feat(languages): enable tailwind language support

WARN: This commit message assumes the reason for disabling is darwin.

.gitignore

@@ -1,2 +1,2 @@
-result
-*.qcow2
+# gitignore
+.pre-commit-config.*

.sops.yaml

@@ -1,7 +1,7 @@
 keys:
-  - &admin age12l33pas8eptwjc7ewux3d8snyzfzwz0tn9qg5kw8le79fswmjgjqdjgyy6
+  - &rafiq age12l33pas8eptwjc7ewux3d8snyzfzwz0tn9qg5kw8le79fswmjgjqdjgyy6
 creation_rules:
-  - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
+  - path_regex: \.(yaml)$
     key_groups:
     - age:
-      - *admin
+      - *rafiq

README.md

@@ -1,24 +0,0 @@
-# Modules
-
-The nixosModules and homeModules exposed by this flake are slightly out of the norm.
-
-Option declarations for user specific configuration are kept to:
-
-- homeModules for CLI
-- nixosModules for desktop
-
-System configurations, to this end, should include the window manager, lockscreen, terminal etc. for that system.
-
-These desktop programs will be **configured** in home-manager for each user, but those configurations consult the osConfig variable passed in by home-manager.
-
-# System Setup
-
-The following files are **required** for system activation:
-
-- /persist/home/${mainUser}/.ssh/id_ed25519
-
-This private key will be used by sops-nix to decrypt the secrets in [[secrets/secrets.yaml]]. The secrets inside the yaml file should also be set, or otherwise removed alongside their declarations (in [[modules/nixos/system/secrets.nix]]) and references.
-
-# Impermanence
-
-System and user state is stored under /persist. Anything not declared under `{environment,home}.persistence` is deleted on system boot.

docs/README.md

@@ -0,0 +1,29 @@
+# Pantheon
+This flake serves as a monorepo for my systems (using IaC), dotfiles, and scripts.
+It's hosted at https://git.rrv.sh/rrvsh/pantheon, and mirrored to https://github.com/rrvsh/pantheon.
+
+## Structure
+The system configurations are defined in [`flake.manifest`](nix/manifest.nix).
+`flake.manifest.owner` provides the attributes for the administrator user, including username and pubkey.
+`flake.manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations.
+`flake.modules.nixos.*` provide NixOS options and configurations.
+The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class.
+You can use it as seen [here](nix/modules/flake/home-manager.nix):
+
+```nix
+flake.modules.nixos.default.imports = [ inputs.home-manager.nixosModules.default ];
+```
+
+The other attributes under `flake.modules.nixos` should be opt-in, i.e. provide options that will be set in the profiles.
+`flake.profiles.nixos` provides profiles which use the options defined in `flake.modules.nixos` to define different roles for each system, such as graphical, laptop, headless, etc.
+Options should not be defined here.
+`flake.contracts.nixos.*` will provide contracts, such as reverse proxies or databases, which will configure options on the provider and receiver host.
+
+## Acknowledgements
+Thanks to the following for inspiring this configuration. I highly recommend you look through their writings and configurations.
+- [ornicar](https://github.com/ornicar/dotfiles) which is where I first heard of NixOS
+- [No Boilerplate](https://www.youtube.com/watch?v=CwfKlX3rA6E&pp=0gcJCfwAo7VqN5tD) for making me finally try the OS
+- [ryan4yin](https://nixos-and-flakes.thiscute.world/) for being an amazing introduction to NixOS, home-manager, and flakes
+- [NotAShelf](https://github.com/NotAShelf/) for their blog and for the wonderful [NVF](https://github.com/notashelf/nvf)
+- [mightyiam](https://github.com/mightyiam/infra) for their infrastructure repo using flake-parts
+- [drupol](https://not-a-number.io/2025/refactoring-my-infrastructure-as-code-configurations/) for this blog post which convinced me to rebase my infra to use flake-parts

docs/cheatsheet.md

@@ -0,0 +1,2 @@
+# cheatsheet
+`__curPos.file` will give the full evaluated path of the nix file it is called in. See [this issue](https://github.com/NixOS/nix/issues/5897#issuecomment-1012165198) for more information.

flake.lock

@@ -1,5 +1,142 @@
 {
   "nodes": {
+    "base16": {
+      "inputs": {
+        "fromYaml": "fromYaml"
+      },
+      "locked": {
+        "lastModified": 1746562888,
+        "narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=",
+        "owner": "SenchoPens",
+        "repo": "base16.nix",
+        "rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89",
+        "type": "github"
+      },
+      "original": {
+        "owner": "SenchoPens",
+        "repo": "base16.nix",
+        "type": "github"
+      }
+    },
+    "base16-fish": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1622559957,
+        "narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=",
+        "owner": "tomyun",
+        "repo": "base16-fish",
+        "rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tomyun",
+        "repo": "base16-fish",
+        "type": "github"
+      }
+    },
+    "base16-helix": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1748408240,
+        "narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
+        "owner": "tinted-theming",
+        "repo": "base16-helix",
+        "rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tinted-theming",
+        "repo": "base16-helix",
+        "type": "github"
+      }
+    },
+    "base16-vim": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1732806396,
+        "narHash": "sha256-e0bpPySdJf0F68Ndanwm+KWHgQiZ0s7liLhvJSWDNsA=",
+        "owner": "tinted-theming",
+        "repo": "base16-vim",
+        "rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tinted-theming",
+        "repo": "base16-vim",
+        "rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
+        "type": "github"
+      }
+    },
+    "dedupe_flake-compat": {
+      "locked": {
+        "lastModified": 1747046372,
+        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "dedupe_flake-utils": {
+      "inputs": {
+        "systems": [
+          "systems"
+        ]
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "dedupe_gitignore": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1709087332,
+        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
+        "owner": "hercules-ci",
+        "repo": "gitignore.nix",
+        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
+        "type": "github"
+      },
+      "original": {
+        "owner": "hercules-ci",
+        "repo": "gitignore.nix",
+        "type": "github"
+      }
+    },
+    "dedupe_mnw": {
+      "locked": {
+        "lastModified": 1748710831,
+        "narHash": "sha256-eZu2yH3Y2eA9DD3naKWy/sTxYS5rPK2hO7vj8tvUCSU=",
+        "owner": "gerg-l",
+        "repo": "mnw",
+        "rev": "cff958a4e050f8d917a6ff3a5624bc4681c6187d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "gerg-l",
+        "repo": "mnw",
+        "type": "github"
+      }
+    },
     "disko": {
       "inputs": {
         "nixpkgs": [
@@ -7,11 +144,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747724474,
-        "narHash": "sha256-HG6DeCae97L0mYepwFedsLDueetX/KdihY3HvJqhwLk=",
+        "lastModified": 1751854533,
+        "narHash": "sha256-U/OQFplExOR1jazZY4KkaQkJqOl59xlh21HP9mI79Vc=",
         "owner": "nix-community",
         "repo": "disko",
-        "rev": "58e72c6ec29a9df611ed5cdef37db1081797a6e0",
+        "rev": "16b74a1e304197248a1bc663280f2548dbfcae3c",
         "type": "github"
       },
       "original": {
@@ -20,32 +157,49 @@
         "type": "github"
       }
     },
-    "flake-compat": {
-      "flake": false,
+    "files": {
       "locked": {
-        "lastModified": 1650374568,
-        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
-        "owner": "edolstra",
-        "repo": "flake-compat",
-        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
+        "lastModified": 1750263550,
+        "narHash": "sha256-EW/QJ8i/13GgiynBb6zOMxhLU1uEkRqmzbIDEP23yVA=",
+        "owner": "mightyiam",
+        "repo": "files",
+        "rev": "5f4ef1fd1f9012354a9748be093e277675d10f07",
         "type": "github"
       },
       "original": {
-        "owner": "edolstra",
-        "repo": "flake-compat",
+        "owner": "mightyiam",
+        "repo": "files",
+        "type": "github"
+      }
+    },
+    "firefox-gnome-theme": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1748383148,
+        "narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=",
+        "owner": "rafaelmardojai",
+        "repo": "firefox-gnome-theme",
+        "rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf",
+        "type": "github"
+      },
+      "original": {
+        "owner": "rafaelmardojai",
+        "repo": "firefox-gnome-theme",
         "type": "github"
       }
     },
     "flake-parts": {
       "inputs": {
-        "nixpkgs-lib": "nixpkgs-lib"
+        "nixpkgs-lib": [
+          "nixpkgs"
+        ]
       },
       "locked": {
-        "lastModified": 1743550720,
-        "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
+        "lastModified": 1751413152,
+        "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "c621e8422220273271f52058f618c94e405bb0f5",
+        "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
         "type": "github"
       },
       "original": {
@@ -54,76 +208,62 @@
         "type": "github"
       }
     },
-    "flake-utils": {
-      "inputs": {
-        "systems": "systems"
-      },
+    "fromYaml": {
+      "flake": false,
       "locked": {
-        "lastModified": 1731533236,
-        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "lastModified": 1731966426,
+        "narHash": "sha256-lq95WydhbUTWig/JpqiB7oViTcHFP8Lv41IGtayokA8=",
+        "owner": "SenchoPens",
+        "repo": "fromYaml",
+        "rev": "106af9e2f715e2d828df706c386a685698f3223b",
         "type": "github"
       },
       "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
+        "owner": "SenchoPens",
+        "repo": "fromYaml",
         "type": "github"
       }
     },
-    "flake-utils-plus": {
+    "git-hooks": {
       "inputs": {
-        "flake-utils": "flake-utils_2"
+        "flake-compat": [
+          "dedupe_flake-compat"
+        ],
+        "gitignore": [
+          "dedupe_gitignore"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
       },
       "locked": {
-        "lastModified": 1715533576,
-        "narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
-        "owner": "gytis-ivaskevicius",
-        "repo": "flake-utils-plus",
-        "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
+        "lastModified": 1750779888,
+        "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
+        "owner": "cachix",
+        "repo": "git-hooks.nix",
+        "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
         "type": "github"
       },
       "original": {
-        "owner": "gytis-ivaskevicius",
-        "repo": "flake-utils-plus",
-        "rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
+        "owner": "cachix",
+        "repo": "git-hooks.nix",
         "type": "github"
       }
     },
-    "flake-utils_2": {
-      "inputs": {
-        "systems": "systems_3"
-      },
+    "gnome-shell": {
+      "flake": false,
       "locked": {
-        "lastModified": 1694529238,
-        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "lastModified": 1748186689,
+        "narHash": "sha256-UaD7Y9f8iuLBMGHXeJlRu6U1Ggw5B9JnkFs3enZlap0=",
+        "owner": "GNOME",
+        "repo": "gnome-shell",
+        "rev": "8c88f917db0f1f0d80fa55206c863d3746fa18d0",
         "type": "github"
       },
       "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
-    "flake-utils_3": {
-      "inputs": {
-        "systems": "systems_4"
-      },
-      "locked": {
-        "lastModified": 1731533236,
-        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
+        "owner": "GNOME",
+        "ref": "48.2",
+        "repo": "gnome-shell",
         "type": "github"
       }
     },
@@ -134,11 +274,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747688838,
-        "narHash": "sha256-FZq4/3OtGV/cti9Vccsy2tGSUrxTO4hkDF9oeGRTen4=",
+        "lastModified": 1751990210,
+        "narHash": "sha256-krWErNDl9ggMLSfK00Q2BcoSk3+IRTSON/DiDgUzzMw=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "45c2985644b60ab64de2a2d93a4d132ecb87cf66",
+        "rev": "218da00bfa73f2a61682417efe74549416c16ba6",
         "type": "github"
       },
       "original": {
@@ -162,44 +302,74 @@
         "type": "github"
       }
     },
-    "mnw": {
+    "import-tree": {
       "locked": {
-        "lastModified": 1747499976,
-        "narHash": "sha256-YTiSI4WLbk0CleXeBheYmKZV6iqKyBpyoh1e+vcQzu4=",
-        "owner": "Gerg-L",
-        "repo": "mnw",
-        "rev": "72433a144c4ac16931e9148f78db4a0e4c147441",
+        "lastModified": 1751399845,
+        "narHash": "sha256-iun7//YHeEFgEOcG4KKKoy3d2GWOYqokLFVU/zIs79Y=",
+        "owner": "vic",
+        "repo": "import-tree",
+        "rev": "e24a50ff9b5871d4bdd8900679784812eeb120ea",
         "type": "github"
       },
       "original": {
-        "owner": "Gerg-L",
-        "repo": "mnw",
+        "owner": "vic",
+        "repo": "import-tree",
         "type": "github"
       }
     },
-    "nil": {
+    "make-shell": {
       "inputs": {
-        "flake-utils": [
-          "nvf",
-          "flake-utils"
-        ],
-        "nixpkgs": [
-          "nvf",
-          "nixpkgs"
-        ],
-        "rust-overlay": "rust-overlay"
+        "flake-compat": [
+          "dedupe_flake-compat"
+        ]
       },
       "locked": {
-        "lastModified": 1741118843,
-        "narHash": "sha256-ggXU3RHv6NgWw+vc+HO4/9n0GPufhTIUjVuLci8Za8c=",
-        "owner": "oxalica",
-        "repo": "nil",
-        "rev": "577d160da311cc7f5042038456a0713e9863d09e",
+        "lastModified": 1733933815,
+        "narHash": "sha256-9JjM7eT66W4NJAXpGUsdyAFXhBxFWR2Z9LZwUa7Hli0=",
+        "owner": "nicknovitski",
+        "repo": "make-shell",
+        "rev": "ffeceae9956df03571ea8e96ef77c2924f13a63c",
         "type": "github"
       },
       "original": {
-        "owner": "oxalica",
-        "repo": "nil",
+        "owner": "nicknovitski",
+        "repo": "make-shell",
+        "type": "github"
+      }
+    },
+    "manifest": {
+      "locked": {
+        "lastModified": 1752588656,
+        "narHash": "sha256-clKPzQ43eDpukeiGHzXmd1hGb2s4N+MWXAzQ5u5+pHQ=",
+        "owner": "rrvsh",
+        "repo": "manifest",
+        "rev": "365902fba994f30469298dee0c98a5fc0f41ec38",
+        "type": "github"
+      },
+      "original": {
+        "owner": "rrvsh",
+        "repo": "manifest",
+        "type": "github"
+      }
+    },
+    "nix-darwin": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1751313918,
+        "narHash": "sha256-HsJM3XLa43WpG+665aGEh8iS8AfEwOIQWk3Mke3e7nk=",
+        "owner": "nix-darwin",
+        "repo": "nix-darwin",
+        "rev": "e04a388232d9a6ba56967ce5b53a8a6f713cdfcf",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-darwin",
+        "ref": "master",
+        "repo": "nix-darwin",
         "type": "github"
       }
     },
@@ -210,11 +380,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747540584,
-        "narHash": "sha256-cxCQ413JTUuRv9Ygd8DABJ1D6kuB/nTfQqC0Lu9C0ls=",
+        "lastModified": 1751774635,
+        "narHash": "sha256-DuOznGdgMxeSlPpUu6Wkq0ZD5e2Cfv9XRZeZlHWMd1s=",
         "owner": "nix-community",
         "repo": "nix-index-database",
-        "rev": "ec179dd13fb7b4c6844f55be91436f7857226dce",
+        "rev": "85686025ba6d18df31cc651a91d5adef63378978",
         "type": "github"
       },
       "original": {
@@ -225,11 +395,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1747542820,
-        "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=",
+        "lastModified": 1751792365,
+        "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043",
+        "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
         "type": "github"
       },
       "original": {
@@ -239,72 +409,53 @@
         "type": "github"
       }
     },
-    "nixpkgs-lib": {
-      "locked": {
-        "lastModified": 1743296961,
-        "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=",
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "type": "github"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1747542820,
-        "narHash": "sha256-GaOZntlJ6gPPbbkTLjbd8BMWaDYafhuuYRNrxCGnPJw=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "292fa7d4f6519c074f0a50394dbbe69859bb6043",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixspect": {
+    "nur": {
       "inputs": {
-        "nixpkgs": "nixpkgs_2"
+        "flake-parts": [
+          "flake-parts"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
       },
       "locked": {
-        "lastModified": 1747725629,
-        "narHash": "sha256-jEdIW5+SMfX6jVvx/MkMbpXLX9S2b+zsayIC1YJNAaY=",
-        "owner": "rrvsh",
-        "repo": "nixspect",
-        "rev": "28deacc6adeaef69f45af5c8139961a774e1600b",
+        "lastModified": 1752005241,
+        "narHash": "sha256-+7DH6wh2BYnLRJzYXEbVlA1ZuAR4MxZI/paknbAuzk4=",
+        "owner": "nix-community",
+        "repo": "NUR",
+        "rev": "a2570fb4d0699fd34ebbbd52e2a763722601f6c6",
         "type": "github"
       },
       "original": {
-        "owner": "rrvsh",
-        "repo": "nixspect",
+        "owner": "nix-community",
+        "repo": "NUR",
         "type": "github"
       }
     },
     "nvf": {
       "inputs": {
-        "flake-parts": "flake-parts",
-        "flake-utils": "flake-utils",
-        "mnw": "mnw",
-        "nil": "nil",
+        "flake-parts": [
+          "flake-parts"
+        ],
+        "flake-utils": [
+          "dedupe_flake-utils"
+        ],
+        "mnw": [
+          "dedupe_mnw"
+        ],
         "nixpkgs": [
           "nixpkgs"
         ],
-        "systems": "systems_2"
+        "systems": [
+          "systems"
+        ]
       },
       "locked": {
-        "lastModified": 1747525582,
-        "narHash": "sha256-oEZ6DV4bPcNZIuwW5Kcd+/zT3PMkXse2kX/3jHoomGk=",
+        "lastModified": 1752001027,
+        "narHash": "sha256-JgP8lW4QBr9v/U4ETaIOMvGCd/DAA1AjZ1lqjIwfWno=",
         "owner": "notashelf",
         "repo": "nvf",
-        "rev": "d3a0e7029ac57eef1120225973247851c5b967b5",
+        "rev": "c4d80273aaefeadaad96db97d077c647942b0e96",
         "type": "github"
       },
       "original": {
@@ -325,11 +476,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734836319,
-        "narHash": "sha256-h/Jiq852WJyyAL037sIxjPDScjeH8sUoZVZBWlciXaw=",
+        "lastModified": 1751898758,
+        "narHash": "sha256-8EmTPdfOymvvHhmHYWiyO3cwZ4gtLo5uBFm3CU5vySo=",
         "owner": "Janrupf",
         "repo": "python-flexseal",
-        "rev": "fdd313f7b9a5c9545c015acaf0729b01f708118a",
+        "rev": "af318e1fd047abbefcc68d0292a4d902179c95fe",
         "type": "github"
       },
       "original": {
@@ -340,59 +491,66 @@
     },
     "root": {
       "inputs": {
+        "dedupe_flake-compat": "dedupe_flake-compat",
+        "dedupe_flake-utils": "dedupe_flake-utils",
+        "dedupe_gitignore": "dedupe_gitignore",
+        "dedupe_mnw": "dedupe_mnw",
         "disko": "disko",
+        "files": "files",
+        "flake-parts": "flake-parts",
+        "git-hooks": "git-hooks",
         "home-manager": "home-manager",
         "impermanence": "impermanence",
+        "import-tree": "import-tree",
+        "make-shell": "make-shell",
+        "manifest": "manifest",
+        "nix-darwin": "nix-darwin",
         "nix-index-database": "nix-index-database",
         "nixpkgs": "nixpkgs",
-        "nixspect": "nixspect",
+        "nur": "nur",
         "nvf": "nvf",
-        "snowfall-lib": "snowfall-lib",
+        "rrv-sh": "rrv-sh",
+        "rrvsh-nixpkgs": "rrvsh-nixpkgs",
         "sops-nix": "sops-nix",
-        "stable-diffusion-webui-nix": "stable-diffusion-webui-nix"
+        "stable-diffusion-webui-nix": "stable-diffusion-webui-nix",
+        "stylix": "stylix",
+        "systems": "systems",
+        "text": "text"
       }
     },
-    "rust-overlay": {
+    "rrv-sh": {
       "inputs": {
-        "nixpkgs": [
-          "nvf",
-          "nil",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1741055476,
-        "narHash": "sha256-52vwEV0oS2lCnx3c/alOFGglujZTLmObit7K8VblnS8=",
-        "owner": "oxalica",
-        "repo": "rust-overlay",
-        "rev": "aefb7017d710f150970299685e8d8b549d653649",
-        "type": "github"
-      },
-      "original": {
-        "owner": "oxalica",
-        "repo": "rust-overlay",
-        "type": "github"
-      }
-    },
-    "snowfall-lib": {
-      "inputs": {
-        "flake-compat": "flake-compat",
-        "flake-utils-plus": "flake-utils-plus",
         "nixpkgs": [
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1736130495,
-        "narHash": "sha256-4i9nAJEZFv7vZMmrE0YG55I3Ggrtfo5/T07JEpEZ/RM=",
-        "owner": "snowfallorg",
-        "repo": "lib",
-        "rev": "02d941739f98a09e81f3d2d9b3ab08918958beac",
+        "lastModified": 1751721838,
+        "narHash": "sha256-702c0fbgpUuEuQsduGJ9I5bSrCLYEG88SPuZXcSQqTs=",
+        "owner": "rrvsh",
+        "repo": "rrv.sh",
+        "rev": "e00c1c2607b55f43ef74b5f555f62838f4fe5963",
         "type": "github"
       },
       "original": {
-        "owner": "snowfallorg",
-        "repo": "lib",
+        "owner": "rrvsh",
+        "repo": "rrv.sh",
+        "type": "github"
+      }
+    },
+    "rrvsh-nixpkgs": {
+      "locked": {
+        "lastModified": 1750146550,
+        "narHash": "sha256-vFNbONVWIdYBqlKZoJScDRjnQ/euDmVqgCL2ebnsu7U=",
+        "owner": "rrvsh",
+        "repo": "nixpkgs",
+        "rev": "d7fa95990fd890bbd17ca8361f5d4e4935512c75",
+        "type": "github"
+      },
+      "original": {
+        "owner": "rrvsh",
+        "ref": "librechat-module",
+        "repo": "nixpkgs",
         "type": "github"
       }
     },
@@ -403,11 +561,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1747603214,
-        "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
+        "lastModified": 1751606940,
+        "narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
+        "rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d",
         "type": "github"
       },
       "original": {
@@ -418,27 +576,68 @@
     },
     "stable-diffusion-webui-nix": {
       "inputs": {
-        "flake-utils": "flake-utils_3",
+        "flake-utils": [
+          "dedupe_flake-utils"
+        ],
         "nixpkgs": [
           "nixpkgs"
         ],
         "python-flexseal": "python-flexseal"
       },
       "locked": {
-        "lastModified": 1746840548,
-        "narHash": "sha256-NjKmOjkSMVx+z35L4lTEhYg/eJaNrRqaKwAEdnRJusY=",
-        "owner": "Janrupf",
+        "lastModified": 1751899247,
+        "narHash": "sha256-bh6xwc24Rv0YE4grKXvj+kmXmydns+OrlWn4WLnJSY4=",
+        "owner": "janrupf",
         "repo": "stable-diffusion-webui-nix",
-        "rev": "74a71ad10cc6525bc0dbb90ae47a19715a316344",
+        "rev": "d5ba5dccd190b0ded17f9c4a23dc7665c6dc2eae",
         "type": "github"
       },
       "original": {
-        "owner": "Janrupf",
-        "ref": "main",
+        "owner": "janrupf",
         "repo": "stable-diffusion-webui-nix",
         "type": "github"
       }
     },
+    "stylix": {
+      "inputs": {
+        "base16": "base16",
+        "base16-fish": "base16-fish",
+        "base16-helix": "base16-helix",
+        "base16-vim": "base16-vim",
+        "firefox-gnome-theme": "firefox-gnome-theme",
+        "flake-parts": [
+          "flake-parts"
+        ],
+        "gnome-shell": "gnome-shell",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nur": [
+          "nur"
+        ],
+        "systems": [
+          "systems"
+        ],
+        "tinted-foot": "tinted-foot",
+        "tinted-kitty": "tinted-kitty",
+        "tinted-schemes": "tinted-schemes",
+        "tinted-tmux": "tinted-tmux",
+        "tinted-zed": "tinted-zed"
+      },
+      "locked": {
+        "lastModified": 1751995939,
+        "narHash": "sha256-C5CSTv+b8XSbqJwqTP8SGkZEK3YCCJnmvRbg209ql5w=",
+        "owner": "nix-community",
+        "repo": "stylix",
+        "rev": "8f3259dbc57c8ee871492fde80f77468826bbd63",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "stylix",
+        "type": "github"
+      }
+    },
     "systems": {
       "locked": {
         "lastModified": 1681028828,
@@ -454,48 +653,99 @@
         "type": "github"
       }
     },
-    "systems_2": {
+    "text": {
       "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "lastModified": 1751819711,
+        "narHash": "sha256-Emci++Hknzr2FEZRUbRDD7prI5JwwGsACO/GaU9Pmxg=",
+        "owner": "rrvsh",
+        "repo": "text.nix",
+        "rev": "00ba1e616ef3b761a52d5f7ac32892715cc4bcd1",
         "type": "github"
       },
       "original": {
-        "owner": "nix-systems",
-        "repo": "default",
+        "owner": "rrvsh",
+        "repo": "text.nix",
         "type": "github"
       }
     },
-    "systems_3": {
+    "tinted-foot": {
+      "flake": false,
       "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "lastModified": 1726913040,
+        "narHash": "sha256-+eDZPkw7efMNUf3/Pv0EmsidqdwNJ1TaOum6k7lngDQ=",
+        "owner": "tinted-theming",
+        "repo": "tinted-foot",
+        "rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
         "type": "github"
       },
       "original": {
-        "owner": "nix-systems",
-        "repo": "default",
+        "owner": "tinted-theming",
+        "repo": "tinted-foot",
+        "rev": "fd1b924b6c45c3e4465e8a849e67ea82933fcbe4",
         "type": "github"
       }
     },
-    "systems_4": {
+    "tinted-kitty": {
+      "flake": false,
       "locked": {
-        "lastModified": 1681028828,
-        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
-        "owner": "nix-systems",
-        "repo": "default",
-        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "lastModified": 1735730497,
+        "narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
+        "owner": "tinted-theming",
+        "repo": "tinted-kitty",
+        "rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
         "type": "github"
       },
       "original": {
-        "owner": "nix-systems",
-        "repo": "default",
+        "owner": "tinted-theming",
+        "repo": "tinted-kitty",
+        "type": "github"
+      }
+    },
+    "tinted-schemes": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1748180480,
+        "narHash": "sha256-7n0XiZiEHl2zRhDwZd/g+p38xwEoWtT0/aESwTMXWG4=",
+        "owner": "tinted-theming",
+        "repo": "schemes",
+        "rev": "87d652edd26f5c0c99deda5ae13dfb8ece2ffe31",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tinted-theming",
+        "repo": "schemes",
+        "type": "github"
+      }
+    },
+    "tinted-tmux": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1748740859,
+        "narHash": "sha256-OEM12bg7F4N5WjZOcV7FHJbqRI6jtCqL6u8FtPrlZz4=",
+        "owner": "tinted-theming",
+        "repo": "tinted-tmux",
+        "rev": "57d5f9683ff9a3b590643beeaf0364da819aedda",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tinted-theming",
+        "repo": "tinted-tmux",
+        "type": "github"
+      }
+    },
+    "tinted-zed": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1725758778,
+        "narHash": "sha256-8P1b6mJWyYcu36WRlSVbuj575QWIFZALZMTg5ID/sM4=",
+        "owner": "tinted-theming",
+        "repo": "base16-zed",
+        "rev": "122c9e5c0e6f27211361a04fae92df97940eccf9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "tinted-theming",
+        "repo": "base16-zed",
         "type": "github"
       }
     }

flake.nix

@@ -1,45 +1,134 @@
 {
-  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
-    disko.url = "github:nix-community/disko";
-    disko.inputs.nixpkgs.follows = "nixpkgs";
-    snowfall-lib.url = "github:snowfallorg/lib";
-    snowfall-lib.inputs.nixpkgs.follows = "nixpkgs";
-    impermanence.url = "github:nix-community/impermanence";
-    home-manager.url = "github:nix-community/home-manager";
-    home-manager.inputs.nixpkgs.follows = "nixpkgs";
-    nix-index-database.url = "github:nix-community/nix-index-database";
-    nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
-    sops-nix.url = "github:Mic92/sops-nix";
-    sops-nix.inputs.nixpkgs.follows = "nixpkgs";
-    nvf.url = "github:notashelf/nvf";
-    nvf.inputs.nixpkgs.follows = "nixpkgs";
-    nixspect.url = "github:rrvsh/nixspect";
-    stable-diffusion-webui-nix.url = "github:Janrupf/stable-diffusion-webui-nix/main";
-    stable-diffusion-webui-nix.inputs.nixpkgs.follows = "nixpkgs";
-  };
-
   outputs =
-    inputs:
-    inputs.snowfall-lib.mkFlake {
-      inherit inputs;
-      src = ./.;
-      snowfall.namespace = "pantheon";
-      overlays = with inputs; [
-        stable-diffusion-webui-nix.overlays.default
-      ];
-      systems.modules.nixos = with inputs; [
-        disko.nixosModules.disko
-        impermanence.nixosModules.impermanence
-        sops-nix.nixosModules.sops
-      ];
-      homes.modules = with inputs; [
-        impermanence.homeManagerModules.impermanence
-        nix-index-database.hmModules.nix-index
-        nvf.homeManagerModules.default
-      ];
-      outputs-builder = channels: {
-        formatter = channels.nixpkgs.nixfmt-rfc-style;
+    { self, ... }@inputs:
+    inputs.flake-parts.lib.mkFlake { inherit inputs; } (
+      (inputs.import-tree ./nix)
+      // {
+        systems = import inputs.systems;
+        flake = {
+          inherit self;
+          paths.root = ./.;
+        };
+      }
+    );
+  inputs = {
+    ### SYSTEM ###
+
+    # systems provides a list of supported nix systems.
+    systems.url = "github:nix-systems/default";
+    # nixos-unstable provides a binary cache for all packages.
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+    # My fork for random shit
+    rrvsh-nixpkgs.url = "github:rrvsh/nixpkgs/librechat-module";
+    # home-manager manages our user packages and dotfiles
+    home-manager = {
+      url = "github:nix-community/home-manager";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    # nix darwin provides declarative mac configuration
+    nix-darwin = {
+      url = "github:nix-darwin/nix-darwin/master";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    # the nix user repository for mainly firefox extensions
+    nur = {
+      url = "github:nix-community/NUR";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-parts.follows = "flake-parts";
+    };
+    # impermanence provides a nice abstraction over linking files from /persist
+    impermanence.url = "github:nix-community/impermanence";
+    # flake-parts lets us define flake modules.
+    flake-parts = {
+      url = "github:hercules-ci/flake-parts";
+      inputs.nixpkgs-lib.follows = "nixpkgs";
+    };
+    # disko provides declarative drive partitioning
+    disko = {
+      url = "github:nix-community/disko";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    # sops-nix lets us version control secrets like passwords and api keys
+    sops-nix = {
+      url = "github:Mic92/sops-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    stylix = {
+      url = "github:nix-community/stylix";
+      inputs = {
+        nixpkgs.follows = "nixpkgs";
+        flake-parts.follows = "flake-parts";
+        systems.follows = "systems";
+        nur.follows = "nur";
       };
     };
+
+    ### FLAKE PARTS MODULES ###
+
+    # import-tree imports all nix files in a given directory.
+    import-tree.url = "github:vic/import-tree";
+    # files lets us write text files and automatically add checks for them
+    files.url = "github:mightyiam/files";
+    # text.nix lets us easily define markdown text to pass to files
+    text.url = "github:rrvsh/text.nix";
+    # manifest lets us define all hosts in one file
+    manifest.url = "github:rrvsh/manifest";
+    # make-shells.<name> creates devShells and checks
+    make-shell = {
+      url = "github:nicknovitski/make-shell";
+      inputs.flake-compat.follows = "dedupe_flake-compat";
+    };
+    # git-hooks ensures nix flake check is ran before commits
+    git-hooks = {
+      url = "github:cachix/git-hooks.nix";
+      inputs = {
+        flake-compat.follows = "dedupe_flake-compat";
+        nixpkgs.follows = "nixpkgs";
+        gitignore.follows = "dedupe_gitignore";
+      };
+    };
+
+    ### FLAKES ###
+
+    # nix-index-database indexes the nixpkgs binaries for use with comma
+    nix-index-database = {
+      url = "github:nix-community/nix-index-database";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    # nvf provides modules to wrap neovim
+    nvf = {
+      url = "github:notashelf/nvf";
+      inputs = {
+        nixpkgs.follows = "nixpkgs";
+        flake-parts.follows = "flake-parts";
+        systems.follows = "systems";
+        flake-utils.follows = "dedupe_flake-utils";
+        mnw.follows = "dedupe_mnw";
+      };
+    };
+    # provides comfy ui and sdwebui services
+    stable-diffusion-webui-nix = {
+      url = "github:janrupf/stable-diffusion-webui-nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-utils.follows = "dedupe_flake-utils";
+    };
+    # my website :)
+    rrv-sh = {
+      url = "github:rrvsh/rrv.sh";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
+    ### DEDUPE ###
+
+    dedupe_flake-compat.url = "github:edolstra/flake-compat";
+    dedupe_flake-utils = {
+      url = "github:numtide/flake-utils";
+      inputs.systems.follows = "systems";
+    };
+    dedupe_mnw.url = "github:gerg-l/mnw";
+    dedupe_gitignore = {
+      url = "github:hercules-ci/gitignore.nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+  };
 }

homes/x86_64-linux/rafiq/default.nix

@@ -1,50 +0,0 @@
-{
-  pkgs,
-  inputs,
-  ...
-}:
-{
-  cli.shell = "zsh";
-  cli.screensaver.enable = true;
-  cli.screensaver.timeout = "100";
-  cli.screensaver.command = "cbonsai -S";
-  cli.editor = "nvf";
-  cli.file-browser = "yazi";
-  cli.multiplexer = "zellij";
-  cli.fetch = "hyfetch";
-  cli.git.name = "Mohammad Rafiq";
-  cli.git.email = "rafiq@rrv.sh";
-  cli.git.defaultBranch = "prime";
-
-  home.shellAliases = {
-    v = "nvim";
-  };
-
-  home.packages = with pkgs; [
-    cbonsai
-    ripgrep
-    devenv
-    pantheon.rebuild
-    pantheon.edit
-    inputs.nixspect.packages."x86_64-linux".nixspect
-  ];
-
-  home.persistence."/persist/home/rafiq".directories = [ "repos" ];
-
-  programs.direnv = {
-    enable = true;
-    nix-direnv.enable = true;
-  };
-
-  programs = {
-    thefuck.enable = true;
-    tealdeer.enable = true;
-    tealdeer.settings.updates.auto_update = true;
-    fzf = {
-      enable = true;
-      enableZshIntegration = true;
-    };
-    nh.enable = true;
-  };
-
-}

lib/default.nix

@@ -1,7 +0,0 @@
-{ lib, ... }:
-{
-  mkStrOption = lib.mkOption {
-    type = lib.types.str;
-    default = "";
-  };
-}

modules/home/cli/default.nix

@@ -1,60 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-{
-  options.cli = {
-    shell = lib.pantheon.mkStrOption;
-    screensaver.enable = lib.mkEnableOption "";
-    screensaver.timeout = lib.pantheon.mkStrOption;
-    screensaver.command = lib.pantheon.mkStrOption;
-    editor = lib.pantheon.mkStrOption;
-    nvf.snippets = lib.mkOption {
-      type = lib.types.listOf lib.types.attrs;
-      default = { };
-    };
-    file-browser = lib.pantheon.mkStrOption;
-    multiplexer = lib.pantheon.mkStrOption;
-    fetch = lib.pantheon.mkStrOption;
-    git = {
-      name = lib.pantheon.mkStrOption;
-      email = lib.pantheon.mkStrOption;
-      defaultBranch = lib.pantheon.mkStrOption;
-    };
-  };
-
-  config = lib.mkMerge [
-    {
-      home.shell.enableShellIntegration = true;
-      programs.ssh = {
-        enable = true;
-        extraConfig = ''
-          Host *
-            SetEnv TERM=xterm-256color
-        '';
-      };
-      programs.zoxide.enable = true;
-      home.shellAliases.cd = "z";
-      home.persistence."/persist/home/${config.snowfallorg.user.name}".directories = [
-        ".local/share/zoxide"
-      ];
-    }
-    {
-      programs.nix-index.enable = true;
-      programs.nix-index-database.comma.enable = true;
-    }
-    {
-      home.shellAliases.ai = "aichat -r %shell% -e";
-
-      home.packages = with pkgs; [ aichat ];
-
-      xdg.configFile."aichat/config.yaml".text = ''
-        model: gemini:gemini-2.0-flash
-        clients:
-        - type: gemini
-      '';
-    }
-  ];
-}

modules/home/cli/editor/nvf/binds.nix

@@ -1,26 +0,0 @@
-{
-  hardtime-nvim = {
-    enable = true;
-    setupOpts = {
-      disabled_keys = {
-        "<Up>" = [
-          "n"
-          "x"
-        ];
-        "<Down>" = [
-          "n"
-          "x"
-        ];
-        "<Left>" = [
-          "n"
-          "x"
-        ];
-        "<Right>" = [
-          "n"
-          "x"
-        ];
-      };
-    };
-  };
-  whichKey.enable = true;
-}

modules/home/cli/editor/nvf/clipboard.nix

@@ -1,6 +0,0 @@
-{
-  enable = true;
-  #FIXME: List doenst work for some reason
-  registers = "unnamedplus";
-  providers.wl-copy.enable = true;
-}

modules/home/cli/editor/nvf/default.nix

@@ -1,38 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkIf (config.cli.editor == "nvf") {
-    home.sessionVariables.EDITOR = "nvim";
-    home.persistence."/persist/home/${config.snowfallorg.user.name}".directories = [
-      ".local/share/nvf"
-    ];
-    programs.nvf = {
-      enable = true;
-      settings.vim = {
-        hideSearchHighlight = true;
-        syntaxHighlighting = true;
-        telescope.enable = true;
-        searchCase = "ignore";
-        undoFile.enable = true;
-        fzf-lua.enable = true;
-        git.enable = true;
-        autocomplete = import ./autocomplete.nix { inherit lib; };
-        autopairs.nvim-autopairs.enable = true;
-        binds = import ./binds.nix;
-        clipboard = import ./clipboard.nix;
-        diagnostics = import ./diagnostics.nix;
-        keymaps = import ./keymaps.nix;
-        languages = import ./languages.nix;
-        lsp = import ./lsp.nix;
-        navigation = import ./navigation.nix;
-        notes = import ./notes.nix;
-        options = import ./options.nix;
-        notify = import ./notify.nix;
-        snippets = import ./snippets.nix;
-        treesitter = import ./treesitter.nix;
-        ui = import ./ui.nix;
-        utility = import ./utility.nix;
-        visuals = import ./visuals.nix;
-      };
-    };
-  };
-}

modules/home/cli/editor/nvf/diagnostics.nix

@@ -1,6 +0,0 @@
-{
-  nvim-lint = {
-    enable = true;
-    lint_after_save = true;
-  };
-}

modules/home/cli/editor/nvf/keymaps.nix

@@ -1,16 +0,0 @@
-[
-  {
-    desc = "";
-    key = "f";
-    mode = "n";
-    action = ":FzfLua files<CR>";
-    silent = true;
-  }
-  {
-    desc = "Open the file path under the cursor, making the file if it doesn't exist.";
-    key = "gf";
-    mode = "n";
-    action = ":cd %:p:h<CR>:e <cfile><CR>";
-    silent = true;
-  }
-]

modules/home/cli/editor/nvf/lsp.nix

@@ -1,9 +0,0 @@
-{
-  enable = true;
-  formatOnSave = true;
-  inlayHints.enable = true;
-  lightbulb.enable = true;
-  lspkind.enable = true;
-  null-ls.enable = true;
-  otter-nvim.enable = true;
-}

modules/home/cli/editor/nvf/navigation.nix

@@ -1,5 +0,0 @@
-{
-  harpoon = {
-    enable = true;
-  };
-}

modules/home/cli/editor/nvf/notes.nix

@@ -1,3 +0,0 @@
-{
-  todo-comments.enable = true;
-}

modules/home/cli/editor/nvf/notify.nix

@@ -1,2 +0,0 @@
-{
-}

modules/home/cli/editor/nvf/options.nix

@@ -1,9 +0,0 @@
-{
-  autoindent = true;
-  smartindent = true;
-  expandtab = true;
-  tabstop = 2;
-  shiftwidth = 2;
-  updatetime = 0;
-  backspace = "indent,eol,start";
-}

modules/home/cli/editor/nvf/snippets.nix

@@ -1,6 +0,0 @@
-{
-  luasnip = {
-    enable = true;
-    setupOpts.enable_autosnippets = true;
-  };
-}

modules/home/cli/editor/nvf/treesitter.nix

@@ -1,7 +0,0 @@
-{
-  autotagHtml = true;
-  fold = true;
-  context.enable = true;
-  indent.disable = [ "markdown" ];
-  textobjects.enable = true;
-}

modules/home/cli/editor/nvf/ui.nix

@@ -1,15 +0,0 @@
-{
-  borders = {
-    enable = true;
-    globalStyle = "double";
-  };
-  breadcrumbs = {
-    enable = true;
-    navbuddy.enable = true;
-  };
-  colorizer.enable = true;
-  illuminate.enable = true;
-  noice.enable = true;
-  nvim-ufo.enable = true;
-  smartcolumn.enable = true;
-}

modules/home/cli/editor/nvf/utility.nix

@@ -1,17 +0,0 @@
-{
-  direnv.enable = true;
-  leetcode-nvim.enable = true;
-  mkdir.enable = true;
-  motion.leap.enable = true;
-  motion.leap.mappings.leapForwardTo = "s";
-  motion.leap.mappings.leapBackwardTo = "S";
-  vim-wakatime.enable = true;
-  yazi-nvim = {
-    enable = true;
-    mappings = {
-      openYazi = "t";
-      openYaziDir = "T";
-    };
-    setupOpts.open_for_directories = true;
-  };
-}

modules/home/cli/fetch/default.nix

@@ -1,31 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (config.cli.fetch == "hyfetch") {
-      home.packages = [ pkgs.fastfetch ];
-      home.sessionVariables.FETCH = "hyfetch";
-      home.shellAliases.fetch = "hyfetch";
-      programs.hyfetch = {
-        enable = true;
-        settings = {
-          preset = "bisexual";
-          mode = "rgb";
-          light_dark = "dark";
-          lightness = 0.5;
-          color_align = {
-            mode = "horizontal";
-            custom_colors = [ ];
-            fore_back = null;
-          };
-          backend = "fastfetch";
-        };
-      };
-
-    })
-  ];
-}

modules/home/cli/file-browser/default.nix

@@ -1,10 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkIf (config.cli.file-browser == "yazi") {
-    home.sessionVariables.FILE_BROWSER = "yazi";
-    programs.yazi = {
-      enable = true;
-      shellWrapperName = "t";
-    };
-  };
-}

modules/home/cli/multiplexer/default.nix

@@ -1,18 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkIf (config.cli.multiplexer == "zellij") {
-    home.sessionVariables.MULTIPLEXER = "zellij";
-    programs.zellij = {
-      enable = true;
-      enableZshIntegration = true;
-      attachExistingSession = true;
-      exitShellOnExit = true;
-      settings = {
-        default_layout = "compact";
-        pane_frames = false;
-        show_startup_tips = false;
-        show_release_notes = false;
-      };
-    };
-  };
-}

modules/home/cli/shell/default.nix

@@ -1,38 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkIf (config.cli.shell == "zsh") {
-    home.sessionVariables.SHELL = "zsh";
-    programs.zsh = {
-      enable = true;
-      enableVteIntegration = true;
-      syntaxHighlighting.enable = true;
-      historySubstringSearch.enable = true;
-      history = {
-        append = true;
-        extended = true;
-        ignoreDups = true;
-        ignoreSpace = true;
-        save = 10000;
-        share = true;
-        size = 10000;
-      };
-    };
-    programs.zsh.initContent = lib.mkIf config.cli.screensaver.enable (
-      lib.mkOrder 1200
-        # zsh
-        ''
-          precmd() {
-            TMOUT=${config.cli.screensaver.timeout}
-          }
-
-          TRAPALRM() {
-            TMOUT=1
-            ${config.cli.screensaver.command}
-            # If we exit, assume the previous command was exited out of
-            TMOUT=${config.cli.screensaver.timeout}
-            zle reset-prompt
-          }
-        ''
-    );
-  };
-}

modules/home/cli/utilities/default.nix

@@ -1,3 +0,0 @@
-{
-  imports = [ ./git.nix ];
-}

modules/home/desktop/browser/firefox/default.nix

@@ -1,12 +0,0 @@
-{ osConfig, lib, ... }:
-{
-  config = lib.mkIf (osConfig.desktop.browser == "firefox") {
-    home.persistence."/persist/home/rafiq".directories = [ ".mozilla/firefox" ];
-    home.sessionVariables.BROWSER = "firefox";
-    programs.firefox = {
-      enable = true;
-      profiles.rafiq.id = 0;
-      profiles.test.id = 1;
-    };
-  };
-}

modules/home/desktop/default.nix

@@ -1,17 +0,0 @@
-{
-  config,
-  lib,
-  osConfig,
-  pkgs,
-  ...
-}:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (osConfig.hardware.gpu == "nvidia") {
-      home.packages = [ pkgs.stable-diffusion-webui.forge.cuda ];
-      home.persistence."/persist/home/${config.snowfallorg.user.name}".directories = [
-        ".local/share/stable-diffusion-webui"
-      ];
-    })
-  ];
-}

modules/home/desktop/lockscreen/default.nix

@@ -1,47 +0,0 @@
-{
-  osConfig,
-  lib,
-  ...
-}:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (osConfig.desktop.lockscreen == "hyprlock") {
-      home.sessionVariables.LOCKSCREEN = "hyprlock";
-      programs.hyprlock = {
-        enable = true;
-        settings = {
-          general.hide_cursor = true;
-          general.ignore_empty_input = true;
-
-          background = {
-            blur_passes = 5;
-            blur_size = 5;
-          };
-
-          label = {
-            text = ''hi, $USER.'';
-            font_size = 32;
-            halign = "center";
-            valign = "center";
-            position = "0, 0";
-            zindex = 1;
-            shadow_passes = 5;
-            shadow_size = 5;
-          };
-
-          input-field = {
-            fade_on_empty = true;
-            size = "200, 45";
-            halign = "center";
-            valign = "center";
-            position = "0, -5%";
-            placeholder_text = "";
-            zindex = 1;
-            shadow_passes = 5;
-            shadow_size = 5;
-          };
-        };
-      };
-    })
-  ];
-}

modules/home/desktop/notification-daemon/default.nix

@@ -1,12 +0,0 @@
-{ osConfig, lib, ... }:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (osConfig.desktop.notification-daemon == "mako") {
-      home.sessionVariables.NOTIFICATION_DAEMON = "mako";
-      services.mako = {
-        enable = true;
-        settings = { };
-      };
-    })
-  ];
-}

modules/home/desktop/terminal/default.nix

@@ -1,23 +0,0 @@
-{
-  osConfig,
-  lib,
-  pkgs,
-  ...
-}:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (osConfig.desktop.terminal == "kitty") {
-      home.packages = with pkgs; [ kitty ];
-      home.sessionVariables.TERMINAL = "kitty";
-    })
-    (lib.mkIf (osConfig.desktop.terminal == "ghostty") {
-      home.sessionVariables.TERMINAL = "ghostty -e";
-      programs.ghostty = {
-        enable = true;
-        settings = {
-          confirm-close-surface = false;
-        };
-      };
-    })
-  ];
-}

modules/home/desktop/windowManager/hyprland/decoration.nix

@@ -1,3 +0,0 @@
-{
-  animation = [ "workspaces, 0" ];
-}

modules/home/desktop/windowManager/hyprland/default.nix

@@ -1,38 +0,0 @@
-{
-  pkgs,
-  lib,
-  osConfig,
-  ...
-}:
-let
-  mainMonitor = osConfig.desktop.mainMonitor;
-in
-{
-  config = lib.mkIf (osConfig.desktop.windowManager == "hyprland") {
-    wayland.windowManager.hyprland = {
-      enable = true;
-      systemd.enable = false;
-      settings = lib.mkMerge [
-        {
-          ecosystem.no_update_news = true;
-
-          monitor = [
-            "${mainMonitor.id}, ${mainMonitor.resolution}@${mainMonitor.refresh-rate}, auto, ${mainMonitor.scale}"
-            ", preferred, auto, 1"
-          ];
-
-          exec-once = [
-            "uwsm app -- $LOCKSCREEN"
-            "uwsm app -- $NOTIFICATION_DAEMON"
-          ];
-        }
-        (import ./decoration.nix)
-        (import ./keybinds.nix { inherit pkgs; })
-      ];
-    };
-    xdg.configFile."uwsm/env".text = # sh
-      ''
-
-      '';
-  };
-}

modules/home/system/default.nix

@@ -1,12 +0,0 @@
-{ config, ... }:
-{
-  home.persistence."/persist/home/${config.snowfallorg.user.name}" = {
-    directories = [
-      ".ssh"
-      ".config/sops/age"
-    ];
-    allowOther = true;
-  };
-
-  home.stateVersion = "24.11";
-}

modules/nixos/cli/default.nix

@@ -1,19 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-{
-  imports = [ ];
-
-  options.cli = { };
-
-  config = lib.mkMerge [
-    {
-      programs.zsh.enable = true;
-      users.defaultUserShell = pkgs.zsh;
-      environment.pathsToLink = [ "/share/zsh" ]; # enables completion
-    }
-  ];
-}

modules/nixos/desktop/default.nix

@@ -1,20 +0,0 @@
-{ lib, ... }:
-{
-  imports = [
-    ./windowManager.nix
-  ];
-
-  options.desktop = {
-    mainMonitor = {
-      id = lib.pantheon.mkStrOption;
-      scale = lib.pantheon.mkStrOption;
-      resolution = lib.pantheon.mkStrOption;
-      refresh-rate = lib.pantheon.mkStrOption;
-    };
-    windowManager = lib.pantheon.mkStrOption;
-    lockscreen = lib.pantheon.mkStrOption;
-    browser = lib.pantheon.mkStrOption;
-    terminal = lib.pantheon.mkStrOption;
-    notification-daemon = lib.pantheon.mkStrOption;
-  };
-}

modules/nixos/desktop/lockscreen/default.nix

@@ -1,8 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (config.desktop.lockscreen == "hyprlock") {
-      security.pam.services.hyprlock = { };
-    })
-  ];
-}

modules/nixos/desktop/windowManager.nix

@@ -1,23 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (config.desktop.windowManager == "hyprland") {
-      environment.loginShellInit = # sh
-        ''
-          if [[ -z "$SSH_CLIENT" && -z "$SSH_CONNECTION" ]]; then
-            if uwsm check may-start; then
-              exec uwsm start hyprland-uwsm.desktop
-            fi
-          fi
-        '';
-      environment.variables = {
-        ELECTRON_OZONE_PLATFORM_HINT = "auto";
-        NIXOS_OZONE_WL = "1";
-      };
-      programs.hyprland = {
-        enable = true;
-        withUWSM = true;
-      };
-    })
-  ];
-}

modules/nixos/hardware/audio.nix

@@ -1,9 +0,0 @@
-{ config, ... }:
-{
-  config = {
-    services.pipewire = {
-      enable = true;
-      pulse.enable = true;
-    };
-  };
-}

modules/nixos/hardware/btrfs.nix

@@ -1,104 +0,0 @@
-{ lib, config, ... }:
-let
-  cfg = config.hardware.drives.btrfs;
-in
-{
-  config = lib.mkIf (cfg.enable) (
-    lib.mkMerge [
-      {
-        boot.initrd.kernelModules = [ "dm-snapshot" ];
-        disko.devices.disk.main = {
-          device = cfg.drive;
-          type = "disk";
-          content.type = "gpt";
-          content.partitions = {
-            boot.name = "boot";
-            boot.size = "1M";
-            boot.type = "EF02";
-            esp.name = "ESP";
-            esp.size = "500M";
-            esp.type = "EF00";
-            esp.content = {
-              type = "filesystem";
-              format = "vfat";
-              mountpoint = "/boot";
-            };
-            swap.size = "4G";
-            swap.content = {
-              type = "swap";
-              resumeDevice = true;
-            };
-            root.name = "root";
-            root.size = "100%";
-            root.content = {
-              type = "lvm_pv";
-              vg = "root_vg";
-            };
-          };
-        };
-
-        disko.devices.lvm_vg.root_vg = {
-          type = "lvm_vg";
-          lvs.root.size = "100%FREE";
-          lvs.root.content.type = "btrfs";
-          lvs.root.content.extraArgs = [ "-f" ];
-          lvs.root.content.subvolumes = {
-            "/root".mountpoint = "/";
-            "/persist".mountpoint = "/persist";
-            "/persist".mountOptions = [
-              "subvol=persist"
-              "noatime"
-            ];
-            "/nix".mountpoint = "/nix";
-            "/nix".mountOptions = [
-              "subvol=nix"
-              "noatime"
-            ];
-          };
-        };
-      }
-      (lib.mkIf (cfg.ephemeralRoot) {
-        boot.initrd.postDeviceCommands = lib.mkAfter ''
-          	    mkdir /btrfs_tmp
-          	    mount /dev/root_vg/root /btrfs_tmp
-          	    if [[ -e /btrfs_tmp/root ]]; then
-          		mkdir -p /btrfs_tmp/old_roots
-          		timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
-          		mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
-          	    fi
-
-          	    delete_subvolume_recursively() {
-          		IFS=$'\n'
-          		for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
-          		    delete_subvolume_recursively "/btrfs_tmp/$i"
-          		done
-          		btrfs subvolume delete "$1"
-          	    }
-
-          	    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
-          		delete_subvolume_recursively "$i"
-          	    done
-
-          	    btrfs subvolume create /btrfs_tmp/root
-          	    umount /btrfs_tmp
-          	  '';
-        programs.fuse.userAllowOther = true;
-        fileSystems."/persist".neededForBoot = true;
-        environment.persistence."/persist" = {
-          hideMounts = true;
-          directories = [
-            "/var/lib/systemd"
-            "/var/lib/nixos"
-          ];
-          files = [
-            "/etc/ssh/ssh_host_ed25519_key"
-            "/etc/ssh/ssh_host_ed25519_key.pub"
-            "/etc/ssh/ssh_host_rsa_key"
-            "/etc/ssh/ssh_host_rsa_key.pub"
-            "/etc/machine-id"
-          ];
-        };
-      })
-    ]
-  );
-}

modules/nixos/hardware/cpu.nix

@@ -1,9 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkMerge [
-    (lib.mkIf (config.hardware.platform == "amd") {
-      hardware.cpu.amd.updateMicrocode = true;
-      boot.kernelModules = [ "kvm-amd" ];
-    })
-  ];
-}

modules/nixos/hardware/default.nix

@@ -1,28 +0,0 @@
-{ lib, ... }:
-{
-  imports = [
-    ./btrfs.nix
-    ./nvidia.nix
-    ./audio.nix
-    ./cpu.nix
-    ./networking.nix
-  ];
-
-  options.hardware = {
-    drives.btrfs = {
-      enable = lib.mkEnableOption "";
-      drive = lib.pantheon.mkStrOption;
-      ephemeralRoot = lib.mkEnableOption "";
-    };
-    gpu = lib.pantheon.mkStrOption;
-    platform = lib.pantheon.mkStrOption;
-  };
-
-  config = {
-    services.fwupd.enable = true;
-    hardware.bluetooth = {
-      enable = true;
-      settings.General.Experimental = true;
-    };
-  };
-}

modules/nixos/hardware/networking.nix

@@ -1,23 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkMerge [
-    {
-      networking.useDHCP = lib.mkDefault true;
-      networking.hostName = config.system.hostname;
-      networking.networkmanager.enable = true;
-
-      services.openssh = {
-        enable = true;
-        settings = {
-          PrintMotd = true;
-        };
-      };
-
-      services.tailscale = {
-        enable = true;
-        authKeyFile = config.sops.secrets."keys/tailscale".path;
-      };
-      environment.persistence."/persist".files = [ "/var/lib/tailscale/tailscaled.state" ];
-    }
-  ];
-}

modules/nixos/hardware/nvidia.nix

@@ -1,28 +0,0 @@
-{
-  lib,
-  config,
-  pkgs,
-  ...
-}:
-{
-  config = lib.mkIf (config.hardware.gpu == "nvidia") {
-    hardware.graphics.enable = true;
-    hardware.graphics.extraPackages = with pkgs; [
-      nvidia-vaapi-driver
-    ];
-    services.xserver.videoDrivers = [ "nvidia" ];
-    hardware.nvidia.open = true;
-    hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.latest;
-    nixpkgs.config.allowUnfree = true;
-    environment.variables = {
-      LIBVA_DRIVER_NAME = "nvidia";
-      __GLX_VENDOR_LIBRARY_NAME = "nvidia";
-      NVD_BACKEND = "direct";
-    };
-
-    nix.settings.substituters = [ "cuda-maintainers.cachix.org" ];
-    nix.settings.trusted-public-keys = [
-      "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
-    ];
-  };
-}

modules/nixos/system/boot.nix

@@ -1,19 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkMerge [
-    {
-      boot.initrd.availableKernelModules = [
-        "nvme"
-        "xhci_pci"
-        "ahci"
-        "usbhid"
-        "usb_storage"
-        "sd_mod"
-      ];
-      boot.loader.efi.canTouchEfiVariables = true;
-    }
-    (lib.mkIf (config.system.bootloader == "systemd-boot") {
-      boot.loader.systemd-boot.enable = true;
-    })
-  ];
-}

modules/nixos/system/default.nix

@@ -1,21 +0,0 @@
-{ config, lib, ... }:
-{
-  imports = [
-    ./boot.nix
-    ./users.nix
-    ./localisation.nix
-    ./nix-config.nix
-    ./secrets.nix
-  ];
-
-  options.system = {
-    hostname = lib.pantheon.mkStrOption;
-    mainUser.name = lib.pantheon.mkStrOption;
-    mainUser.publicKey = lib.pantheon.mkStrOption;
-    bootloader = lib.pantheon.mkStrOption;
-  };
-
-  config = {
-    system.stateVersion = "25.05"; # Did you read the comment?
-  };
-}

modules/nixos/system/localisation.nix

@@ -1,9 +0,0 @@
-{ config, lib, ... }:
-{
-  config = lib.mkMerge [
-    {
-      time.timeZone = "Asia/Singapore";
-      i18n.defaultLocale = "en_US.UTF-8";
-    }
-  ];
-}

modules/nixos/system/nix-config.nix

@@ -1,17 +0,0 @@
-{ config, inputs, ... }:
-{
-  config = {
-    nixpkgs.config.allowUnfree = true;
-      nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
-
-    nix.settings = {
-      experimental-features = [
-        "nix-command"
-        "flakes"
-        "pipe-operators"
-      ];
-
-      trusted-users = [ "@wheel" ];
-    };
-  };
-}

modules/nixos/system/secrets.nix

@@ -1,20 +0,0 @@
-{ lib, config, ... }:
-{
-  sops = {
-    defaultSopsFile = lib.snowfall.fs.get-file "secrets/secrets.yaml";
-    age.sshKeyPaths = [ "/persist/home/rafiq/.ssh/id_ed25519" ];
-    secrets = {
-      "keys/tailscale" = { };
-      "keys/gemini" = { };
-      "keys/cvt-jira" = { };
-      "misc/cvt-jira-link" = { };
-      "rafiq/hashedPassword".neededForUsers = true;
-    };
-  };
-  environment.shellInit = # sh
-    ''
-      export GEMINI_API_KEY=$(sudo cat ${config.sops.secrets."keys/gemini".path})
-      export CVT_JIRA_KEY=$(sudo cat ${config.sops.secrets."keys/cvt-jira".path})
-      export CVT_JIRA_LINK=$(sudo cat ${config.sops.secrets."misc/cvt-jira-link".path})
-    '';
-}

modules/nixos/system/users.nix

@@ -1,26 +0,0 @@
-{
-  config,
-  lib,
-  ...
-}:
-{
-  config = lib.mkMerge [
-    {
-      users.mutableUsers = false;
-      users.groups.users = {
-        gid = 100;
-        members = [ "${config.system.mainUser.name}" ];
-      };
-      users.users."${config.system.mainUser.name}" = {
-        linger = true;
-        uid = 1000;
-        isNormalUser = true;
-        hashedPasswordFile = config.sops.secrets."${config.system.mainUser.name}/hashedPassword".path;
-        extraGroups = [ "wheel" ];
-        openssh.authorizedKeys.keys = [ config.system.mainUser.publicKey ];
-      };
-      services.getty.autologinUser = config.system.mainUser.name;
-      security.sudo.wheelNeedsPassword = false;
-    }
-  ];
-}

nix/configurations.nix

@@ -0,0 +1,62 @@
+{
+  config,
+  lib,
+  inputs,
+  ...
+}:
+let
+  inherit (lib) nixosSystem;
+  inherit (inputs.nix-darwin.lib) darwinSystem;
+  inherit (lib.lists) optional;
+  inherit (lib.attrsets) mapAttrs;
+  inherit (cfg.lib.modules) forAllUsers';
+  inherit (config.manifest) hosts;
+  cfg = config.flake;
+  globalCfg = hostName: hostConfig: {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    extraSpecialArgs = { inherit hostName hostConfig; };
+    sharedModules = [ cfg.modules.homeManager.default ];
+    users = forAllUsers' (name: _: cfg.modules.homeManager.${name});
+  };
+  mkConfigurations =
+    class: hosts:
+    mapAttrs (
+      name: value:
+      if class == "nixos" then
+        nixosSystem {
+          specialArgs = {
+            inherit (config.flake) self;
+            hostName = name;
+            hostConfig = value;
+          };
+          modules = [
+            cfg.modules.nixos.default
+            inputs.home-manager.nixosModules.home-manager
+            { home-manager = globalCfg name value; }
+            (value.extraCfg or { })
+          ] ++ optional value.graphical cfg.modules.nixos.graphical;
+        }
+      else if class == "darwin" then
+        darwinSystem {
+          specialArgs = {
+            inherit (config.flake) self;
+            hostName = name;
+            hostConfig = value;
+          };
+          modules = [
+            cfg.modules.darwin.default
+            inputs.home-manager.darwinModules.home-manager
+            { home-manager = globalCfg name value; }
+            (value.extraCfg or { })
+          ] ++ optional value.graphical cfg.modules.darwin.graphical;
+        }
+      else
+        { }
+    ) hosts;
+in
+{
+  imports = [ inputs.home-manager.flakeModules.home-manager ];
+  flake.nixosConfigurations = mkConfigurations "nixos" hosts.nixos;
+  flake.darwinConfigurations = mkConfigurations "darwin" hosts.darwin;
+}

nix/files/cheatsheet.nix

@@ -0,0 +1,18 @@
+{ lib, config, ... }:
+let
+  inherit (builtins) concatStringsSep;
+  inherit (lib.lists) singleton;
+in
+{
+  text.cheatsheet = concatStringsSep "\n" [
+    "`__curPos.file` will give the full evaluated path of the nix file it is called in. See [this issue](https://github.com/NixOS/nix/issues/5897#issuecomment-1012165198) for more information."
+  ];
+  perSystem =
+    { pkgs, ... }:
+    {
+      files.files = singleton {
+        path_ = "docs/cheatsheet.md";
+        drv = pkgs.writeText "cheatsheet.md" config.text.cheatsheet;
+      };
+    };
+}

nix/files/gitignore.nix

@@ -0,0 +1,13 @@
+{ config, ... }:
+{
+  perSystem =
+    { pkgs, ... }:
+    {
+      files.files = [
+        {
+          path_ = ".gitignore";
+          drv = pkgs.writeText ".gitignore" config.text.gitignore;
+        }
+      ];
+    };
+}

nix/files/readme.nix

@@ -0,0 +1,54 @@
+{ config, ... }:
+{
+  text.readme = {
+    heading = "Pantheon";
+    description = # markdown
+      ''
+        This flake serves as a monorepo for my systems (using IaC), dotfiles, and scripts.
+        It's hosted at https://git.rrv.sh/rrvsh/pantheon, and mirrored to https://github.com/rrvsh/pantheon.
+      '';
+    order = [
+      "Structure"
+      "Acknowledgements"
+    ];
+    parts."Acknowledgements" = # markdown
+      ''
+        Thanks to the following for inspiring this configuration. I highly recommend you look through their writings and configurations.
+        - [ornicar](https://github.com/ornicar/dotfiles) which is where I first heard of NixOS
+        - [No Boilerplate](https://www.youtube.com/watch?v=CwfKlX3rA6E&pp=0gcJCfwAo7VqN5tD) for making me finally try the OS
+        - [ryan4yin](https://nixos-and-flakes.thiscute.world/) for being an amazing introduction to NixOS, home-manager, and flakes
+        - [NotAShelf](https://github.com/NotAShelf/) for their blog and for the wonderful [NVF](https://github.com/notashelf/nvf)
+        - [mightyiam](https://github.com/mightyiam/infra) for their infrastructure repo using flake-parts
+        - [drupol](https://not-a-number.io/2025/refactoring-my-infrastructure-as-code-configurations/) for this blog post which convinced me to rebase my infra to use flake-parts
+      '';
+    parts."Structure" = # markdown
+      ''
+        The system configurations are defined in [`flake.manifest`](nix/manifest.nix).
+        `manifest.owner` provides the attributes for the administrator user, including username and pubkey.
+        `manifest.hosts` provides the specifications for the system configurations that should be exposed by the flake as nixosConfigurations.
+        `flake.modules.nixos.*` provide NixOS options and configurations.
+        The attribute `flake.modules.nixos.default` provides options that will be applied to every system of that class.
+        You can use it as seen [here](nix/modules/flake/home-manager.nix):
+
+        ```nix
+        flake.modules.nixos.default.imports = [ inputs.home-manager.nixosModules.default ];
+        ```
+
+        The other attributes under `flake.modules.nixos` should be opt-in, i.e. provide options that will be set in the profiles.
+        `flake.profiles.nixos` provides profiles which use the options defined in `flake.modules.nixos` to define different roles for each system, such as graphical, laptop, headless, etc.
+        Options should not be defined here.
+        `flake.contracts.nixos.*` will provide contracts, such as reverse proxies or databases, which will configure options on the provider and receiver host.
+      '';
+  };
+
+  perSystem =
+    { pkgs, ... }:
+    {
+      files.files = [
+        {
+          path_ = "docs/README.md";
+          drv = pkgs.writeText "README.md" config.text.readme;
+        }
+      ];
+    };
+}

nix/flake-parts/files.nix

@@ -0,0 +1,28 @@
+{
+  inputs,
+  withSystem,
+  lib,
+  config,
+  ...
+}:
+let
+  inherit (builtins) map head;
+  inherit (lib.lists) concatStringsSep;
+  mkListEntry = x: "- [" + x.path_ + "](" + x.path_ + ")";
+  listOfGeneratedFiles = withSystem (head config.systems) (psArgs: psArgs.config.files.files);
+in
+{
+  imports = [ inputs.files.flakeModules.default ];
+  perSystem = psArgs: {
+    make-shells.default.packages = [ psArgs.config.files.writer.drv ];
+  };
+  text.readme.parts."Generated Files" = concatStringsSep "\n" (
+    [
+      "This flake uses the [files flake-parts module](https://flake.parts/options/files.html) to generate documentation."
+
+      "The list of generated files are:"
+
+    ]
+    ++ (map mkListEntry listOfGeneratedFiles)
+  );
+}

nix/flake-parts/flake-parts.nix

@@ -0,0 +1,10 @@
+{ inputs, ... }:
+{
+  debug = true;
+  imports = [
+    inputs.make-shell.flakeModules.default
+    inputs.manifest.flakeModules.default
+    inputs.flake-parts.flakeModules.modules
+    inputs.text.flakeModules.default
+  ];
+}

nix/flake-parts/git-hooks.nix

@@ -0,0 +1,24 @@
+{ inputs, ... }:
+{
+  imports = [ inputs.git-hooks.flakeModule ];
+  text.gitignore = ".pre-commit-config.*";
+  perSystem = psArgs: {
+    pre-commit.settings.hooks = {
+      # Nix Linters
+      deadnix.enable = true;
+      statix.enable = true;
+      nil.enable = true;
+      nixfmt-rfc-style.enable = true;
+      # Flake Health Checks
+      flake-checker.enable = true;
+      # Misc
+      mixed-line-endings.enable = true;
+      trim-trailing-whitespace.enable = true;
+      #TODO: figure out vale
+      #TODO: make nix develop work
+      #TODO: add nix flake check
+      #TODO: add write-files
+    };
+    make-shells.default.shellHook = psArgs.config.pre-commit.installationScript;
+  };
+}

nix/homes/rafiq/_nvf/autocomplete.nix

@@ -3,34 +3,23 @@
   blink-cmp = {
     enable = true;
     friendly-snippets.enable = true;
-    mappings = {
-      next = "<Down>"; # FIXME: results in the menu appearing when navigating
-      previous = "<Up>";
-    };
-    sourcePlugins = {
-      emoji.enable = true;
-      ripgrep.enable = true;
-      spell.enable = true;
-    };
+    sourcePlugins.ripgrep.enable = true;
     setupOpts = {
-      completion.documentation.auto_show_delay_ms = 0;
-      signature.enabled = true;
+      # Disable completion in markdown files
+      # TODO: Disable completion when in comments
       enabled =
         lib.generators.mkLuaInline
           # lua
           ''
-            --- Disable completion for markdown
             function()
               return not vim.tbl_contains({"markdown"}, vim.bo.filetype)
                 and vim.bo.buftype ~= "prompt"
                 and vim.b.completion ~= false
             end
           '';
-      cmdline = {
-        enabled = true;
-        sources = null;
-        completion.menu.auto_show = false;
-      };
+      completion.documentation.auto_show_delay_ms = 0;
+      # Show e.g. function parameters
+      signature.enabled = true;
     };
   };
 }

nix/homes/rafiq/_nvf/binds.nix

@@ -0,0 +1,3 @@
+{
+  whichKey.enable = true;
+}

nix/homes/rafiq/_nvf/languages.nix

@@ -4,22 +4,30 @@
   enableTreesitter = true;
   bash.enable = true;
   clang.enable = true;
-  csharp.enable = true;
+  # broken on macos
+  # csharp.enable = true;
   css.enable = true;
   go.enable = true;
   html.enable = true;
   lua.enable = true;
-  markdown.enable = true;
-  markdown.extensions.markview-nvim.enable = true;
+  markdown = {
+    enable = true;
+    extensions.markview-nvim.enable = true;
+    format.type = "prettierd";
+  };
   nix = {
     enable = true;
     format.type = "nixfmt";
     lsp.server = "nil";
   };
-  python.enable = true;
-  python.lsp.server = "python-lsp-server";
+  python = {
+    enable = true;
+    format.type = "ruff";
+    lsp.server = "pyright";
+  };
   rust.enable = true;
   rust.crates.enable = true;
+  tailwind.enable = true;
   ts.enable = true;
   ts.extensions.ts-error-translator.enable = true;
   typst.enable = true;

nix/homes/rafiq/_nvf/lsp.nix

@@ -0,0 +1,17 @@
+{
+  enable = true;
+  # Show virtual text hints
+  inlayHints.enable = true;
+  lightbulb.enable = true;
+  # Show icons for lsp actions
+  lspkind.enable = true;
+  null-ls.enable = true;
+  otter-nvim = {
+    enable = true;
+    setupOpts = {
+      buffers.set_filetype = true;
+      buffers.write_to_disk = true;
+      handle_leading_whitespace = true;
+    };
+  };
+}

nix/homes/rafiq/_nvf/navigation.nix

@@ -0,0 +1,9 @@
+{
+  harpoon = {
+    enable = true;
+    mappings.listMarks = "<leader>ml";
+    mappings.markFile = "<leader>mm";
+    setupOpts.defaults.save_on_toggle = true;
+    setupOpts.defaults.sync_on_ui_close = true;
+  };
+}

nix/homes/rafiq/_nvf/snippets.nix

@@ -0,0 +1,28 @@
+{ pkgs }:
+{
+  luasnip = {
+    enable = true;
+    setupOpts.enable_autosnippets = true;
+    providers = with pkgs.vimPlugins; [ vim-snippets ];
+    loaders = "require('luasnip.loaders.from_vscode').lazy_load()";
+    customSnippets.snipmate = {
+      nix = [
+        {
+          trigger = "mod";
+          description = "empty module";
+          body = # nix
+            ''
+              {config, lib, ...}:
+              let
+                cfg = config.$1;
+              in
+              {
+                options.$1 = { $2 };
+                config = $3;
+              }
+            '';
+        }
+      ];
+    };
+  };
+}

nix/homes/rafiq/_nvf/statusline.nix

@@ -0,0 +1,10 @@
+{
+  lualine = {
+    enable = true;
+    refresh = {
+      statusline = 10;
+      winbar = 10;
+    };
+    #TODO: rice lualine
+  };
+}

nix/homes/rafiq/_nvf/ui.nix

@@ -0,0 +1,16 @@
+{
+  borders = {
+    enable = true;
+    globalStyle = "rounded";
+  };
+  breadcrumbs.enable = true;
+  # Show color values e.g. #ffffff
+  colorizer.enable = true;
+  # Highlight matching symbols
+  illuminate.enable = true;
+  noice.enable = true;
+  noice.setupOpts.notify.enabled = false;
+  # Make folds look nicer
+  nvim-ufo.enable = true;
+  smartcolumn.enable = true;
+}

nix/homes/rafiq/_nvf/utility.nix

@@ -0,0 +1,11 @@
+{
+  motion.hop.enable = true;
+  yazi-nvim = {
+    enable = true;
+    mappings = {
+      openYazi = "<leader>tt";
+      openYaziDir = "<leader>TT";
+    };
+    setupOpts.open_for_directories = true;
+  };
+}

nix/homes/rafiq/_nvf/visuals.nix

@@ -1,8 +1,7 @@
 {
   indent-blankline.enable = true;
   fidget-nvim.enable = true;
-  # fidget-nvim.setupOpts.notification.override_vim_notify = true;
-  nvim-cursorline.enable = true;
+  fidget-nvim.setupOpts.notification.override_vim_notify = true;
   nvim-web-devicons.enable = true;
   rainbow-delimiters.enable = true;
 }

nix/homes/rafiq/_scripts/commit.nix

@@ -0,0 +1,71 @@
+{ pkgs, ... }:
+pkgs.writeShellScriptBin "commit" # bash
+  ''
+    if git diff-index --quiet HEAD --; then exit 0; fi
+
+    PROMPT="Please generate a commit message for this diff."
+    GUIDELINES="1. Use conventional commit syntax, following the context. 2. Cap the commit message at 80 characters, preferably less. You must not go beyond this limit. 3. Do not include backticks. Only generate the raw text. 4. Be as succint as possible. Each commit should be atomic. You may throw a warning if it is not."
+    NUM_ANCESTORS=0
+    PUSH=false
+
+    # Parse arguments
+    while [[ $# -gt 0 ]]; do
+      case "$1" in
+        --num-ancestors | -n)
+          NUM_ANCESTORS="$2"
+          shift 2
+          ;;
+        --push | -u)
+          PUSH=true
+          shift
+          ;;
+        *)
+          echo "Unrecognised argument: $1. Exiting..."
+          exit 1
+          ;;
+      esac
+    done
+
+    # Get context and diff
+    CONTEXT=$(git --no-pager log -n 10)
+    DIFF=$(git --no-pager diff HEAD~$NUM_ANCESTORS)
+
+    # Generate initial response
+    RESPONSE=$(aichat "$PROMPT\nGuidelines: $GUIDELINES\nContext from git log:\n$CONTEXT\nDiff from git diff HEAD:\n$DIFF")
+
+    while true; do
+      echo "$RESPONSE"
+      echo
+      echo "Choose an action:"
+      read -p "Options: [y]es, [r]eroll, [e]dit, [q]uit? " -n 1 -r choice
+      echo
+
+      case "$choice" in
+        y | yes)
+          git commit -am "$RESPONSE"
+          echo "Committed successfully."
+          if $PUSH; then
+            git push
+            echo "Pushed successfully."
+          fi
+          exit 0
+          ;;
+        r | reroll)
+          RESPONSE=$(aichat "$PROMPT\nGuidelines: $GUIDELINES\nContext from git log:\n$CONTEXT\nDiff from git diff HEAD:\n$DIFF")
+          ;;
+        e | edit)
+          echo "$RESPONSE" > /tmp/commit_msg.txt
+          "$EDITOR" /tmp/commit_msg.txt
+          RESPONSE=$(cat /tmp/commit_msg.txt)
+          rm /tmp/commit_msg.txt
+          ;;
+        q | quit | "")
+          echo "Aborted."
+          exit 1
+          ;;
+        *)
+          echo "Invalid choice. Please choose again."
+          ;;
+      esac
+    done
+  ''

nix/homes/rafiq/_scripts/note.nix

@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+pkgs.writeShellScriptBin "note" # bash
+  ''
+    zk edit -i
+    pushd ~/notebook > /dev/null
+    git add .
+    commit -u
+    popd > /dev/null
+  ''

nix/homes/rafiq/_scripts/rebuild.nix

@@ -0,0 +1,148 @@
+{ pkgs }:
+let
+  inherit (pkgs.lib) getExe;
+in
+pkgs.writeShellScriptBin "rebuild" # sh
+  ''
+    QUICK=false
+    NO_GENERATION_CHECK=false
+    TEST_SHELL=false
+    REMOTE_HOSTS=()
+    REBUILDING_ALL=false
+    # ANSI color codes
+    GREEN='\033[0;32m'
+    ORANGE='\033[0;33m'
+    RED='\033[0;31m'
+    NC='\033[0m'
+
+    info() {
+      timestamp=$(date "+%Y-%m-%d %H:%M:%S")
+      echo -e "''${GREEN}''${timestamp} INFO: $1''${NC}"
+    }
+
+    warn() {
+      timestamp=$(date "+%Y-%m-%d %H:%M:%S")
+      echo -e "''${ORANGE}''${timestamp} WARN: $1''${NC}"
+    }
+
+    err() {
+      timestamp=$(date "+%Y-%m-%d %H:%M:%S")
+      echo -e "''${RED}''${timestamp} ERROR: $1''${NC}"
+    }
+
+    prompt() {
+      local PROMPT="$1"
+      shift
+      read -p "$PROMPT? (y/n) [n]: " -n 1 -r REPLY
+      echo
+      if [[ "$REPLY" =~ ^[Yy]$ ]]; then
+          "$*"
+      else
+          info "$PROMPT aborted."
+      fi
+    }
+
+    spawn_test_shell() {
+      info "Spawning test shell on $1..."
+      (export PS1="Test shell> "
+      exec ${pkgs.bash}/bin/bash ssh "$1") || {
+        ${pkgs.cowsay}/bin/cowsay "You aborted."
+        exit 1
+      }
+    }
+
+    rebuild_remote() {
+      local args=(".#nixosConfigurations.$1" "--target-host" "$1")
+      local CURRENT_GENERATION=$(ssh "$1" readlink /nix/var/nix/profiles/system | cut -d- -f2)
+
+      if "$TEST_SHELL"; then
+        info "Testing $1..."
+        ${getExe pkgs.nh} os test "''${args[@]}" || exit 1
+        git diff HEAD --color=always --stat --patch
+        spawn_test_shell "$1"
+        info "Rebuilding $1..."
+        ${getExe pkgs.nh} os boot "''${args[@]}" || exit 1
+      else
+        info "Rebuilding $1 on $HOSTNAME..."
+        ${getExe pkgs.nh} os switch "''${args[@]}" || exit 1
+      fi
+
+      if ! "$NO_GENERATION_CHECK"; then
+        local NEW_GENERATION=$(ssh "$1" readlink /nix/var/nix/profiles/system | cut -d- -f2)
+        info "$1 - New generation is $NEW_GENERATION. Current is $CURRENT_GENERATION."
+        if [ ! $NEW_GENERATION -gt $CURRENT_GENERATION ]; then
+          warn "New config was not added to bootloader."
+        fi
+      fi
+    }
+
+    info "Starting rebuild script."
+
+    if [ ! -f "flake.nix" ]; then
+      err "flake.nix not found in the current directory. Exiting."
+      exit 1  # Indicate an error
+    fi
+
+    while [[ $# -gt 0 ]]; do
+      case "$1" in
+        --quick | -q)
+          QUICK=true
+          shift
+          ;;
+        --no-generation-check | -n)
+          NO_GENERATION_CHECK=true
+          shift
+          ;;
+        --test-shell | -t)
+          TEST_SHELL=true
+          shift
+          ;;
+        --all | -a)
+          reachable_hosts=()
+          hostnames=$(nix flake show --all-systems --json | , jq -r '.nixosConfigurations | keys | .[]')
+          for host in ''${hostnames[@]}; do
+            info "Checking if $host is reachable..."
+            if ping -c 1 -W 1 "$host" > /dev/null 2>&1 ; then
+              info "$host is reachable."
+              reachable_hosts+=("$host")
+            else
+              warn "$host is unreachable."
+            fi
+          done
+          REMOTE_HOSTS=(''${reachable_hosts[@]})
+          REBUILDING_ALL=true
+          shift
+          ;;
+        *)
+          if [ !REBUILDING_ALL ]; then
+            if ping -c 1 -W 1 "$1" > /dev/null 2>&1 ; then
+              REMOTE_HOSTS+=("$1")
+            else
+              err "$1 is unreachable. Exiting."
+              exit 1
+            fi
+          fi
+          shift
+          ;;
+      esac
+    done
+
+    if [ ''${#REMOTE_HOSTS[@]} == 0 ]; then
+      info "No hostnames provided."
+      REMOTE_HOSTS=("$HOSTNAME")
+    fi
+
+    git add .
+
+    for host in "''${REMOTE_HOSTS[@]}"; do
+      rebuild_remote $host
+    done
+
+    if ! "$QUICK"; then
+      prompt "Commit changes" commit
+      prompt "Reboot system" sudo systemctl reboot
+    fi
+
+    info "Rebuild script completed successfully."
+    exit 0
+  ''

nix/homes/rafiq/darwin.nix

@@ -0,0 +1,21 @@
+{ lib, ... }:
+let
+  inherit (lib.modules) mkIf;
+in
+{
+  flake.modules.homeManager.rafiq =
+    {
+      pkgs,
+      config,
+      hostName,
+      hostConfig,
+      ...
+    }:
+    mkIf (pkgs.system == "aarch64-darwin" || pkgs.system == "x86_64-darwin") {
+      home.file."Library/Application Support/aichat/config.yaml".text = ''
+        model: gemini:gemini-2.0-flash
+        clients:
+        - type: gemini
+      '';
+    };
+}

nix/homes/rafiq/default.nix

@@ -0,0 +1,146 @@
+{ lib, inputs, ... }:
+let
+  inherit (lib.strings) concatStrings;
+in
+{
+  flake.modules.homeManager.rafiq =
+    { pkgs, ... }:
+    {
+      imports = [
+        inputs.nvf.homeManagerModules.default
+        inputs.nix-index-database.hmModules.nix-index
+      ];
+      persistDirs = [
+        ".local/share/zoxide"
+        "notebook"
+      ];
+      xdg.configFile."aichat/config.yaml".text = ''
+        model: gemini:gemini-2.0-flash
+        clients:
+        - type: gemini
+      '';
+      home = {
+        sessionVariables = {
+          EDITOR = "nvim";
+          FETCH = "hyfetch";
+          FILE_BROWSER = "yazi";
+          SHELL = "fish";
+        };
+        shellAliases = {
+          fetch = "hyfetch";
+          windows = "sudo systemctl reboot --boot-loader-entry=auto-windows";
+          v = "$EDITOR";
+          e = "edit";
+          cd = "z"; # zoxide
+          ai = "aichat -r %shell% -e";
+        };
+        packages = with pkgs; [
+          fastfetch
+          ripgrep
+          aichat
+          (import ./_scripts/edit.nix { inherit pkgs; })
+          (import ./_scripts/commit.nix { inherit pkgs; })
+          (import ./_scripts/note.nix { inherit pkgs; })
+          (import ./_scripts/rebuild.nix { inherit pkgs; })
+        ];
+      };
+      programs = {
+        mise.enable = true;
+        nvf.enable = true;
+        nvf.settings.vim = {
+          syntaxHighlighting = true;
+          hideSearchHighlight = true;
+          searchCase = "ignore";
+          undoFile.enable = true;
+          telescope.enable = true;
+          fzf-lua.enable = true;
+          git.enable = true;
+          autopairs.nvim-autopairs.enable = true;
+          autocomplete = import ./_nvf/autocomplete.nix { inherit lib; };
+          binds = import ./_nvf/binds.nix;
+          languages = import ./_nvf/languages.nix;
+          lsp = import ./_nvf/lsp.nix;
+          navigation = import ./_nvf/navigation.nix;
+          notes.todo-comments.enable = true;
+          options = {
+            autoindent = true;
+            backspace = "indent,eol,start";
+            cursorline = true;
+            expandtab = true;
+            shiftwidth = 2;
+            smartindent = true;
+            tabstop = 2;
+          };
+          snippets = import ./_nvf/snippets.nix { inherit pkgs; };
+          statusline = import ./_nvf/statusline.nix;
+          treesitter = {
+            autotagHtml = true;
+            fold = true;
+            indent.disable = [ "markdown" ];
+            textobjects.enable = true;
+          };
+          ui = import ./_nvf/ui.nix;
+          utility = import ./_nvf/utility.nix;
+          visuals = import ./_nvf/visuals.nix;
+        };
+        zk = {
+          enable = true;
+          settings.notebook.dir = "~/notebook";
+        };
+        hyfetch = {
+          enable = true;
+          settings = {
+            preset = "bisexual";
+            mode = "rgb";
+            light_dark = "dark";
+            lightness = 0.5;
+            color_align = {
+              # Flag color alignment
+              mode = "horizontal";
+              fore_back = null;
+            };
+            backend = "fastfetch";
+          };
+        };
+
+        tealdeer.enable = true;
+        tealdeer.enableAutoUpdates = true;
+        direnv = {
+          enable = true;
+          nix-direnv.enable = true;
+        };
+        zoxide.enable = true;
+        nix-index.enable = true;
+        nix-index-database.comma.enable = true;
+        fzf.enable = true;
+        fzf.enableZshIntegration = true;
+        yazi = {
+          enable = true;
+          shellWrapperName = "t";
+          settings.mgr.sort_by = "natural";
+        };
+        fish.enable = true;
+        starship = {
+          enable = true;
+          settings = {
+            add_newline = false;
+            format = concatStrings [
+              # First Line
+              ## Left Prompt
+              "$hostname$directory"
+              "$fill"
+              ## Right Prompt
+              "$all"
+              # Second Line
+              ## Left Prompt
+              "$character"
+            ];
+            git_branch.format = "[$symbol$branch(:$remote_branch)]($style) ";
+            shlvl.disabled = false;
+            username.disabled = true;
+            fill.symbol = " ";
+          };
+        };
+      };
+    };
+}

nix/homes/rafiq/desktop/_hyprland/decoration.nix

@@ -0,0 +1,14 @@
+{
+  animation = [ "workspaces, 1, 1, default" ];
+  general = {
+    border_size = 2;
+    gaps_in = 0;
+    gaps_out = 0;
+    resize_on_border = true;
+  };
+  decoration = {
+    rounding = 10;
+    rounding_power = 2;
+    inactive_opacity = 0.9;
+  };
+}

nix/homes/rafiq/desktop/_hyprland/keybinds.nix

@@ -6,10 +6,12 @@
     "$hypr, Q, exec, uwsm stop"
     "SUPER, W, killactive"
 
-    "SUPER, return, exec, uwsm app -- $TERMINAL $MULTIPLEXER"
+    "SUPER, return, exec, uwsm app -- $TERMINAL"
     "SUPER, O, exec, uwsm app -- $BROWSER"
     "SUPER, Escape, exec, uwsm app -- $LOCKSCREEN"
+    #TODO:add file browser
 
+    #TODO: make it directional
     "SUPER, H, cyclenext, visible"
     "SUPER, L, cyclenext, visible prev"
     "SUPER_ALT, H, movewindow, l"
@@ -24,15 +26,31 @@
     "SUPER_CTRL, L, workspace, r+1"
     "$hypr, H, movetoworkspace, r-1"
     "$hypr, L, movetoworkspace, r+1"
+
+    "$hypr, V, togglefloating"
+  ];
+
+  bindr = [
+    # Activates on SUPER without any other modifier
+    "SUPER, Super_L, exec, uwsm app -- $($LAUNCHER --launch-prefix=\"uwsm app -- \")"
   ];
 
   bindle = [
-    "SUPER, 6, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%-"
+    "SUPER, 6, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%-"
     "SUPER, 7, exec, ${pkgs.playerctl}/bin/playerctl previous"
-    "SUPER, 8, exec, ${pkgs.playerctl}/bin/playerctl play-pause"
+    "SUPER, 8, exec, ${pkgs.playerctl}/bin/playerctl -a play-pause"
     "SUPER, 9, exec, ${pkgs.playerctl}/bin/playerctl next"
-    "SUPER, 0, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
-    "$meh, mouse_up, resizeactive, 10% 10%"
-    "$meh, mouse_down, resizeactive, -10% -10%"
+    "SUPER, 0, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
+
+    "ALT, mouse_up, resizeactive, 10% 10%"
+    "ALT, mouse_down, resizeactive, -10% -10%"
+  ];
+
+  bindm = [
+    "ALT, mouse:272, movewindow"
+    "ALT, mouse:273, resizeactive"
+  ];
+  bindc = [
+    "ALT, mouse:272, togglefloating"
   ];
 }

nix/homes/rafiq/desktop/darwin.nix

@@ -0,0 +1,37 @@
+{ config, ... }:
+let
+  inherit (config.manifest) admin;
+in
+{
+  flake.modules.darwin.graphical.homebrew = {
+    enable = true;
+    user = admin.username;
+    onActivation.cleanup = "uninstall";
+    brews = [
+      "mise"
+      "docker"
+    ];
+    casks = [
+      "ghostty"
+      "slack"
+      "gitify"
+      "telegram"
+      "vial"
+      "linear-linear"
+      "chatgpt"
+    ];
+  };
+  flake.modules.homeManager.rafiq = {
+    # make sure brew is on the path for M1
+    programs.zsh.initContent = ''
+      if [[ $(uname -m) == 'arm64' ]]; then
+        eval "$(/opt/homebrew/bin/brew shellenv)"
+      fi
+    '';
+    programs.fish.shellInit = ''
+      if test (uname -m) = "arm64"
+        eval (/opt/homebrew/bin/brew shellenv)
+      end
+    '';
+  };
+}

nix/homes/rafiq/desktop/default.nix

@@ -0,0 +1,61 @@
+{ lib, inputs, ... }:
+{
+  flake.modules.homeManager.rafiq =
+    { pkgs, config, ... }:
+    let
+      inherit (lib.modules) mkIf;
+      inherit (builtins) map listToAttrs;
+      inherit (lib.lists) findFirstIndex;
+      inherit (inputs.nur.legacyPackages.${pkgs.stdenv.hostPlatform.system}.repos.rycee) firefox-addons;
+      profiles = listToAttrs (
+        map (name: {
+          inherit name;
+          # If there are duplicate profile names, findFirstIndex will cause issues.
+          value = profileCfg (findFirstIndex (x: x == name) null syncedProfiles);
+        }) syncedProfiles
+      );
+      syncedProfiles = [
+        "rafiq"
+        "test"
+      ];
+      profileCfg = id: {
+        inherit id;
+        settings."extensions.autoDisableScopes" = 0; # Auto enable extensions
+        extensions = {
+          force = true;
+          packages = with firefox-addons; [
+            darkreader
+            gesturefy
+            sponsorblock
+            ublock-origin
+          ];
+        };
+      };
+    in
+    mkIf config.graphical {
+      stylix = {
+        image = ./wallpaper.png;
+        targets = {
+          firefox.colorTheme.enable = true;
+          firefox.profileNames = syncedProfiles;
+        };
+      };
+      home = {
+        sessionVariables = {
+          BROWSER = "firefox";
+          TERMINAL = "ghostty";
+        };
+      };
+      programs = {
+        vesktop.enable = true;
+        thunderbird.enable = true;
+        thunderbird.profiles.rafiq.isDefault = true;
+        # ghostty is broken on nix-darwin
+        ghostty.settings.confirm-close-surface = false;
+        firefox = {
+          enable = true;
+          inherit profiles;
+        };
+      };
+    };
+}

nix/homes/rafiq/desktop/nixos.nix

@@ -0,0 +1,232 @@
+{ lib, config, ... }:
+let
+  inherit (config.manifest) admin;
+in
+{
+  allowedUnfreePackages = [
+    "stremio-shell"
+    "stremio-server"
+    "steam"
+    "steam-unwrapped"
+  ];
+  flake.modules.nixos.graphical =
+    { config, pkgs, ... }:
+    {
+      fonts.packages = [ pkgs.font-awesome ];
+      services.getty.autologinUser = admin.username;
+      # Start Hyprland at boot only if not connecting through SSH
+      environment.loginShellInit = # sh
+        ''
+          if [[ -z "$SSH_CLIENT" && -z "$SSH_CONNECTION" ]]; then
+            if uwsm check may-start; then
+              exec uwsm start hyprland-uwsm.desktop
+            fi
+          fi
+        '';
+      environment.variables = {
+        # Get Electron apps to use Wayland
+        ELECTRON_OZONE_PLATFORM_HINT = "auto";
+        NIXOS_OZONE_WL = "1";
+      };
+      programs = {
+        hyprland = {
+          enable = true;
+          # Use UWSM to have each process controlled by systemd init
+          withUWSM = true;
+        };
+        steam = {
+          enable = true;
+          gamescopeSession.enable = true;
+        };
+      };
+      security.pam.services.hyprlock = { };
+      services.sunshine = {
+        enable = true;
+        capSysAdmin = true;
+        openFirewall = true;
+        settings = {
+          sunshine_name = config.networking.hostName;
+          origin_pin_allowed = "wan";
+          origin_web_ui_allowed = "wan";
+        };
+        applications = { };
+      };
+      # spotifyd
+      networking.firewall.allowedTCPPorts = [ 5353 ];
+      networking.firewall.allowedUDPPorts = [ 5353 ];
+    };
+  flake.modules.homeManager.rafiq =
+    {
+      pkgs,
+      config,
+      hostName,
+      hostConfig,
+      ...
+    }:
+    let
+      inherit (lib.modules) mkMerge mkIf;
+    in
+    mkIf (config.graphical && pkgs.system == "x86_64-linux") {
+      stylix.targets.waybar.addCss = false;
+      persistDirs = [
+        "docs"
+        "repos"
+        "vids"
+        "tmp"
+        ".cache/Smart Code ltd/Stremio"
+        ".local/share/Smart Code ltd/Stremio"
+        ".mozilla/firefox"
+        ".tor project"
+        ".local/share/Steam"
+        ".local/share/PrismLauncher"
+        ".config/sunshine"
+      ];
+      home = {
+        packages = with pkgs; [
+          wl-clipboard-rs
+          stremio
+          tor-browser
+          vlc
+          prismlauncher
+        ];
+        sessionVariables = {
+          LAUNCHER = "fuzzel";
+          LOCKSCREEN = "hyprlock";
+          NOTIFICATION_DAEMON = "mako";
+          STATUS_BAR = "waybar";
+        };
+      };
+      # xdg.configFile."uwsm/env".text = # sh
+      #   ''
+      #     # Force apps to scale right with Wayland
+      #     export GDK_SCALE=${mainMonitor.scale}
+      #     export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale}
+      #   '';
+      # xdg.configFile."uwsm/env-hyprland".text = # sh
+      #   ''
+      #     export GDK_SCALE=${mainMonitor.scale}
+      #     export STEAM_FORCE_DESKTOPUI_SCALING=${mainMonitor.scale}
+      #   '';
+      wayland.windowManager.hyprland = {
+        enable = true;
+        # This is needed for UWSM
+        systemd.enable = false;
+        # Null the packages since we use them system wide
+        package = null;
+        portalPackage = null;
+        settings = mkMerge [
+          (import ./_hyprland/decoration.nix)
+          (import ./_hyprland/keybinds.nix { inherit pkgs; })
+          {
+            ecosystem.no_update_news = true;
+            xwayland.force_zero_scaling = true;
+            monitor =
+              let
+                mainMonitor = hostConfig.machine.monitors.main;
+              in
+              [
+                "${mainMonitor.id}, ${mainMonitor.resolution}@${mainMonitor.refresh-rate}, auto, ${mainMonitor.scale}"
+                ", preferred, auto, 1"
+              ];
+            exec-once = [
+              "uwsm app -- $LOCKSCREEN"
+              "uwsm app -- $NOTIFICATION_DAEMON"
+              "uwsm app -- $STATUS_BAR"
+            ];
+          }
+        ];
+      };
+      services = {
+        spotifyd.enable = true;
+        spotifyd.settings.global = {
+          device_name = "${hostName}";
+          device_type = "computer";
+          zeroconf_port = 5353;
+        };
+        mako.enable = true;
+        mako.settings.default-timeout = 10000;
+      };
+      programs = {
+        obs-studio.enable = true;
+        fuzzel.enable = true;
+        ghostty.enable = true;
+        waybar = {
+          enable = true;
+          settings = [
+            {
+              layer = "top";
+              modules-left = [
+                "pulseaudio"
+              ];
+              modules-right = [
+                "battery"
+                "clock"
+              ];
+              "pulseaudio" = {
+                format = "{icon} {volume}%";
+                format-muted = "";
+                format-icons.default = [
+                  ""
+                  ""
+                ];
+                on-click = "${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
+              };
+              "clock" = {
+                interval = 1;
+                format = "{:%F %T}";
+              };
+              "battery" = {
+                interval = 1;
+                bat-compatibility = true;
+              };
+            }
+          ];
+          style = # css
+            ''
+              window#waybar {
+                background-color: rgba(0, 0, 0, 0);
+              }
+
+              #pulseaudio,
+              #battery,
+              #clock {
+                padding-top: 5px;
+                padding-bottom: 5px;
+                padding-right: 5px;
+                color: #ffffff;
+              }
+            '';
+        };
+        hyprlock = {
+          enable = true;
+          settings = {
+            general.hide_cursor = true;
+            general.ignore_empty_input = true;
+            background.blur_passes = 5;
+            background.blur_size = 5;
+            label = {
+              text = ''hi, $USER.'';
+              font_size = 32;
+              position = "0, 0";
+              halign = "center";
+              valign = "center";
+              zindex = 1;
+              shadow_passes = 5;
+              shadow_size = 5;
+            };
+            input-field = {
+              placeholder_text = "";
+              fade_on_empty = true;
+              size = "200, 45";
+              position = "0, -5%";
+              halign = "center";
+              valign = "center";
+              zindex = 1;
+              shadow_passes = 5;
+              shadow_size = 5;
+            };
+          };
+        };
+      };
+    };
+}

nix/homes/rafiq/git.nix

@@ -1,22 +1,18 @@
-{ config, ... }:
 {
-  config = {
-    home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config";
+  flake.modules.homeManager.rafiq = {
     home.shellAliases = {
       gs = "git status";
       gc = "git commit";
       gcam = "git commit -am";
       gu = "git push";
       gy = "git pull";
+      gdh = "git diff HEAD";
     };
     programs.git = {
       enable = true;
-      userName = config.cli.git.name;
-      userEmail = config.cli.git.email;
-      signing.key = "~/.ssh/id_ed25519.pub";
       signing.signByDefault = true;
       extraConfig = {
-        init.defaultBranch = config.cli.git.defaultBranch;
+        init.defaultBranch = "prime";
         push.autoSetupRemote = true;
         pull.rebase = false;
         core.editor = "$EDITOR";

nix/lib/attrsets.nix

@@ -0,0 +1,54 @@
+{ lib, ... }:
+let
+  inherit (builtins) attrNames head;
+  inherit (lib.trivial) pipe;
+  inherit (lib.attrsets) filterAttrs;
+in
+{
+  flake.lib.attrsets = {
+    /**
+      `firstAttrNameMatching pred set` filters an attribute set `set` based on a predicate `pred`
+      and returns the *first* attribute name that satisfies the predicate.
+
+      # Example
+
+      ```nix
+      let
+        mySet = {
+          a = { value = 1; };
+          b = { value = 2; };
+          c = { value = 3; };
+        };
+
+        isGreaterThanOne = name: value: value.value > 1;
+
+        result = firstAttrNameMatching isGreaterThanOne mySet;
+
+      in
+        result
+      # Output: "b"
+      ```
+
+      # Type
+
+      ```
+      firstAttrNameMatching :: (String -> Any -> Bool) -> AttrSet -> String
+      ```
+
+      # Arguments
+
+      pred
+      : A function that takes an attribute name and its value and returns a boolean.
+
+      set
+      : The attribute set to filter.
+    */
+    firstAttrNameMatching =
+      pred: set:
+      pipe set [
+        (filterAttrs pred)
+        attrNames
+        head
+      ];
+  };
+}

nix/lib/lists.nix

@@ -0,0 +1,13 @@
+let
+  inherit (builtins) length tail;
+in
+{
+  flake.lib.lists = rec {
+    shortenList =
+      count: list:
+      let
+        len = length list;
+      in
+      if len <= count then list else (shortenList count (tail list));
+  };
+}

nix/lib/modules.nix

@@ -0,0 +1,100 @@
+{ lib, config, ... }:
+let
+  inherit (builtins) foldl' attrNames;
+  inherit (lib.attrsets) mapAttrs;
+in
+{
+  flake.lib.modules = {
+    /**
+      Fold over the users list and create an attribute set.
+
+      # Inputs
+
+      `f`
+
+      : A function that takes the name of a user and returns an attribute set.
+
+      # Type
+
+      ```
+      userListToAttrs :: (String -> AttrSet) -> AttrSet
+      ```
+
+      # Examples
+      :::{.example}
+      ## `userListToAttrs` usage example
+
+      ```nix
+      flake.manifest.users.rafiq = { ... };
+      flake.modules.homeManager.users = userListToAttrs (name: {
+        ${name}.home.username = name;
+      });
+      => flake.modules.homeManager.default.users.rafiq.home.username = "rafiq";
+      ```
+
+      :::
+    */
+    userListToAttrs = f: foldl' (acc: elem: acc // (f elem)) { } (attrNames config.manifest.users);
+    /**
+      Return an attribute set for use with a option that needs to be used for all users.
+
+      # Inputs
+
+      `attrset`
+
+      : An attribute set to apply to all the users.
+
+      # Type
+
+      ```
+      forAllUsers :: AttrSet -> AttrSet
+      ```
+
+      # Examples
+      :::{.example}
+      ## `forAllUsers` usage example
+
+      ```nix
+      flake.manifest.users.rafiq = { ... };
+      flake.modules.nixos.default.users = forAllUsers {
+        isNormalUser = true;
+      };
+      => flake.modules.nixos.default.users.rafiq.isNormalUser = true;
+      ```
+
+      :::
+    */
+    forAllUsers = attrset: mapAttrs (_: _: attrset) config.manifest.users;
+
+    /**
+      Like forAllUsers, but passes in the name and value from the manifest.
+
+      # Inputs
+
+      `f`
+
+      : A function that takes an attribute name and its value, and returns the new value for the attribute.
+
+      # Type
+
+      ```
+      forAllUsers' :: (String -> Any -> Any) -> AttrSet
+      ```
+
+      # Examples
+      :::{.example}
+      ## `forAllUsers'` usage example
+
+      ```nix
+      flake.manifest.users.rafiq = { ... };
+      flake.modules.homeManager.users = forAllUsers' (name: value: {
+        home.username = name;
+      });
+      => flake.modules.homeManager.default.users.rafiq.home.username = "rafiq";
+      ```
+
+      :::
+    */
+    forAllUsers' = f: mapAttrs f config.manifest.users;
+  };
+}

nix/lib/options.nix

@@ -0,0 +1,45 @@
+{ lib, ... }:
+let
+  inherit (lib.options) mkOption;
+  inherit (lib.types)
+    str
+    path
+    int
+    port
+    attrs
+    ;
+in
+{
+  flake.lib.options = {
+    mkStrOption =
+      default:
+      mkOption {
+        inherit default;
+        type = str;
+      };
+    mkAttrOption =
+      default:
+      mkOption {
+        inherit default;
+        type = attrs;
+      };
+    mkIntOption =
+      default:
+      mkOption {
+        inherit default;
+        type = int;
+      };
+    mkPortOption =
+      default:
+      mkOption {
+        type = port;
+        inherit default;
+      };
+    mkPathOption =
+      default:
+      mkOption {
+        type = path;
+        inherit default;
+      };
+  };
+}

nix/lib/services.nix

@@ -0,0 +1,69 @@
+{ config, lib, ... }:
+let
+  inherit (builtins) length concatStringsSep;
+  inherit (lib.options) mkEnableOption;
+  inherit (lib.strings) splitString;
+  inherit (lib.lists) singleton;
+  inherit (lib.modules) mkMerge mkIf;
+  inherit (cfg.lib.options) mkStrOption mkPortOption mkAttrOption;
+  inherit (cfg.lib.lists) shortenList;
+  cfg = config.flake;
+in
+{
+  flake.lib.services = rec {
+    splitDomain = domain: splitString "." domain;
+    isRootDomain = domain: length (splitDomain domain) <= 2;
+    mkRootDomain = domain: concatStringsSep "." (shortenList 2 (splitDomain domain));
+    mkWildcardDomain = rootDomain: concatStringsSep "." ((singleton "*") ++ (splitDomain rootDomain));
+    mkHost = domain: if isRootDomain domain then domain else mkWildcardDomain (mkRootDomain domain);
+    mkWebApp =
+      {
+        config,
+        name,
+        defaultPort,
+        persistDirs ? [ ],
+        extraOptions ? { },
+        extraConfig ? { },
+      }:
+      let
+        cfg = config.server.web-apps.${name};
+        networkingConfig =
+          {
+            config,
+            cfg,
+            name,
+          }:
+          mkIf (cfg.domain != "") {
+            assertions = singleton {
+              assertion = config.server.web-servers.nginx.enable;
+              message = "You must enable a web server if you want to set server.web-apps.${name}.domain.";
+            };
+            server.ddns.domains = singleton (mkRootDomain cfg.domain);
+            server.web-servers.nginx.proxies = singleton {
+              source = cfg.domain;
+              target = "http://${config.networking.hostName}:${toString cfg.port}";
+            };
+          };
+
+      in
+      {
+        options.server.web-apps.${name} = {
+          enable = mkEnableOption "";
+          port = mkPortOption defaultPort;
+          domain = mkStrOption "";
+          openFirewall = mkEnableOption "";
+          extraCfg = mkAttrOption { };
+        } // extraOptions;
+
+        config = mkIf cfg.enable (mkMerge [
+          {
+            inherit persistDirs;
+            networking.firewall = mkIf cfg.openFirewall { allowedTCPPorts = singleton cfg.port; };
+          }
+          (networkingConfig { inherit config cfg name; })
+          extraConfig
+        ]);
+      };
+
+  };
+}

nix/manifest.nix

@@ -0,0 +1,104 @@
+{
+  manifest = {
+    users.rafiq = {
+      primary = true;
+      name = "Mohammad Rafiq";
+      email = "rafiq@rrv.sh";
+      shell = "fish";
+      pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n rafiq";
+    };
+    hosts = {
+      darwin = {
+        venus = {
+          graphical = true;
+          machine.platform = "intel";
+        };
+        hephaestus = {
+          graphical = true;
+          machine.platform = "apple-silicon";
+        };
+      };
+      nixos = {
+        nemesis = {
+          graphical = true;
+          machine = {
+            platform = "amd";
+            gpu = "nvidia";
+            root.drive = "/dev/disk/by-id/nvme-CT2000P3SSD8_2325E6E77434";
+            monitors.main = {
+              id = "desc:OOO AN-270W04K";
+              resolution = "3840x2160";
+              refresh-rate = "60";
+              scale = "2";
+            };
+          };
+          extraCfg = {
+            machine = {
+              bluetooth.enable = true;
+              usb.automount = true;
+              usb.qmk.enable = true;
+              virtualisation = {
+                podman.enable = true;
+                podman.distrobox.enable = true;
+              };
+            };
+            server.web-apps = {
+              comfy-ui.enable = true;
+              sd-webui-forge.enable = true;
+            };
+          };
+        };
+        apollo = {
+          graphical = false;
+          machine = {
+            platform = "intel";
+            root.drive = "/dev/disk/by-id/nvme-eui.002538d221b47b01";
+          };
+          extraCfg.server = {
+            ddns = {
+              enable = true;
+              domains = [
+                "aenyrathia.wiki"
+                "slayment.com"
+              ];
+            };
+            web-servers = {
+              enableSSL = true;
+              nginx = {
+                enable = true;
+                proxies = [
+                  {
+                    source = "aenyrathia.wiki";
+                    target = "http://helios:5896";
+                  }
+                  {
+                    source = "il.bwfiq.com";
+                    target = "http://helios:2283";
+                  }
+                ];
+              };
+            };
+            databases = {
+              mongodb.enable = true;
+              mysql.enable = true;
+              postgresql.enable = true;
+            };
+            web-apps = {
+              librechat = {
+                enable = true;
+                domain = "chat.bwfiq.com";
+              };
+              forgejo = {
+                enable = true;
+                domain = "git.rrv.sh";
+                openFirewall = true;
+              };
+              rrv-sh.enable = true;
+              rrv-sh.domain = "rrv.sh";
+            };
+          };
+        };
+      };
+    };
+  };
+}

nix/meta.nix

@@ -0,0 +1,31 @@
+{
+  lib,
+  config,
+  inputs,
+  ...
+}:
+let
+  inherit (lib.options) mkOption;
+  inherit (lib.types) path lazyAttrsOf raw;
+  inherit (inputs.flake-parts.lib) mkSubmoduleOptions;
+  cfg = config.flake;
+in
+{
+  options.flake = mkSubmoduleOptions {
+    self = mkOption { type = raw; };
+    lib = mkOption {
+      type = lazyAttrsOf raw;
+      default = { };
+    };
+    paths = {
+      root = mkOption { type = path; };
+      secrets = mkOption {
+        type = path;
+        readOnly = true;
+      };
+    };
+  };
+  config.flake = {
+    paths.secrets = cfg.paths.root + "/secrets";
+  };
+}

nix/modules/cli/git.nix

@@ -0,0 +1,17 @@
+{ config, ... }:
+let
+  inherit (config.manifest) users;
+in
+{
+  flake.modules.homeManager.default =
+    { config, ... }:
+    {
+      home.sessionVariables.GIT_CONFIG_GLOBAL = "$HOME/.config/git/config";
+      programs.git = {
+        enable = true;
+        userName = users.${config.home.username}.name;
+        userEmail = users.${config.home.username}.email;
+        signing.key = "~/.ssh/id_ed25519.pub";
+      };
+    };
+}

nix/modules/cli/nix.nix

@@ -0,0 +1,13 @@
+{
+  flake.modules.nixos.default.nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+  flake.modules.darwin.default = {
+    nix.enable = false;
+    nix.settings.experimental-features = [
+      "nix-command"
+      "flakes"
+    ];
+  };
+}

nix/modules/cli/shell.nix

@@ -0,0 +1,36 @@
+{ config, lib, ... }:
+let
+  cfg = config.flake;
+  inherit (config.manifest) users;
+  inherit (cfg.lib.modules) forAllUsers';
+  inherit (lib.attrsets) mapAttrs';
+in
+{
+  flake.modules = {
+    nixos.default =
+      { pkgs, ... }:
+      {
+        programs = mapAttrs' (name: value: {
+          name = value.shell;
+          value.enable = true;
+        }) users;
+        users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
+      };
+    darwin.default =
+      { pkgs, ... }:
+      {
+        programs = mapAttrs' (name: value: {
+          name = value.shell;
+          value.enable = true;
+        }) users;
+        users.users = forAllUsers' (_: value: { shell = pkgs.${value.shell}; });
+        environment.shells = [ pkgs.fish ];
+      };
+    homeManager.default =
+      { config, ... }:
+      {
+        programs.${users.${config.home.username}.shell}.enable = true;
+        home.shell.enableShellIntegration = true;
+      };
+  };
+}

nix/modules/graphical/default.nix

@@ -0,0 +1,17 @@
+{ lib, ... }:
+let
+  inherit (lib.options) mkEnableOption;
+in
+{
+  flake.modules = {
+    nixos.graphical = {
+      home-manager.sharedModules = [ { graphical = true; } ];
+      services.pipewire = {
+        enable = true;
+        pulse.enable = true;
+      };
+    };
+    homeManager.default.options.graphical = mkEnableOption "";
+    darwin.graphical.home-manager.sharedModules = [ { graphical = true; } ];
+  };
+}

nix/modules/graphical/stylix.nix

@@ -0,0 +1,20 @@
+{ inputs, ... }:
+{
+  # needs to be default because the options get
+  # evaluated even if graphical is set to false
+  flake.modules.nixos.default =
+    { pkgs, ... }:
+    {
+      imports = [ inputs.stylix.nixosModules.stylix ];
+      stylix.enable = true;
+      stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
+    };
+  flake.modules.darwin.default =
+    { pkgs, ... }:
+    {
+      imports = [ inputs.stylix.darwinModules.stylix ];
+      stylix.enable = true;
+      #TODO: move into manifest
+      stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-hard.yaml";
+    };
+}

nix/modules/machine/bootloader.nix

@@ -0,0 +1,18 @@
+{
+  flake.modules.nixos.default.boot = {
+    initrd.availableKernelModules = [
+      "nvme"
+      "xhci_pci"
+      "ahci"
+      "usbhid"
+      "usb_storage"
+      "sd_mod"
+    ];
+    loader.efi.canTouchEfiVariables = true;
+    #TODO: disable for mbp?
+    loader.systemd-boot = {
+      enable = true;
+      configurationLimit = 5;
+    };
+  };
+}

nix/modules/machine/default.nix

@@ -0,0 +1,58 @@
+{ lib, ... }:
+let
+  inherit (lib.options) mkEnableOption;
+  inherit (lib.modules) mkIf mkMerge;
+in
+{
+  flake.modules.nixos.default =
+    {
+      config,
+      modulesPath,
+      pkgs,
+      ...
+    }:
+    let
+      cfg = config.machine;
+    in
+    {
+      imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+      options.machine = {
+        bluetooth.enable = mkEnableOption "";
+        usb.automount = mkEnableOption "";
+        usb.qmk.enable = mkEnableOption "";
+      };
+      config = mkMerge [
+        (mkIf cfg.usb.automount {
+          services.udisks2.enable = true;
+          home-manager.sharedModules = [
+            {
+              services.udiskie = {
+                enable = true;
+                automount = true;
+                notify = true;
+              };
+            }
+          ];
+        })
+        (mkIf cfg.usb.qmk.enable {
+          hardware.keyboard.qmk.enable = true;
+          services.udev = {
+            packages = with pkgs; [
+              vial
+              qmk
+              qmk-udev-rules
+              qmk_hid
+            ];
+          };
+
+        })
+        (mkIf cfg.bluetooth.enable {
+          persistDirs = [ "/var/lib/bluetooth" ];
+          hardware.bluetooth = {
+            enable = true;
+            settings.General.Experimental = true;
+          };
+        })
+      ];
+    };
+}

nix/modules/machine/gpu.nix

@@ -0,0 +1,37 @@
+{
+  allowedUnfreePackages = [
+    "nvidia-x11"
+    "nvidia-settings"
+  ];
+  flake.modules.nixos.default =
+    {
+      config,
+      pkgs,
+      hostConfig,
+      ...
+    }:
+    let
+      inherit (hostConfig.machine) gpu;
+    in
+    if gpu == "nvidia" then
+      {
+        hardware = {
+          graphics.enable = true;
+          graphics.extraPackages = [ pkgs.nvidia-vaapi-driver ];
+          nvidia.open = true;
+          nvidia.package = config.boot.kernelPackages.nvidiaPackages.latest;
+        };
+        services.xserver.videoDrivers = [ "nvidia" ];
+        environment.variables = {
+          LIBVA_DRIVER_NAME = "nvidia";
+          __GLX_VENDOR_LIBRARY_NAME = "nvidia";
+          NVD_BACKEND = "direct";
+        };
+        nix.settings.substituters = [ "https://cuda-maintainers.cachix.org" ];
+        nix.settings.trusted-public-keys = [
+          "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
+        ];
+      }
+    else
+      { };
+}

nix/modules/machine/platform.nix

@@ -0,0 +1,23 @@
+{
+  flake.modules.nixos.default =
+    { hostConfig, ... }:
+    let
+      inherit (hostConfig.machine) platform;
+      arch = if platform == "amd" || platform == "intel" then "x86_64" else "aarch64";
+    in
+    {
+      hardware.cpu.${platform}.updateMicrocode = true;
+      boot.kernelModules = [ "kvm-${platform}" ];
+      nixpkgs.hostPlatform = "${arch}-linux";
+    };
+
+  flake.modules.darwin.default =
+    { hostConfig, ... }:
+    let
+      inherit (hostConfig.machine) platform;
+      arch = if platform == "intel" then "x86_64" else "aarch64";
+    in
+    {
+      nixpkgs.hostPlatform = "${arch}-darwin";
+    };
+}

nix/modules/machine/root.nix

@@ -0,0 +1,95 @@
+{ lib, inputs, ... }:
+let
+  inherit (lib.modules) mkMerge mkIf mkAfter;
+in
+{
+  flake.modules.nixos.default =
+    { hostConfig, ... }:
+    let
+      inherit (hostConfig.machine) root;
+    in
+    {
+      imports = [ inputs.disko.nixosModules.disko ];
+      config = mkMerge [
+        {
+          # BTRFS - may add more later on
+          boot.initrd.kernelModules = [ "dm-snapshot" ];
+          disko.devices.disk.main = {
+            device = root.drive;
+            content.type = "gpt";
+            content.partitions = {
+              boot = {
+                name = "boot";
+                size = "1M";
+                type = "EF02";
+              };
+              esp = {
+                name = "ESP";
+                size = "500M";
+                type = "EF00";
+                content = {
+                  type = "filesystem";
+                  format = "vfat";
+                  mountpoint = "/boot";
+                };
+              };
+              swap = {
+                size = "4G";
+                content = {
+                  type = "swap";
+                  resumeDevice = true;
+                };
+              };
+              root = {
+                name = "root";
+                size = "100%";
+                content = {
+                  type = "lvm_pv";
+                  vg = "root_vg";
+                };
+              };
+            };
+          };
+
+          disko.devices.lvm_vg.root_vg = {
+            type = "lvm_vg";
+            lvs.root = {
+              size = "100%FREE";
+              content = {
+                type = "btrfs";
+                extraArgs = [ "-f" ];
+                subvolumes = {
+                  "/root".mountpoint = "/";
+                  "/persist" = {
+                    mountpoint = "/persist";
+                    mountOptions = [
+                      "subvol=persist"
+                      "noatime"
+                    ];
+                  };
+                  "/nix" = {
+                    mountpoint = "/nix";
+                    mountOptions = [
+                      "subvol=nix"
+                      "noatime"
+                    ];
+                  };
+                };
+              };
+            };
+          };
+        }
+        # Ephemeral by default - assumes btrfs
+        (mkIf root.ephemeral {
+          boot.initrd.postDeviceCommands = mkAfter ''
+            mkdir /btrfs_tmp
+            mount /dev/root_vg/root /btrfs_tmp
+
+            if [[ -e /btrfs_tmp/root ]]; then
+              btrfs subvolume delete "/btrfs_tmp/root"
+            fi
+          '';
+        })
+      ];
+    };
+}