about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2022-11-20 23:14:33 +0300
committerAzat Bahawi <azat@bahawi.net>2022-11-20 23:14:33 +0300
commit3229e56e0d3620ddc735edcfbbefb167efa3b23f (patch)
tree5000ad05647c66687244dbd0ef29e0b29a3a6241
parent2022-11-10 (diff)
2022-11-20
-rw-r--r--configurations/default.nix14
-rw-r--r--configurations/eonwe/default.nix84
-rw-r--r--configurations/melian/default.nix67
-rw-r--r--flake.lock72
-rw-r--r--flake.nix2
-rw-r--r--lib/my.nix9
-rw-r--r--modules/nixfiles/common/nix/default.nix1
-rw-r--r--modules/nixfiles/common/tmp.nix2
-rw-r--r--modules/nixfiles/emacs/default.nix4
-rw-r--r--modules/nixfiles/emacs/doom/config.el44
-rw-r--r--modules/nixfiles/emacs/doom/init.el16
-rw-r--r--modules/nixfiles/emacs/doom/packages.el6
-rw-r--r--modules/nixfiles/firefox/default.nix15
-rw-r--r--modules/nixfiles/firefox/userContent.css44
-rw-r--r--modules/nixfiles/fonts.nix12
-rw-r--r--modules/nixfiles/games/default.nix9
-rw-r--r--modules/nixfiles/kde.nix9
-rw-r--r--modules/nixfiles/libvirtd.nix10
-rw-r--r--modules/nixfiles/openconnect.nix83
-rw-r--r--modules/nixfiles/profiles/dev/containers.nix1
20 files changed, 331 insertions, 173 deletions
diff --git a/configurations/default.nix b/configurations/default.nix
index 684b4e4..a488cf1 100644
--- a/configurations/default.nix
+++ b/configurations/default.nix
@@ -46,13 +46,13 @@ in
       };
     };
 
-    # Planned: a beefy tower desktop PC.
-    # eonwe.modules = with inputs; [
-    #   nixos-hardware.nixosModules.common-cpu-amd
-    #   nixos-hardware.nixosModules.common-gpu-amd
-    #   nixos-hardware.nixosModules.common-pc-ssd
-    #   nixpkgs.nixosModules.notDetected
-    # ];
+    # A beefy desktop PC: 7950x/rx6750xt/128GB.
+    eonwe.modules = with inputs; [
+      nixos-hardware.nixosModules.common-cpu-amd
+      nixos-hardware.nixosModules.common-gpu-amd
+      nixos-hardware.nixosModules.common-pc-ssd
+      nixpkgs.nixosModules.notDetected
+    ];
 
     # ThinkPad T480.
     melian.modules = with inputs; [
diff --git a/configurations/eonwe/default.nix b/configurations/eonwe/default.nix
new file mode 100644
index 0000000..c9af8e5
--- /dev/null
+++ b/configurations/eonwe/default.nix
@@ -0,0 +1,84 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; {
+  nixfiles.modules = {
+    wireguard.client.enable = true;
+
+    syncthing.enable = true;
+
+    openssh.server.enable = true;
+
+    games = {
+      lutris.enable = true;
+      steam.enable = true;
+    };
+    android.enable = true;
+    bluetooth.enable = true;
+    libvirtd.enable = true;
+    qutebrowser.enable = true;
+  };
+
+  hm.programs = {
+    firefox.profiles.default.settings."media.ffmpeg.vaapi.enabled" = true;
+
+    mpv.config = {
+      hwdec = "vdpau";
+      vo = "vdpau";
+      profile = "gpu-hq";
+    };
+  };
+
+  networking = {
+    interfaces = {
+      eth0.useDHCP = true;
+      wlan0.useDHCP = true;
+    };
+
+    networkmanager = {
+      enable = true;
+      wifi.backend = "iwd";
+    };
+
+    wireless = {
+      enable = false;
+      iwd.enable = true;
+      userControlled.enable = true;
+      allowAuxiliaryImperativeNetworks = true;
+    };
+  };
+
+  boot = {
+    initrd.availableKernelModules = ["ahci" "nvme" "sd_mod" "usb_storage" "usbhid" "xhci_pci"];
+
+    loader = {
+      efi.canTouchEfiVariables = true;
+
+      systemd-boot = {
+        enable = true;
+        configurationLimit = 10;
+      };
+    };
+  };
+
+  fileSystems = {
+    "/boot" = {
+      device = "/dev/disk/by-uuid/FF1E-9CFD";
+      fsType = "vfat";
+    };
+
+    "/" = {
+      device = "/dev/disk/by-uuid/20276c1b-7e46-430b-b741-2f4aeb76bc51";
+      fsType = "xfs";
+      options = ["noatime"];
+    };
+  };
+
+  zramSwap = {
+    enable = true;
+    memoryPercent = 25;
+  };
+}
diff --git a/configurations/melian/default.nix b/configurations/melian/default.nix
index bfdc42e..f296546 100644
--- a/configurations/melian/default.nix
+++ b/configurations/melian/default.nix
@@ -6,21 +6,11 @@
 }:
 with lib; {
   nixfiles.modules = {
-    games = {
-      lutris.enable = true;
-      steam.enable = true;
-    };
-
     wireguard.client.enable = true;
 
     syncthing.enable = true;
 
-    android.enable = true;
-    beets.enable = true;
     bluetooth.enable = true;
-    libvirtd.enable = true;
-    mpd.enable = true;
-    qutebrowser.enable = true;
 
     throttled.enable = true;
   };
@@ -34,63 +24,6 @@ with lib; {
     networkmanager = {
       enable = true;
       wifi.backend = "iwd";
-
-      # Spent three days trying to make this work but still getting "No SSO
-      # handler" even on the HEAD version that 100% has SSO support baked in.
-      # It's all so tiresome[1]... aaand KDE is not supported[2].
-      #
-      # I fucking hate AnyConnect, truly an example of how shit is is non-free
-      # software. SAML also sucks balls. I also hate my company for using this
-      # shit, guess I have no other choice but to use the absolute dogshit
-      # Ubuntu laptop they gave me.
-      #
-      # [1]: https://gitlab.gnome.org/GNOME/NetworkManager-openconnect
-      # [1]: https://gitlab.com/openconnect/openconnect/-/issues/424
-      # [2]: https://groups.google.com/g/linux.debian.bugs.dist/c/lK8u-LMY7n4
-      # [2]: https://bugs.kde.org/show_bug.cgi?id=448153
-      #
-      # plugins = with pkgs; [
-      #   ((networkmanager-openconnect.override {
-      #     withGnome = false;
-      #     openconnect = openconnect.overrideAttrs (_: super: {
-      #       version = "unstable-2022-10-23";
-      #       src = fetchFromGitLab {
-      #         owner = "openconnect";
-      #         repo = "openconnect";
-      #         rev = "acdfc753f7885b2a539f99036ac41ba1b78cc7ae";
-      #         hash = "sha256-ub+Z4WFD77h5YMQTb+TLc7EyY2KjBWglF1QVTirCHJM=";
-      #       };
-      #     });
-      #   }).overrideAttrs (_: super: {
-      #     version = "unstable-2022-09-10";
-      #     src = fetchFromGitLab {
-      #       domain = "gitlab.gnome.org";
-      #       owner = "GNOME";
-      #       repo = "NetworkManager-openconnect";
-      #       rev = "3c1590786518e9acca33c250660ad21cae565acd";
-      #       hash = "sha256-YTUN46QHsHkXPAhImPG/MMLMqjlSRknapVO8u43nnWk=";
-      #     };
-      #     buildInputs = super.buildInputs ++ [
-      #       (webkitgtk_4_1.override {
-      #         libsoup = gnome.libsoup;
-      #       })
-      #     ];
-      #     nativeBuildInputs = super.nativeBuildInputs ++ [
-      #       autoreconfHook
-      #     ];
-      #     postPatch = ''
-      #       substituteInPlace configure.ac \
-      #         --replace "PKG_CHECK_MODULES(LIBSECRET, libsecret-1 >= 0.18)" ""
-      #     '';
-      #     preAutoreconf = ''
-      #       autoupdate
-      #     '';
-      #     preConfigure = ''
-      #       NOCONFIGURE=x ./autogen.sh
-      #       touch gtk4/nm-openconnect-dialog.ui
-      #     '';
-      #   }))
-      # ];
     };
 
     wireless = {
diff --git a/flake.lock b/flake.lock
index 4b17572..085d35e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -377,11 +377,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1667882772,
-        "narHash": "sha256-hoVW9/xcfZTsKn++nGYwEMgBLfh+iq7i8+eEcAhOxy0=",
+        "lastModified": 1668836187,
+        "narHash": "sha256-f38CYfIwYoSUgX2klCm+6v4ViZiVY6DdwdO/rk7GGwg=",
         "owner": "nix-community",
         "repo": "emacs-overlay",
-        "rev": "f04cb6f6724ba4568a7f6dae0863e507477667b7",
+        "rev": "faf39a31bc76f1cd4eb642d79eeab1d25b038e72",
         "type": "github"
       },
       "original": {
@@ -490,11 +490,11 @@
     "flake-compat": {
       "flake": false,
       "locked": {
-        "lastModified": 1650374568,
-        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
+        "lastModified": 1668681692,
+        "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
+        "rev": "009399224d5e398d03b22badca40a37ac85412a1",
         "type": "github"
       },
       "original": {
@@ -563,11 +563,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1667898954,
-        "narHash": "sha256-VqHVeoxcOl9M6yQ+LV3yTWMb0h5Rl5yixn9PCY/MJJo=",
+        "lastModified": 1668788863,
+        "narHash": "sha256-FsdUG+YkRX7JZKZm6T44J2h+0pXB1sWA9AobyiozFK0=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "d20e3d070c78271356a2d5d73c01f1de94586087",
+        "rev": "948d1f8a5cef55a281d4f5d17f3b79df6c82fce1",
         "type": "github"
       },
       "original": {
@@ -628,11 +628,11 @@
         "ws-butler": "ws-butler"
       },
       "locked": {
-        "lastModified": 1667731647,
-        "narHash": "sha256-E/Y5yxX8u0RlLt07PJoQ+QAYMbbL19WayLU/SJDtnMw=",
+        "lastModified": 1668736610,
+        "narHash": "sha256-qqQ/YspdN7c8o24CZQfvtuCC8I0AzCAwTpDRCdWdgJo=",
         "owner": "nix-community",
         "repo": "nix-doom-emacs",
-        "rev": "c38ccd08345f58001cac2c2578e71d3f29b59bc0",
+        "rev": "6a37d61c1d8c8586b1140f53b83c164dd2fd7d2d",
         "type": "github"
       },
       "original": {
@@ -660,11 +660,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1667768008,
-        "narHash": "sha256-PGbX0s2hhXGnZDFVE6UIhPSOf5YegpWs5dUXpT/14F0=",
+        "lastModified": 1668334946,
+        "narHash": "sha256-omMbUj4r5DVBWh7KxkoO/Z/1V1shVR6Ls4jXNB4mr3U=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "f6483e0def85efb9c1e884efbaff45a5e7aabb34",
+        "rev": "e0452b33ab0ef16ffe075e980644ed92a6a200bb",
         "type": "github"
       },
       "original": {
@@ -676,11 +676,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1667758139,
-        "narHash": "sha256-CbDAP6wttlaVs9s4DPZlJ5Wf6Ozz9lX7SdJVtFA8cAo=",
+        "lastModified": 1668820343,
+        "narHash": "sha256-CmV7D8XFVhd47FIQx0RvjYP620hWsaG+71Rmmq8Bn/E=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "8993cc730d11148ef59e84a8f15f94f688e1bfd1",
+        "rev": "75f569b1a573c9736501981b1bd1808d30b37d3d",
         "type": "github"
       },
       "original": {
@@ -692,11 +692,11 @@
     },
     "nixpkgs-master": {
       "locked": {
-        "lastModified": 1667897130,
-        "narHash": "sha256-s8gf6ysK3q6GigxUgaLp1NPH12Tz74ycAb8arlDFNVE=",
+        "lastModified": 1668852341,
+        "narHash": "sha256-p2NNuwH3dkv8ze+ZPqZFWGmr2ULm/1lEnKVY4ojEewo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "12ac168cc776030ada752deb43da8cc751074748",
+        "rev": "edff760d6125ddf35ea1dcbf03846addc6f900ce",
         "type": "github"
       },
       "original": {
@@ -708,11 +708,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1667896688,
-        "narHash": "sha256-gB30K2usfzeWZ9VsP92NmAGr/mEZ1IJ0Hkpq587ZzCY=",
+        "lastModified": 1668766498,
+        "narHash": "sha256-UjZlIrbHGlL3H3HZNPTxPSwJfr49jIfbPWCYxk0EQm4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "67bcb74195474ebdd667c7844fcfe649e8a1ff32",
+        "rev": "f42a45c015f28ac3beeb0df360e50cdbf495d44b",
         "type": "github"
       },
       "original": {
@@ -774,11 +774,11 @@
     },
     "nur": {
       "locked": {
-        "lastModified": 1667890820,
-        "narHash": "sha256-pGp7GQdMM2xGR/v72v6+d3PeZ5UxnIxsZL9lXfHCJhY=",
+        "lastModified": 1668851908,
+        "narHash": "sha256-Br1NBRNqZtUYKSP7qhzyUlKDOuWOpl2sVsbxgamL4uM=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "744f97297a0eb816aa5c272c4bc795eb4a4f3523",
+        "rev": "06c146dad321018b42c92fea1e0b100c989d9b8f",
         "type": "github"
       },
       "original": {
@@ -807,11 +807,11 @@
     "org": {
       "flake": false,
       "locked": {
-        "lastModified": 1666586252,
-        "narHash": "sha256-cwYEMnsv8kreTPKslM2yz59I4zm331w4WU4OHGzcslc=",
+        "lastModified": 1668143941,
+        "narHash": "sha256-f7nwVd1usk2Zhn9szqdhtU7/czXRl9w2NTQtGpIlugc=",
         "owner": "emacs-straight",
         "repo": "org-mode",
-        "rev": "48b237d9e21a4edf528d4bd1ed99d1f3757e4931",
+        "rev": "f83e45526b5ec4627d601673be3680e2dece1b33",
         "type": "github"
       },
       "original": {
@@ -878,11 +878,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1667760143,
-        "narHash": "sha256-+X5CyeNEKp41bY/I1AJgW/fn69q5cLJ1bgiaMMCKB3M=",
+        "lastModified": 1667992213,
+        "narHash": "sha256-8Ens8ozllvlaFMCZBxg6S7oUyynYx2v7yleC5M0jJsE=",
         "owner": "cachix",
         "repo": "pre-commit-hooks.nix",
-        "rev": "06f48d63d473516ce5b8abe70d15be96a0147fcd",
+        "rev": "ebcbfe09d2bd6d15f68de3a0ebb1e4dcb5cd324b",
         "type": "github"
       },
       "original": {
@@ -895,11 +895,11 @@
     "revealjs": {
       "flake": false,
       "locked": {
-        "lastModified": 1665992801,
-        "narHash": "sha256-bqNgaBT6WPfumhdG1VPZ6ngn0QA9RDuVtVJtVwxbOd4=",
+        "lastModified": 1668674340,
+        "narHash": "sha256-JEXPS67bgKnnRdA37mC18PyGm4EWVQ/BrWeBZLVKPvU=",
         "owner": "hakimel",
         "repo": "reveal.js",
-        "rev": "f6f657b627f9703e32414d8d3f16fb49d41031cb",
+        "rev": "9f1f7789bfbf689d9c1615e523d5c6262771e90f",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 39cd74a..7fcd818 100644
--- a/flake.nix
+++ b/flake.nix
@@ -115,7 +115,7 @@
     #   type = "github";
     #   owner = "fn2006";
     #   repo = "PollyMC";
-    #   ref = "5.1";
+    #   ref = "5.2";
     #   inputs = {
     #     flake-compat.follows = "flake-compat";
     #     nixpkgs.follows = "nixpkgs";
diff --git a/lib/my.nix b/lib/my.nix
index ac31734..f9c6a35 100644
--- a/lib/my.nix
+++ b/lib/my.nix
@@ -209,6 +209,15 @@ with lib;
               domains = with my.domain; ["flood.${shire}"];
               syncthing.id = "@SYNCTHING_ID@";
             };
+            eonwe = {
+              isHeadful = true;
+              wireguard = {
+                ipv4.address = "10.69.3.1";
+                ipv6.address = "fd69::3:1";
+                publicKey = "@PUBLIC_KEY@";
+              };
+              syncthing.id = "@SYNCTHING_ID@";
+            };
             melian = {
               isHeadful = true;
               wireguard = {
diff --git a/modules/nixfiles/common/nix/default.nix b/modules/nixfiles/common/nix/default.nix
index f6c75ba..c9d3b04 100644
--- a/modules/nixfiles/common/nix/default.nix
+++ b/modules/nixfiles/common/nix/default.nix
@@ -104,6 +104,7 @@ with lib; {
       in {
         # Normalises package names. This is done purely for aesthetics.
         css-language-server = np.vscode-css-languageserver-bin;
+        dhall-language-server = dhall-lsp-server;
         dockerfile-language-server = np.dockerfile-language-server-nodejs;
         editorconfig = editorconfig-core-c;
         go-language-server = gopls;
diff --git a/modules/nixfiles/common/tmp.nix b/modules/nixfiles/common/tmp.nix
index 9527f28..d56e2b6 100644
--- a/modules/nixfiles/common/tmp.nix
+++ b/modules/nixfiles/common/tmp.nix
@@ -11,7 +11,7 @@ _: {
         "nodev"
         "nosuid"
         "rw"
-        "size=50%"
+        "size=25%"
       ];
     }
   ];
diff --git a/modules/nixfiles/emacs/default.nix b/modules/nixfiles/emacs/default.nix
index fa72549..0ae2bf9 100644
--- a/modules/nixfiles/emacs/default.nix
+++ b/modules/nixfiles/emacs/default.nix
@@ -53,6 +53,7 @@ in {
             cmake-format # :lang cc :editor format
             cmigemo # :lang japanese
             css-language-server # :lang (web +lsp)
+            dhall-language-server # :lang (dhall +lsp)
             dockerfile-language-server # :tools (docker +lsp)
             editorconfig # :tools editorconfig
             fd # doom!
@@ -116,8 +117,9 @@ in {
 
           (setq custom-file (file-name-concat doom-emacs-dir "custom.el"))
 
+          ;; Font must be set to n+2 because otherwise it looks too small.
           (setq doom-font (font-spec :family "${config.fontScheme.monospaceFont.family}"
-                                     :size ${toString config.fontScheme.monospaceFont.size})
+                                     :size ${toString (config.fontScheme.monospaceFont.size + 2)})
                 doom-unicode-font doom-font)
 
           (appendq! auth-sources '("${config.secrets.authinfo.path}"))
diff --git a/modules/nixfiles/emacs/doom/config.el b/modules/nixfiles/emacs/doom/config.el
index 4f2d835..9fa9984 100644
--- a/modules/nixfiles/emacs/doom/config.el
+++ b/modules/nixfiles/emacs/doom/config.el
@@ -133,14 +133,6 @@
                                      "a.gondor@yahoo.com"
                                      "a.gondor@yahoo.com"))
 
-(set-email-account! "yahoo"
-                    '((mu4e-sent-folder   . "/yahoo/Sent")
-                      (mu4e-drafts-folder . "/yahoo/Drafts")
-                      (mu4e-trash-folder  . "/yahoo/Trash")
-                      (mu4e-refile-folder . "/yahoo/Archive")
-                      (smtpmail-smtp-user . "a.gondor"))
-                    t)
-
 (set-email-account! "shire"
                     '((mu4e-drafts-folder . "/shire/Drafts")
                       (mu4e-refile-folder . "/shire/Archive")
@@ -149,6 +141,14 @@
                       (smtpmail-smtp-user . "azahi"))
                     t)
 
+(set-email-account! "yahoo"
+                    '((mu4e-sent-folder   . "/yahoo/Sent")
+                      (mu4e-drafts-folder . "/yahoo/Drafts")
+                      (mu4e-trash-folder  . "/yahoo/Trash")
+                      (mu4e-refile-folder . "/yahoo/Archive")
+                      (smtpmail-smtp-user . "a.gondor"))
+                    t)
+
 (setq +mu4e-compose-org-msg-toggle-next nil)
 
 ;;
@@ -170,11 +170,11 @@
     :user "azahi/oftc"
     :pass nixfiles/irc-bouncer-password-f))
 
-;; (set-irc-server! "hackint"
-;;   `(:host "shire.me"
-;;     :port 6667
-;;     :user "azahi/hackint"
-;;     :pass nixfiles/irc-bouncer-password-f))
+(set-irc-server! "hackint"
+  `(:host "shire.me"
+    :port 6667
+    :user "azahi/hackint"
+    :pass nixfiles/irc-bouncer-password-f))
 
 (set-irc-server! "rizon"
   `(:host "shire.me"
@@ -204,14 +204,14 @@
 ;;   :init
 ;;   (setq hledger-input-buffer-height 20))
 
-(use-package! kubernetes
-  :defer t
-  :commands (kubernetes-overview)
-  :init (setq kubernetes-poll-frequency 3600
-              kubernetes-redraw-frequency 3600))
+;; (use-package! kubernetes
+;;   :defer t
+;;   :commands (kubernetes-overview)
+;;   :init (setq kubernetes-poll-frequency 3600
+;;               kubernetes-redraw-frequency 3600))
 
-(use-package! kubernetes-evil
-  :after kubernetes-overview)
+;; (use-package! kubernetes-evil
+;;   :after kubernetes-overview)
 
-(use-package! kubernetes-tramp
-  :defer t)
+;; (use-package! kubernetes-tramp
+;;   :defer t)
diff --git a/modules/nixfiles/emacs/doom/init.el b/modules/nixfiles/emacs/doom/init.el
index 1bf1ca2..ef663a0 100644
--- a/modules/nixfiles/emacs/doom/init.el
+++ b/modules/nixfiles/emacs/doom/init.el
@@ -1,7 +1,7 @@
 ;;; init.el -*- lexical-binding: t; -*-
 
 (doom! :input
-       japanese
+       ;; japanese
 
        :completion
        company
@@ -58,10 +58,10 @@
        ;; grammar
 
        :tools
-       ansible
+       ;; ansible
        (debugger +lsp)
        direnv
-       (docker +lsp)
+       ;; (docker +lsp)
        editorconfig
        (eval +overlay)
        (lookup +dictionary +offline)
@@ -69,10 +69,10 @@
        (magit +forge)
        make
        (pass +auth)
-       pdf
+       ;; pdf
        terraform
        tree-sitter
-       upload
+       ;; upload
 
        :os
        (tty +osc)
@@ -91,7 +91,7 @@
        (javascript +lsp +tree-sitter)
        json
        (latex +lsp +tree-sittter)
-       ;; (lua +lsp +tree-sitter)
+       (lua +lsp +tree-sitter)
        (markdown +lsp +tree-sitter)
        (nix +lsp)
        (org +pandoc +roam2)
@@ -99,12 +99,12 @@
        (python +lsp +tree-sitter)
        ;; (racket +lsp +tree-sitter)
        ;; rst
-       ;; (rust +lsp +tree-sitter)
+       (rust +lsp +tree-sitter)
        ;; (scheme +lsp +tree-sitter +racket)
        (sh +lsp +tree-sitter)
        web
        yaml
-       ;; (zig +lsp +tree-sitter)
+       (zig +lsp +tree-sitter)
 
        :email
        mu4e
diff --git a/modules/nixfiles/emacs/doom/packages.el b/modules/nixfiles/emacs/doom/packages.el
index 369fb2e..d3e6354 100644
--- a/modules/nixfiles/emacs/doom/packages.el
+++ b/modules/nixfiles/emacs/doom/packages.el
@@ -14,6 +14,6 @@
 
 ;; (package! hledger-mode)
 
-(package! kubernetes)
-(package! kubernetes-evil)
-(package! kubernetes-tramp)
+;; (package! kubernetes)
+;; (package! kubernetes-evil)
+;; (package! kubernetes-tramp)
diff --git a/modules/nixfiles/firefox/default.nix b/modules/nixfiles/firefox/default.nix
index 6f4d327..8557d64 100644
--- a/modules/nixfiles/firefox/default.nix
+++ b/modules/nixfiles/firefox/default.nix
@@ -49,11 +49,11 @@ in {
               '')
               (with config.fontScheme; ''
                     --sans-serif-font-family: "${sansSerifFont.family}", "${sansSerifFontFallback.family}", sans-serif;
-                    --sans-serif-font-size: ${toString sansSerifFont.size};
+                    --sans-serif-font-size: ${toString sansSerifFont.size}px;
                     --serif-font-family: "${serifFont.family}", "${serifFontFallback.family}", serif;
-                    --serif-font-size: ${toString serifFont.size};
+                    --serif-font-size: ${toString serifFont.size}px;
                     --monospace-font-family: "${monospaceFont.family}", "${monospaceFontFallback.family}", monospace;
-                    --monospace-font-size: ${toString monospaceFont.size};
+                    --monospace-font-size: ${toString monospaceFont.size}px;
                 }
               '')
               (builtins.readFile css)
@@ -66,7 +66,7 @@ in {
           # A way to change the look of the Firefox itself.
           userChrome = mkCssWithRoot ./userChrome.css;
 
-          # A way to remove annoyances and visual bloat of many webpages.
+          # A way to remove annoyances and visual bloat from many webpages.
           userContent = mkCssWithRoot ./userContent.css;
 
           # https://github.com/arkenfox/user.js/blob/master/user.js
@@ -238,6 +238,7 @@ in {
 
           settings = {
             "app.update.auto" = false;
+            "browser.backspace_action" = 0;
             "browser.bookmarks.max_backups" = 1;
             "browser.disableResetPrompt" = true;
             "browser.newtabpage.introShown" = true;
@@ -258,14 +259,17 @@ in {
             "extensions.screenshots.disabled" = true;
             "extensions.update.autoUpdateDefault" = false;
             "extensions.update.enabled" = false;
+            "font.name-list.emoji" = "emoji";
             "full-screen-api.warning.delay" = 0;
             "full-screen-api.warning.timeout" = 0;
             "general.autoScroll" = true;
             "general.smoothScroll" = true;
+            "gfx.font_rendering.opentype_svg.enabled" = false;
             "identity.fxaccounts.enabled" = false;
             "media.autoplay.blocking_policy" = 2;
             "media.autoplay.default" = 5;
             "media.autoplay.enabled" = false;
+            "media.hardwaremediakeys.enabled" = false;
             "reader.parse-on-load.enabled" = false;
             "signon.rememberSignons" = false;
             "toolkit.legacyUserProfileCustomizations.stylesheets" = true;
@@ -273,7 +277,6 @@ in {
         };
 
         extensions = with pkgs.nur.repos.rycee.firefox-addons;
-        with config.nixfiles.modules;
           [
             bitwarden
             consent-o-matic
@@ -284,7 +287,7 @@ in {
             ublock-origin
             violentmonkey
           ]
-          ++ optional ipfs.enable ipfs-companion;
+          ++ optional config.nixfiles.modules.ipfs.enable ipfs-companion;
       };
     };
 
diff --git a/modules/nixfiles/firefox/userContent.css b/modules/nixfiles/firefox/userContent.css
index 9b2dd4e..04c4c5a 100644
--- a/modules/nixfiles/firefox/userContent.css
+++ b/modules/nixfiles/firefox/userContent.css
@@ -26,6 +26,11 @@
 
 @-moz-document regexp("https?://(.*.)?gitlab(\..*)?\.(com|org).*")
 {
+    body {
+        font-family: var(--sans-serif-font-family) !important;
+        font-size: var(--sans-serif-font-size) !important;
+    }
+
     code {
         font-family: var(--monospace-font-family) !important;
         font-size: var(--monospace-font-size) !important;
@@ -36,7 +41,7 @@
 {
     #org-repo-pin-select-menu,
     #sponsor-button,
-    .btn.ml-2.d-none.d-md-block, /* "Go to file" button. */
+    .btn.ml-2,
     .dropdown-divider,
     .footer,
     .octicon.octicon-info,
@@ -55,8 +60,7 @@
     a[href^="/organizations/enterprise"],
     a[href^="/sponsors"],
     a[href^="/topics"],
-    a[href^="/trending"],
-    get-repo /* Find files button. */ {
+    a[href^="/trending"] {
         display: none !important;
     }
 
@@ -175,6 +179,7 @@
         transition: none !important;
     }
 
+    html,
     body {
         font-family: var(--sans-serif-font-family) !important;
         font-size: var(--sans-serif-font-size) !important;
@@ -199,6 +204,12 @@
         margin: 0 !important;
     }
 
+    html,
+    body {
+        font-family: var(--sans-serif-font-family) !important;
+        font-size: var(--sans-serif-font-size) !important;
+    }
+
     code {
         font-family: var(--monospace-font-family) !important;
         font-size: var(--monospace-font-size) !important;
@@ -269,6 +280,21 @@
     .sidebar {
         --offset: default !important;
     }
+
+    html,
+    body {
+        font-family: var(--sans-serif-font-family) !important;
+        font-size: var(--sans-serif-font-size) !important;
+    }
+}
+
+@-moz-document regexp("https?://music\.yandex\.ru.*")
+{
+    .bar-below.bar-below_plus,
+    .footer,
+    .teaser {
+        display: none !important;
+    }
 }
 
 @-moz-document regexp("https?://(.*\.)?wikipedia\.org/wiki/.*")
@@ -278,6 +304,12 @@
     #siteNotice {
         display: none !important;
     }
+
+    html,
+    body {
+        font-family: var(--sans-serif-font-family) !important;
+        font-size: var(--sans-serif-font-size) !important;
+    }
 }
 
 @-moz-document regexp("https?://wikiless\.org/wiki/.*")
@@ -291,4 +323,10 @@
     .mw-body {
         margin-left: auto !important;
     }
+
+    html,
+    body {
+        font-family: var(--sans-serif-font-family) !important;
+        font-size: var(--sans-serif-font-size) !important;
+    }
 }
diff --git a/modules/nixfiles/fonts.nix b/modules/nixfiles/fonts.nix
index 042c0e8..dbae282 100644
--- a/modules/nixfiles/fonts.nix
+++ b/modules/nixfiles/fonts.nix
@@ -45,37 +45,37 @@ in {
       serifFont = mkFont {
         family = "Iosevka Etoile";
         style = "Regular";
-        size = 16;
+        size = 14;
       };
 
       serifFontFallback = mkFont {
         family = "Sarasa Gothic J";
         style = "Regular";
-        size = 16;
+        size = 14;
       };
 
       sansSerifFont = mkFont {
         family = "Iosevka Aile";
         style = "Regular";
-        size = 16;
+        size = 14;
       };
 
       sansSerifFontFallback = mkFont {
         family = "Sarasa Gothic J";
         style = "Regular";
-        size = 16;
+        size = 14;
       };
 
       monospaceFont = mkFont {
         family = "Iosevka";
         style = "Regular";
-        size = 16;
+        size = 14;
       };
 
       monospaceFontFallback = mkFont {
         family = "Sarasa Mono J";
         style = "Regular";
-        size = 16;
+        size = 14;
       };
     };
   };
diff --git a/modules/nixfiles/games/default.nix b/modules/nixfiles/games/default.nix
index 13345fc..1c5766b 100644
--- a/modules/nixfiles/games/default.nix
+++ b/modules/nixfiles/games/default.nix
@@ -24,15 +24,6 @@ in {
       jack.alsa.support32Bit = config.services.jack.alsa.enable;
 
       pipewire.alsa.support32Bit = config.services.pipewire.alsa.enable;
-
-      xserver.inputClassSections = [
-        ''
-          Identifier "ds-touchpad"
-          Driver "libinput"
-          MatchProduct "Wireless Controller Touchpad"
-          Option "Ignore" "true"
-        ''
-      ];
     };
 
     hardware = {
diff --git a/modules/nixfiles/kde.nix b/modules/nixfiles/kde.nix
index 6b20569..a430294 100644
--- a/modules/nixfiles/kde.nix
+++ b/modules/nixfiles/kde.nix
@@ -16,6 +16,15 @@ in {
       x11.enable = true;
     };
 
+    hm = {
+      home.sessionVariables.GTK_USE_PORTAL = 1;
+
+      programs.firefox.profiles.default.settings = {
+        "widget.use-xdg-desktop-portal.file-picker" = 1;
+        "widget.use-xdg-desktop-portal.mime-handler" = 1;
+      };
+    };
+
     services.xserver = {
       desktopManager.plasma5 = {
         enable = true;
diff --git a/modules/nixfiles/libvirtd.nix b/modules/nixfiles/libvirtd.nix
index 5ce37f0..ae8b336 100644
--- a/modules/nixfiles/libvirtd.nix
+++ b/modules/nixfiles/libvirtd.nix
@@ -7,8 +7,7 @@
 with lib; let
   cfg = config.nixfiles.modules.libvirtd;
 in {
-  options.nixfiles.modules.libvirtd.enable =
-    mkEnableOption "Wether to enable libvirtd.";
+  options.nixfiles.modules.libvirtd.enable = mkEnableOption "libvirtd";
 
   config = mkIf cfg.enable {
     virtualisation.libvirtd = {
@@ -17,6 +16,11 @@ in {
       onBoot = "ignore";
       onShutdown = "shutdown";
 
+      extraConfig = ''
+        log_level = 4
+        log_outputs = "4:stderr"
+      '';
+
       qemu = {
         package = pkgs.qemu_kvm;
         runAsRoot = false;
@@ -27,7 +31,7 @@ in {
         };
 
         swtpm = {
-          enable = false;
+          enable = false; # Is this required for Windows 11?
           package = pkgs.swtpm-tpm2;
         };
       };
diff --git a/modules/nixfiles/openconnect.nix b/modules/nixfiles/openconnect.nix
new file mode 100644
index 0000000..780f93f
--- /dev/null
+++ b/modules/nixfiles/openconnect.nix
@@ -0,0 +1,83 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib; let
+  cfg = config.nixfiles.modules.openconnect;
+in {
+  options.nixfiles.modules.openconnect.enable =
+    mkEnableOption "OpenConnect VPN";
+
+  config = mkIf.enable {
+    assertions = [
+      {
+        assertion = config.networking.networkmanager.enable;
+        message = "NetworkManager is required";
+      }
+    ];
+
+    # Spent three days trying to make this work but still getting "No SSO
+    # handler" even on the HEAD version that 100% has SSO support baked in.
+    # It's all so tiresome[1]... aaand KDE is not supported[2].
+    #
+    # I fucking hate AnyConnect, truly an example of how shit is is non-free
+    # software. SAML also sucks balls. I also hate my company for using this
+    # shit, guess I have no other choice but to use the absolute dogshit laptop
+    # they gave me.
+    #
+    # [1]: https://gitlab.gnome.org/GNOME/NetworkManager-openconnect
+    # [1]: https://gitlab.com/openconnect/openconnect/-/issues/424
+    # [2]: https://groups.google.com/g/linux.debian.bugs.dist/c/lK8u-LMY7n4
+    # [2]: https://bugs.kde.org/show_bug.cgi?id=448153
+
+    networking.networkmanager.plugins = with pkgs; [
+      ((networkmanager-openconnect.override {
+          withGnome = false;
+          openconnect = openconnect.overrideAttrs (_: super: {
+            version = "unstable-2022-10-23";
+            src = fetchFromGitLab {
+              owner = "openconnect";
+              repo = "openconnect";
+              rev = "acdfc753f7885b2a539f99036ac41ba1b78cc7ae";
+              hash = "sha256-ub+Z4WFD77h5YMQTb+TLc7EyY2KjBWglF1QVTirCHJM=";
+            };
+          });
+        })
+        .overrideAttrs (_: super: {
+          version = "unstable-2022-09-10";
+          src = fetchFromGitLab {
+            domain = "gitlab.gnome.org";
+            owner = "GNOME";
+            repo = "NetworkManager-openconnect";
+            rev = "3c1590786518e9acca33c250660ad21cae565acd";
+            hash = "sha256-YTUN46QHsHkXPAhImPG/MMLMqjlSRknapVO8u43nnWk=";
+          };
+          buildInputs =
+            super.buildInputs
+            ++ [
+              (webkitgtk_4_1.override {
+                inherit (gnome) libsoup;
+              })
+            ];
+          nativeBuildInputs =
+            super.nativeBuildInputs
+            ++ [
+              autoreconfHook
+            ];
+          postPatch = ''
+            substituteInPlace configure.ac \
+              --replace "PKG_CHECK_MODULES(LIBSECRET, libsecret-1 >= 0.18)" ""
+          '';
+          preAutoreconf = ''
+            autoupdate
+          '';
+          preConfigure = ''
+            NOCONFIGURE=x ./autogen.sh
+            touch gtk4/nm-openconnect-dialog.ui
+          '';
+        }))
+    ];
+  };
+}
diff --git a/modules/nixfiles/profiles/dev/containers.nix b/modules/nixfiles/profiles/dev/containers.nix
index ef41229..da7aa27 100644
--- a/modules/nixfiles/profiles/dev/containers.nix
+++ b/modules/nixfiles/profiles/dev/containers.nix
@@ -34,6 +34,7 @@ in {
           buildah
           chart-testing
           cmctl
+          datree
           helm
           kubectl
           kubectx

Consider giving Nix/NixOS a try! <3