nix/hosts/nixarawrui/default.nix

{
  inputs,
  upkgs,
  spkgs,
  ...
}: {
  imports = [
    ./hardware-configuration.nix

    ./modules/amdgpu-ignore-ctx-privileges.nix
  ];

  # Use the systemd-boot EFI boot loader.
  boot = rec {
    initrd.kernelModules = ["amdgpu"];

    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };

    # kernelPackages = upkgs.cachyosKernels.linuxPackages-cachyos-latest-lto-x86_64-v4;
    kernelPackages = upkgs.linuxPackages_latest;
    kernelModules = ["v4l2loopback"];
    extraModulePackages = with kernelPackages; [v4l2loopback];

    # qemu
    # binfmt.emulatedSystems = [
    #   "riscv64-linux"
    # ];
    # the following line is from:
    # https://discourse.nixos.org/t/chroot-into-arm-container-with-systemd-nspawn/34735
    # fixed my arch-chroot issue when trying to setup a risc v sd card for
    # the mango pi mq pro
    binfmt.preferStaticEmulators = true;
  };

  # bluetooth
  services.blueman.enable = true; # gui bluetooth manager

  networking = {
    hostName = "nixarawrui";
    networkmanager.enable = true;
    firewall = {
      enable = true;
      # allows wireguard to route all traffic through default route <3
      checkReversePath = "loose";

      allowedTCPPorts = [
        21110 # slimevr
        44949 # rquickshare
      ];
      allowedUDPPorts = [
        6969 # slimevr
        8266 # slimevr
        35903 # slimevr
        44949 # rquickshare
      ];
    };

    nftables.enable = true;
    wireguard.enable = true;
  };

  # hardware / driver stuff
  hardware = {
    keyboard = {
      qmk.enable = true;
    };
    opentabletdriver.enable = true;
    wooting.enable = true;
    xone.enable = true;
    bluetooth.enable = true;
  };

  virtualisation = {
    podman = {
      enable = true;
      dockerCompat = true;
    };
    waydroid.enable = true;
  };

  environment.sessionVariables = {
    NIXOS_OZONE_WL = "1";

    # makes portals work correctly
    QT_QPA_PLATFORMTHEME = "xdgdesktopportal";
    #QT_QPA_PLATFORMTHEME = "flatpak"; # sometimes might need this
  };

  xdg.portal = {
    enable = true;

    wlr = {
      enable = true;
    };

    extraPortals = with upkgs; [
      xdg-desktop-portal-termfilechooser
    ];

    config.common = {
      "org.freedesktop.impl.portal.FileChooser" = ["termfilechooser"];
    };
  };

  time.timeZone = "Europe/London";

  i18n = {
    defaultLocale = "en_US.UTF-8";
    supportedLocales = [
      "en_US.UTF-8/UTF-8"
      "ja_JP.UTF-8/UTF-8"
    ];
  };
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };

  hardware.graphics = {
    enable = true;
    enable32Bit = true;

    extraPackages = with upkgs; [
      libva-vdpau-driver
      libvdpau-va-gl
    ];
  };

  services = {
    displayManager.sddm.enable = true;
    displayManager.sddm.wayland.enable = true;

    udisks2.enable = true;
    flatpak.enable = true;

    gnome.gnome-keyring.enable = true;

    # used for piper so u can configure silly little mice :3
    ratbagd.enable = true;

    # Enable sound.
    pipewire = {
      enable = true;
      audio.enable = true;
      wireplumber.enable = true;

      alsa.enable = true;
      alsa.support32Bit = true;
    };

    udev = {
      enable = true;
      packages = with upkgs; [
        # adds via support for keyboards and stuffs :3 (needs reboot)
        via

        # slimevr :33333333333 (i'm queer)
        slimevr
        platformio
      ];
      extraRules = ''
        # Wooting One Legacy
        SUBSYSTEM=="hidraw", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="ff01", TAG+="uaccess"
        SUBSYSTEM=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="ff01", TAG+="uaccess"

        # Wooting One update mode
        SUBSYSTEM=="hidraw", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2402", TAG+="uaccess"

        # Wooting Two LegacySUBSYSTEM=="hidraw", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="ff02", TAG+="uaccess"
        SUBSYSTEM=="usb", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="ff02", TAG+="uaccess"

        # Wooting Two update mode
        SUBSYSTEM=="hidraw", ATTRS{idVendor}=="03eb", ATTRS{idProduct}=="2403", TAG+="uaccess"

        # Generic Wootings
        SUBSYSTEM=="hidraw", ATTRS{idVendor}=="31e3", TAG+="uaccess"
        SUBSYSTEM=="usb", ATTRS{idVendor}=="31e3", TAG+="uaccess"
      '';
    };
  };

  security = {
    rtkit.enable = true;
    polkit.enable = true;
  };

  # Enable touchpad support (enabled default in most desktopManager).
  # services.libinput.enable = true;
  # Define a user account. Don't forget to set a password with ‘passwd’.
  users = {
    users.aurora = {
      isNormalUser = true;
      uid = 1000;
      extraGroups = ["wheel" "disk" "input" "video" "audio" "networkmanager" "games"];

      shell = upkgs.zsh;

      packages = with upkgs; [
        flatpak
        tree
      ];
    };
    groups.games = {
      gid = 7000;
    };
  };

  programs = {
    # nix-ld runs unpatched dynamic binaries on nixos :3
    nix-ld.enable = true;

    # needed for gpg else no pinentry apparently
    gnupg = {
      agent.enable = true;
    };

    nh = {
      enable = true;
      clean.enable = true;
      clean.extraArgs = "--keep-since 14d --keep 8";
      flake = "/etc/nixos"; # default flake
    };

    # hyprland, river, and sway have to be enabled here
    # for there to be systemd entries for login managers

    # hyprland has to be enabled here for xdg portals
    # to work properly on hyprland
    hyprland = {
      enable = true;
      package = upkgs.hyprland-git.hyprland;
      portalPackage = upkgs.hyprland-git.xdg-desktop-portal-hyprland;
    };

    river-classic = {
      package = spkgs.river-classic; # FIX: using spkgs version as zls is broken rn ;-;
      enable = true;
    };

    sway = {
      enable = true;
      wrapperFeatures.gtk = true;
    };

    # steam has to be enabled here
    steam = {
      enable = true;
      package = upkgs.millennium-steam;
      remotePlay.openFirewall = true;
      dedicatedServer.openFirewall = true;
      localNetworkGameTransfers.openFirewall = true;
      gamescopeSession.enable = true;
    };

    alvr = {
      enable = true;
      package = spkgs.alvr;
      openFirewall = true;
    };

    envision = {
      enable = true;
      openFirewall = true;
    };

    # any shell that you wanna use needs to be enabled globally
    # to set the default shell for users
    # per-user config is done in home manager
    zsh.enable = true;
    fish.enable = true;

    silentSDDM = {
      enable = false;
      theme = "rei";
    };
  };

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with upkgs; [
    # linux packages!!!
    linuxPackages.v4l2loopback

    # android yay
    android-tools

    # network manager extra packages
    networkmanager-openvpn

    # um makes my keyboard worky
    via

    # wine - needed for lutris :3
    wineWowPackages.stable

    # utils, apps, important default stuff ig :3
    neovim
    wget
    git
    bash

    # waydroid needs it apparently for clipboard sharing??
    wl-clipboard
    (waydroid.override {
      python3Packages = upkgs.python312Packages;
    })

    # game stuff :3
    (lutris.override {
      extraPkgs = upkgs: [
        libadwaita
      ];
    })
    (steam.override {
      extraPkgs = upkgs: [
        nss
        xorg.libX11
        xorg.libXScrnSaver
      ];
    }).run

    inputs.nix-alien.packages.${stdenv.hostPlatform.system}.nix-alien
  ];

  system.stateVersion = "24.11";
}