✨ First installation on real system

✨ Gnome refinements
✨ Zed config updates
🐛 User login issue workaround

flake.lock

@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1746650299,
+        "lastModified": 1747519437,
-        "narHash": "sha256-4+pxk1KcSH8ww3tgN808nNJ3E7Q8gNWI+U0sesW7mBQ=",
+        "narHash": "sha256-uv9Wv59d+mckS2CkorOF484wp2G5TNGijdoBZ5RkAk0=",
         "owner": "catppuccin",
         "repo": "nix",
-        "rev": "f746600f15b69df05c84e3037749a3be5b1276d1",
+        "rev": "3ba714046ee32373e88166e6e9474d6ae6a5b734",
         "type": "github"
       },
       "original": {
@@ -22,11 +22,11 @@
     },
     "easy-hosts": {
       "locked": {
-        "lastModified": 1743693165,
+        "lastModified": 1747174689,
-        "narHash": "sha256-BAYno/4P0hq3aaqfVLbDmv8pgvzJWcN+4L8jK8SzaMo=",
+        "narHash": "sha256-WEA2HdjC90GLf5VpMLpvOF3/uSSq6AV4DQ4ezLFspc0=",
         "owner": "tgirlcloud",
         "repo": "easy-hosts",
-        "rev": "611cc21942feb55c6a38410dfe8eee3fb5f08c8d",
+        "rev": "e1210563fc527221e12544ce55cd954acf94e7ed",
         "type": "github"
       },
       "original": {
@@ -62,11 +62,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1746727295,
+        "lastModified": 1747875884,
-        "narHash": "sha256-0364XVBdfEA8rWfqEPvsgBqGFfq5r9LAo9CS9tvT7tg=",
+        "narHash": "sha256-tdVx4kghhdy62LKuTnwE2RytOe8o88tah/yhpyuL0D4=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "a51598236f23c89e59ee77eb8e0614358b0e896c",
+        "rev": "f9186c64fcc6ee5f0114547acf9e814c806a640b",
         "type": "github"
       },
       "original": {
@@ -77,11 +77,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1746461020,
+        "lastModified": 1747744144,
-        "narHash": "sha256-7+pG1I9jvxNlmln4YgnlW4o+w0TZX24k688mibiFDUE=",
+        "narHash": "sha256-W7lqHp0qZiENCDwUZ5EX/lNhxjMdNapFnbErcbnP11Q=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "3730d8a308f94996a9ba7c7138ede69c1b9ac4ae",
+        "rev": "2795c506fe8fb7b03c36ccb51f75b6df0ab2553f",
         "type": "github"
       },
       "original": {
@@ -122,11 +122,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1746485181,
+        "lastModified": 1747603214,
-        "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=",
+        "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "e93ee1d900ad264d65e9701a5c6f895683433386",
+        "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
         "type": "github"
       },
       "original": {

homes/x86_64-linux/jo/default.nix

@@ -5,6 +5,7 @@
 }: {
   puzzlevision = {
     themes.catppuccin.enable = true;
+    apps.zed.enable = true;
   };
 
   sops.secrets.wakatime-cfg = {
@@ -26,8 +27,6 @@
     ungoogled-chromium
 
     ## EDITORS
-    nano
-    zed-editor
     apostrophe
     jetbrains.phpstorm
     arduino-ide

homes/x86_64-linux/jo/secrets/wakatime.cfg

@@ -1,18 +1,18 @@
 {
-	"data": "ENC[AES256_GCM,data:NaNu0ytz8Ji7WJ4gDinY2Tsny+MzgG9vV/7xnZY/dQzB0jMHBxIRAcrzH1A+aqsANeeZPD0XGXC2qIpYUlMKBcfMxkqmlj7XnpvDiXQ9RciCNp8l1xs0wvoxjYghbD8nsL57UQ==,iv:qa1SPnWCShIiz7l4EW6tCT2gJO0qNNcDk05F5hS8H7U=,tag:zArwz8R3/uegsO1ShLjfwg==,type:str]",
+	"data": "ENC[AES256_GCM,data:UAADE/aH98MYyfxL3ZkZ06lHHTRmmRVuOhiqEyF6DP35sGTC7Mpqe++MTYBDFrD4Rraeao9T2tcu3sL22p9SW9jF7Y2L1YZ9zKKUyP2y+G8PN25GqXWaNwJQG/hxcKs8km448g==,iv:SkyBC+VkwccprAomhXUzdmSQuBDfFn22MKJwjV9ZSzo=,tag:m/uUcl9r3GW3QYCajoAhYw==,type:str]",
 	"sops": {
 		"age": [
 			{
 				"recipient": "age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJS0EySk4wMGVzaUtOZWlN\nUE15SXNVOUtqUDQxV29tNGpBRkdLek5icWg0Cnd5b1FmT3VQTTBDdEtCYzQxNVdk\nWVpQMFpmTXpOcFFlMG5MQjFLTXZRUGsKLS0tIHBvakR1Q0dYdkRqVTJtLzRORzBP\nNU55UEtWUXhBdGN0M0lMQktaVmhSK00KA93LFut6jiYtlndm9Oq0ferFPT4IlBQ1\nDmnD4hWz7NLimWED7RiJ2lSO9IRgQBhLHeiLums/ZPxjFGnnO6sicg==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5VmtTRHo4NWVuU2tiZTc5\nWUVyeU54ZmtZbi9uUWNablIxSm9aZ3hadjBnCmNiVlBXS2lEbE00VFl6QVRlQk92\nMFI0TVBMVDZiQXg3VzZTaVNEd2RROTQKLS0tIEg3aGwvWXgvVldGTjZFaS95dEVP\nUmZHaGFaNndDRWY5cXBJeGY4TVVqbTgKeFTClhSmX5IQ5+7DXk4HEwTAv4uB/HCl\nVeoKUNaTHme60hWE/J12B2PvxtRa+f6diDMFg11mQkPOZwyEcQWMpg==\n-----END AGE ENCRYPTED FILE-----\n"
 			},
 			{
 				"recipient": "age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSTHh4eExqN1lmUWhOd0tF\ndzVUYXpWblVlem5QcndUQVRRSnZsS0dNK3lVCnpJQUVyRDRiNTFyb3RnSFZnQW9D\nV2sxRlZDcE1yQjI5Yzk3Tmh2ZkdxZ00KLS0tIGlKYUVnZXZtYTJPNEhEVEVhVlI4\na1hGbjJ3VDE0WDZKd0FGYUZzZUp5SEkKp043TYYglP+SWD7IdK/rnSJ4jfqvpGSY\njIDWMZmFTIcPoeVSQrxi7PD9Cd4Q56lhPhCYZR4czk5EdeIEWS9Z6w==\n-----END AGE ENCRYPTED FILE-----\n"
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnK1NtOE9tZ0poRjdkOTBi\nbWFQbGovY1VvRDN4clJmRGdTSHlzQk5JSmtrCitSc3hnb21CMVVuclZ2YndIOWRk\naDduM3VadDBaWFRDRElZSWlUaXdUZGMKLS0tIEJOUEFoS3ZJQWtkNGFQNk1CdGxI\nSmRFQ25TSXY1S0FHQmhUbWNsT1Z2c2sKBTV2WEW+HynmrrPza8gsIQAK2V3HhYfJ\nrG6rjnzMONd+0Q6Z0KBqgoMfCTjWE9CBnm78DL16u9pRH3CwhpKabg==\n-----END AGE ENCRYPTED FILE-----\n"
 			}
 		],
-		"lastmodified": "2025-05-21T22:54:54Z",
+		"lastmodified": "2025-05-22T18:30:26Z",
-		"mac": "ENC[AES256_GCM,data:vYmgUvgyQ1i+gih/6YMWX1vqkWzcAn8zgNspICF6KxTYE08i61LGJSaM2R5rh2r/xWY9zKYv8EKH2GSVyJ+hGgSsS0qY8BOKetKMHZEWuWtWSbjO/iKPlmqZXxmPPiPlYUXjlfXB1rzi7RXwDzwVpD1nQTuiK8t2rYJjGgH0kRM=,iv:EEepXDQ/1zy1sO8eXl5LXTHI5OUPFca6WwuYTkHuyEs=,tag:MHA262l7qa8Ngy0tuggPpw==,type:str]",
+		"mac": "ENC[AES256_GCM,data:/aZOXw2xgQ8UZG5TIWXwHZjlofa08WM2XpPhXUbf2qrx0yyhEyZrtibalCIDdUGgzaZjt8b+qrZqgNE9o+HCUNVX9fU9yCXRL1kpksz9e6HV4S+KIrdHnEFtuRt7r8nP29BotLYoP9KKbA57lL5SYJgPINHq11CAiQLU6A8W8YI=,iv:0zvQe2wRd/qKjrqinc9kgP8RSl47xxD0LofREiK8XOc=,tag:eWhtD/X3CPHTlEZPgp0cjA==,type:str]",
 		"unencrypted_suffix": "_unencrypted",
 		"version": "3.10.2"
 	}

modules/home/desktop/gnome/default.nix

@@ -44,7 +44,7 @@ in {
         enable-blur = mkOpt bool false "Whether to enable blur-my-shell application blur.";
       };
     };
-    wallpaper = mkOpt str (builtins.toString ../wallpapers/catppuccin/mountain_tower_sunset.jpg) "Specify the path of your prefered Gnome wallpaper.";
+    wallpaper = mkOpt str (builtins.toString ../wallpapers/catppuccin/howard-chen-mao-mao-forest-campsite.jpg) "Specify the path of your prefered Gnome wallpaper.";
   };
 
   config = mkIf osConfig.${namespace}.desktop.gnome.enable {

modules/nixos/archetypes/workstation/default.nix

@@ -1,6 +1,7 @@
 {
   lib,
   self,
+  pkgs,
   config,
   ...
 }: let
@@ -33,6 +34,7 @@ in {
         nix = {
           enable = true;
           use-lix = true;
+          use-nixld =  true;
         };
       };
 
@@ -43,6 +45,10 @@ in {
       desktop.gnome.enable = true;
     };
 
+    environment.systemPackages = with pkgs; [
+      nano
+    ];
+
     time.timeZone = mkDefault "Europe/Berlin";
   };
 }

modules/nixos/desktop/gnome/default.nix

@@ -29,6 +29,7 @@ in {
       gnome-console
       gnome-terminal
       gnome-music
+      totem # Gnome videos
       hitori # Sudoku game
       gnome-contacts
       gnome-initial-setup
@@ -39,7 +40,8 @@ in {
     services.gnome.gnome-keyring.enable = true;
 
     environment.systemPackages = with pkgs; [
-      gnome-tweaks
+      refine
+      showtime
       resources
     ];
   };

modules/nixos/users/default.nix

@@ -22,6 +22,7 @@
       initialPassword = self.lib.mkOpt (types.nullOr types.str) null "Plaintext insecure initial user password, only recommended for testing.";
       password = self.lib.mkOpt (types.nullOr types.str) null "Plaintext insecure user password, only recommended for testing.";
       hashedPasswordFile = self.lib.mkOpt (types.nullOr types.str) null "Secure, hashed user password stored in a separate file, recommended for production.";
+      hashedPassword = self.lib.mkOpt (types.nullOr types.str) null "Secure, hashed password, stored in plaintext, fine to use.";
       extraGroups = self.lib.mkOpt (types.listOf types.str) [] "List of additional groups this user belongs to.";
     };
   };
@@ -49,7 +50,7 @@ in {
     users.users = lib.mapAttrs (username: userConfig:
       mkIf userConfig.enable {
         name = username;
-        inherit (userConfig) isNormalUser isSystemUser initialPassword hashedPasswordFile password extraGroups;
+        inherit (userConfig) isNormalUser isSystemUser initialPassword hashedPasswordFile hashedPassword password extraGroups;
       })
     cfg;
 

systems/x86_64-nixos/puzzlevision/default.nix

@@ -1,8 +1,4 @@
-{
+{pkgs, ...}: {
-  pkgs,
-  config,
-  ...
-}: {
   imports = [
     ./hardware.nix
   ];
@@ -12,15 +8,10 @@
   sops.defaultSopsFile = ./secrets/users.yaml;
   sops.age.keyFile = "/var/lib/sops-nix/key.txt";
 
-  # Todo: automate this import in users module!
-  # Require user password secrets for users
-  sops.secrets."users/jo/password_hash".neededForUsers = true;
-
   puzzlevision = {
     users.jo = {
       enable = true;
-      #password = "4868320069443";
+      hashedPassword = "$6$mvK9bT756Aok54Vt$vBRnT66Vb3HL0Y5rEMJlHvKkvzVQ.KUciInTmW3FCBFT00IuFMpz3q9RhXPLTLMRPho65bTg9hMnFPb84I774.";
-      hashedPasswordFile = config.sops.secrets."users/jo/password_hash".path; # For testing only, replace with sops secret before production use
       extraGroups = ["wheel"];
     };