disk/by-uuid/7b0b589f-5759-411a-975a-08a3c7a0f953";
+   fsType = "ext4";
+   options = [ # If you don't have this options attribute, it'll default to "defaults" 
+     # boot options for fstab. Search up fstab mount options you can use
+     "users" # Allows any user to mount and unmount
+     "nofail" # Prevent system from failing if this drive doesn't mount
+   ];
+ };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/system/media.nix
+++ b/system/media.nix
@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+
+{
+  services.sonarr = {
+    enable = true;
+    group = "media";
+  };
+  services.radarr = {
+    enable = true;
+    group = "media";
+  };
+
+  services.flaresolverr.enable = true;
+  services.prowlarr.enable = true;
+  services.bazarr.enable = true;
+
+  users.groups.media = {};
+
+  users.users.guest.extraGroups = [ "media" "wheel" ];
+  users.users.sonarr.extraGroups = [ "media" ];
+}
--- a/system/web-server/dex.nix
+++ b/system/web-server/dex.nix
@ -0,0 +1,54 @@
+{ config, pkgs, ... }:
+
+let
+
+  dex = {
+    hostname = "dex.${config.networking.domain}";
+  };
+
+in {
+
+  services.dex = {
+    enable = true;
+    environmentFile = "/var/custom-access/dex-environemnt";
+    settings = {
+      issuer = "https://${dex.hostname}";
+      storage.type = "sqlite3";
+      web.http = "127.0.0.1:5556";
+      staticClients = [
+        {
+          id = "outline";
+          name = "Outline Client";
+          redirectURIs = [ "https://${outline.hostname}/auth/oidc.callback" ];
+          secretFile = "/var/custom-access/outline-oidc-secret.txt";
+        }
+      ];
+      enablePasswordDB = true;
+      # staticPasswords = [
+      #   {
+      #     email = "till@ktiu.net";
+      #     # gen hash with $ htpasswd -nBC 10 "" | tr -d ':\n'
+      #     hash = "";
+      #     username = "bootstrap-admin";
+      #     # $ uuidgen
+      #     userID = "";
+      #   }
+      # ];
+    };
+  };
+
+  security.acme.certs."${config.networking.domain}".extraDomainNames = [
+    "dex.${config.networking.domain}"
+  ];
+
+  services.nginx.virtualHosts = {
+    "dex.${config.networking.domain}" = {
+      onlySSL = true;
+      useACMEHost = config.networking.domain;
+      locations."/" = {
+        proxyPass = "http://${config.services.dex.settings.web.http}";
+        proxyWebsockets = true;
+      };
+    };
+  };
+}
--- a/system/web-server/ksh-map.nix
+++ b/system/web-server/ksh-map.nix
@ -1,7 +1,7 @@
 { config, pkgs, ... }:

 {
-  services.nginx.virtualHosts."karte.nichtzudritt.de" = {
+  services.nginx.virtualHosts."kshmap.ktiu.net" = {
    forceSSL = true;
    enableACME = true;
    root = "/var/www/ksh-map/dist";
--- a/system/web-server/mail/postfix.nix
+++ b/system/web-server/mail/postfix.nix
@ -2,13 +2,13 @@

 let

-  submissionHeaderCleanupRules = pkgs.writeText "submission_header_cleanup_rules" ''
-     /^Received:/            IGNORE
-     /^X-Originating-IP:/    IGNORE
-     /^X-Mailer:/            IGNORE
-     /^User-Agent:/          IGNORE
-     /^X-Enigmail:/          IGNORE
-     /^Message-ID:\s+<(.*?)@.*?>/ REPLACE Message-ID: <$1@ktiu.net>
+  submissionheadercleanuprules = pkgs.writetext "submission_header_cleanup_rules" ''
+     /^received:/            ignore
+     /^x-originating-ip:/    ignore
+     /^x-mailer:/            ignore
+     /^user-agent:/          ignore
+     /^x-enigmail:/          ignore
+     /^message-id:\s+<(.*?)@.*?>/ replace message-id: <$1@ktiu.net>
  '';

 in {
--- a/system/web-server/outline.nix
+++ b/system/web-server/outline.nix
@ -7,11 +7,6 @@ let
    mail = "outline@${config.networking.domain}";
  };

-  # bootstrapping only
-  # dex = {
-  #   hostname = "dex.${config.networking.domain}";
-  # };
-
 in {

  services.outline = {
@ -42,38 +37,8 @@ in {
    # };
  };

-  # services.dex = {
-  #   enable = true;
-  #   environmentFile = "/var/custom-access/dex-environemnt";
-  #   settings = {
-  #     issuer = "https://${dex.hostname}";
-  #     storage.type = "sqlite3";
-  #     web.http = "127.0.0.1:5556";
-  #     staticClients = [
-  #       {
-  #         id = "outline";
-  #         name = "Outline Client";
-  #         redirectURIs = [ "https://${outline.hostname}/auth/oidc.callback" ];
-  #         secretFile = "/var/custom-access/outline-oidc-secret.txt";
-  #       }
-  #     ];
-  #     enablePasswordDB = true;
-  #     staticPasswords = [
-  #       {
-  #         email = "till@ktiu.net";
-  #         # gen hash with $ htpasswd -nBC 10 "" | tr -d ':\n'
-  #         hash = "";
-  #         username = "bootstrap-admin";
-  #         # $ uuidgen
-  #         userID = "";
-  #       }
-  #     ];
-  #   };
-  # };
-
  security.acme.certs."${config.networking.domain}".extraDomainNames = [
    "outline.${config.networking.domain}"
-    # "dex.${config.networking.domain}"
  ];

  services.nginx.virtualHosts = {
@ -89,13 +54,5 @@ in {
      };
    };

-    # "dex.${config.networking.domain}" = {
-    #   onlySSL = true;
-    #   useACMEHost = config.networking.domain;
-    #   locations."/" = {
-    #     proxyPass = "http://${config.services.dex.settings.web.http}";
-    #     proxyWebsockets = true;
-    #   };
-    # };
  };
 }
--- a/system/yubikey.nix
+++ b/system/yubikey.nix
@ -3,14 +3,14 @@
 {
  services.udev = {
    packages = [ pkgs.yubikey-personalization ];
-    extraRules = ''
-      ACTION=="remove",\
-       ENV{ID_BUS}=="usb",\
-       ENV{ID_MODEL_ID}=="0407",\
-       ENV{ID_VENDOR_ID}=="1050",\
-       ENV{ID_VENDOR}=="Yubico",\
-       RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
-    '';
+    # extraRules = ''
+    #   ACTION=="remove",\
+    #    ENV{ID_BUS}=="usb",\
+    #    ENV{ID_MODEL_ID}=="0407",\
+    #    ENV{ID_VENDOR_ID}=="1050",\
+    #    ENV{ID_VENDOR}=="Yubico",\
+    #    RUN+="${pkgs.systemd}/bin/loginctl lock-sessions"
+    # '';
  };
  security.pam.services = {
    login.u2fAuth = true;