feat: add Monocraft font, set trusted users and enable yubikey agent

flake.lock

@@ -2,11 +2,11 @@
   "nodes": {
     "catppuccin": {
       "locked": {
-        "lastModified": 1731232837,
-        "narHash": "sha256-0aIwr/RC/oe7rYkfJb47xjdEQDSNcqpFGsEa+EPlDEs=",
+        "lastModified": 1734734291,
+        "narHash": "sha256-CFX4diEQHKvZYjnhf7TLg20m3ge1O4vqgplsk/Kuaek=",
         "owner": "catppuccin",
         "repo": "nix",
-        "rev": "32359bf226fe874d3b7a0a5753d291a4da9616fe",
+        "rev": "1e4c3803b8da874ff75224ec8512cb173036bbd8",
         "type": "github"
       },
       "original": {
@@ -70,11 +70,11 @@
     },
     "hardware": {
       "locked": {
-        "lastModified": 1731403644,
-        "narHash": "sha256-T9V7CTucjRZ4Qc6pUEV/kpgNGzQbHWfGcfK6JJLfUeI=",
+        "lastModified": 1734954597,
+        "narHash": "sha256-QIhd8/0x30gEv8XEE1iAnrdMlKuQ0EzthfDR7Hwl+fk=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "f6581f1c3b137086e42a08a906bdada63045f991",
+        "rev": "def1d472c832d77885f174089b0d34854b007198",
         "type": "github"
       },
       "original": {
@@ -91,11 +91,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1731235328,
-        "narHash": "sha256-NjavpgE9/bMe/ABvZpyHIUeYF1mqR5lhaep3wB79ucs=",
+        "lastModified": 1734944412,
+        "narHash": "sha256-36QfCAl8V6nMIRUCgiC79VriJPUXXkHuR8zQA1vAtSU=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "60bb110917844d354f3c18e05450606a435d2d10",
+        "rev": "8264bfe3a064d704c57df91e34b795b6ac7bad9e",
         "type": "github"
       },
       "original": {
@@ -122,11 +122,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1731245184,
-        "narHash": "sha256-vmLS8+x+gHRv1yzj3n+GTAEObwmhxmkkukB2DwtJRdU=",
+        "lastModified": 1734820311,
+        "narHash": "sha256-YsLK4ZiGY5CZmmgzsfU76OHVUTDeZJgirKzNO+et0UQ=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "aebe249544837ce42588aa4b2e7972222ba12e8f",
+        "rev": "7e4a1594489d41bf8e16046b28e14a0e264c9baa",
         "type": "github"
       },
       "original": {
@@ -136,29 +136,13 @@
         "type": "github"
       }
     },
-    "nixpkgs-stable": {
-      "locked": {
-        "lastModified": 1730602179,
-        "narHash": "sha256-efgLzQAWSzJuCLiCaQUCDu4NudNlHdg2NzGLX5GYaEY=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "3c2f1c4ca372622cb2f9de8016c9a0b1cbd0f37c",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "release-24.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1733759999,
-        "narHash": "sha256-463SNPWmz46iLzJKRzO3Q2b0Aurff3U1n0nYItxq7jU=",
+        "lastModified": 1734424634,
+        "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "a73246e2eef4c6ed172979932bc80e1404ba2d56",
+        "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33",
         "type": "github"
       },
       "original": {
@@ -189,11 +173,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1730136121,
-        "narHash": "sha256-tfVayj13Zw+zzOKrmJhnvBod7Hdb9ixBR6/4GUlyMA0=",
+        "lastModified": 1732544274,
+        "narHash": "sha256-qvzLIxuqukl0nxpXHEh5+iw1BLeLxYOwRC0+7cFUbPo=",
         "owner": "snowfallorg",
         "repo": "lib",
-        "rev": "dd348182c1a010993e68004eada86cf0341fe2c4",
+        "rev": "cfeacd055545ab5de0ecfd41e09324dcd8fb2bbb",
         "type": "github"
       },
       "original": {
@@ -206,15 +190,14 @@
       "inputs": {
         "nixpkgs": [
           "nixpkgs"
-        ],
-        "nixpkgs-stable": "nixpkgs-stable"
+        ]
       },
       "locked": {
-        "lastModified": 1731364708,
-        "narHash": "sha256-HC0anOL+KmUQ2hdRl0AtunbAckasxrkn4VLmxbW/WaA=",
+        "lastModified": 1734546875,
+        "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "4c91d52db103e757fc25b58998b0576ae702d659",
+        "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d",
         "type": "github"
       },
       "original": {
@@ -243,11 +226,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1734038753,
-        "narHash": "sha256-v2NetNrFvObcTx5Gw0MV9leJQr0KfCLtbpC4gZaq+Tc=",
+        "lastModified": 1734657663,
+        "narHash": "sha256-1Et05foPKYyWAHUftrrzWgfddnd0r0sm2WCuNeVDDkA=",
         "owner": "0xc000022070",
         "repo": "zen-browser-flake",
-        "rev": "b2a4aeaad1cdb4a0d8901313d6388a8b4bf2c59d",
+        "rev": "f5181bde713d1aa5c8d95d00f4f47cd937d2b3e8",
         "type": "github"
       },
       "original": {

flake.nix

@@ -43,6 +43,21 @@
     };
   };
 
+  nixConfig = {
+    extra-substituters = [
+      "https://nix-community.cachix.org"
+      "https://cache.nixos.org"
+      "https://devenv.cachix.org"
+      "https://shopware.cachix.org"
+    ];
+    extra-trusted-public-keys = [
+      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+      "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
+      "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
+      "shopware.cachix.org-1:IDifwLVQaaDU2qhlPkJsWJp/Pq0PfzHPIB90hBOhL3k="
+    ];
+  };
+
   outputs = inputs:
     inputs.snowfall-lib.mkFlake {
       inherit inputs; # Providing flake inputs to Snowfall Lib.

homes/x86_64-linux/jo@puzzlevision/apps/gnome.nix

@@ -2,37 +2,8 @@
   pkgs,
   ...
 }: {
-  home.packages = with pkgs.gnomeExtensions; [
-    dash-to-dock
-    user-themes
-    blur-my-shell
-    appindicator
-    unite
-    color-picker
-    clipboard-history
-  ];
-
   # Use `dconf watch /` to track stateful changes you are doing, then set them here.
   dconf.settings = {
-    "org/gnome/shell" = {
-      favorite-apps = [
-        "org.gnome.Nautilus.desktop"
-        "obsidian.desktop"
-        "zen.desktop"
-        "phpstorm.desktop"
-      ];
-
-      enabled-extensions = [
-        pkgs.gnomeExtensions.unite.extensionUuid
-        pkgs.gnomeExtensions.color-picker.extensionUuid
-        pkgs.gnomeExtensions.clipboard-history.extensionUuid
-        pkgs.gnomeExtensions.blur-my-shell.extensionUuid
-        pkgs.gnomeExtensions.user-themes.extensionUuid
-        pkgs.gnomeExtensions.dash-to-dock.extensionUuid
-        pkgs.gnomeExtensions.appindicator.extensionUuid
-      ];
-    };
-
     "org/gnome/desktop/wm/preferences" = {
       workspace-names = [ "Main" ];
     };

homes/x86_64-linux/jo@puzzlevision/default.nix

@@ -38,12 +38,12 @@
     steam
     g4music
     bitwarden-desktop
+    youtube-music
 
     ### Development
     avra
     avrdude
     jetbrains.phpstorm
-    jetbrains.pycharm-community
     git
     nodejs_22
     bun
@@ -54,10 +54,6 @@
     zed-editor
     bruno
 
-    ### Rust development specific
-    rustup
-    gcc
-
     ### Work
     teams-for-linux
     enpass

modules/home/desktop/gnome/default.nix

@@ -0,0 +1,40 @@
+{
+  lib,
+  pkgs,
+  host,
+  config,
+  osConfig,
+  namespace,
+  ...
+}: with lib; with lib.${namespace};
+let
+  cfg = config.${host}.desktop.gnome;
+in
+{
+  options.${host}.desktop.gnome = with types; {
+    extensions = mkOption {
+      type = listOf package;
+      default = with pkgs.gnomeExtensions; [ dash-to-dock user-themes blur-my-shell appindicator unite color-picker clipboard-history ];
+      example = [ dash-to-dock blur-my-shell ];
+      description = "Specify gnome extensions to install.";
+    };
+    favorite-apps = mkOption {
+      type = listOf string;
+      default = ["org.gnome.Nautilus.desktop" "obsidian.desktop" "zen.desktop" "dev.zed.Zed.desktop"];
+      example = ["org.gnome.Nautilus.desktop" "obsidian.desktop"];
+      description = "Specify your favorite apps (sorted left to right)";
+    };
+  };
+
+  config = mkIf osConfig.${namespace}.desktop.gnome.enable {
+    home.packages = cfg.extensions;
+
+    dconf.settings = {
+      "org/gnome/shell" = {
+        favorite-apps = cfg.favorite-apps;
+        enabled-extensions = forEach cfg.extensions (x: x.extensionUuid);
+        disabled-extensions = []; # Make sure none of our extensions are disabled on system rebuild
+      };
+    };
+  };
+}

modules/nixos/archetypes/workstation/default.nix

@@ -12,6 +12,7 @@ in {
   config = mkIf cfg.enable {
     environment.sessionVariables = {
       MOZ_ENABLE_WAYLAND = "1"; # Firefox native Wayland support
+      NIXOS_OZONE_WL = "1"; # Native Wayland in Chromium and Electron based applications
     };
 
     # Enable modules
@@ -20,6 +21,7 @@ in {
         nix = {
           enable = true; # Standard Nix configuration
           use-lix = true;
+          use-nixld = true;
         };
         grub.enable = true; # Bootloader grub
         networking.enable = true; # Networkmanager configuration
@@ -32,6 +34,10 @@ in {
         locale.enable = true; # Locale settings
       };
 
+      tools = {
+        cachix.enable = true;
+      };
+
       desktop.gnome.enable = true;
     };
   };

modules/nixos/common/fonts/default.nix

@@ -12,7 +12,7 @@ in {
     enable = mkEnableOption "Enable system font management";
     fonts = mkOption {
       type = listOf package;
-      default = with pkgs; [ noto-fonts noto-fonts-cjk-sans noto-fonts-cjk-serif noto-fonts-emoji nerdfonts ];
+      default = with pkgs; [ noto-fonts noto-fonts-cjk-sans noto-fonts-cjk-serif noto-fonts-emoji nerd-fonts.bigblue-terminal nerd-fonts.zed-mono monocraft ];
       example = [ noto-fonts noto-fonts-emoji ];
       description = "Install additional font packages";
     };

modules/nixos/security/yubikey/default.nix

@@ -7,7 +7,7 @@
 }: with lib; with lib.${namespace};
 let
   cfg = config.${namespace}.security.yubikey;
-in 
+in
 {
   options.${namespace}.security.yubikey = with types; {
     enable = mkEnableOption "Enable the Yubikey as a security device.";
@@ -17,6 +17,7 @@ in
       example = [ "123456" "1234567" ];
       description = "Register additional Yubikey IDs.";
     };
+    enable-agent = mkEnableOption "Enable the Yubikey agent";
   };
 
   config = mkIf cfg.enable {
@@ -34,5 +35,16 @@ in
       login.u2fAuth = true;
       sudo.u2fAuth = true;
     };
+
+    services.yubikey-agent.enable = cfg.enable-agent;
+
+    programs.ssh.extraConfig = mkIf cfg.enable-agent ''
+        Host *
+            IdentityAgent /usr/local/var/run/yubikey-agent.sock
+    '';
+
+    environment.sessionVariables = mkIf cfg.enable-agent {
+        SSH_AUTH_SOCK = "/usr/local/var/run/yubikey-agent.sock";
+    };
   };
-}
+}

modules/nixos/tools/cachix/default.nix

@@ -0,0 +1,17 @@
+{
+  lib,
+  pkgs,
+  namespace,
+  config,
+  ... 
+}: with lib; with lib.${namespace};
+let
+  cfg = config.${namespace}.tools.cachix;
+in {
+  options.${namespace}.tools.cachix = { enable = mkEnableOption "Enable the cachix binary cache service on your system."; };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [ cachix ];
+  };
+}
+

systems/x86_64-linux/puzzlevision/default.nix

@@ -52,12 +52,18 @@
   # Set system configuration
   puzzlevision = {
     archetypes.workstation.enable = true;
-    security.yubikey.enable = true;
+    security.yubikey = {
+        enable = true;
+        enable-agent = true;
+    };
   };
 
   # Enable flatpak support.
   services.flatpak.enable = true;
 
+  # Set trusted users (Primarily used for cachix)
+  nix.settings.trusted-users = [ "root" "jo" ];
+
   # Configure users.
   snowfallorg.users.jo.admin = true;
   users.users.jo.isNormalUser = true;