refactor(general): organized more

GEMINI.md

@@ -0,0 +1,65 @@
+# HakaseOS - NixOS Configuration
+
+This is a modular, flake-based NixOS configuration for a single host (`hakase`). It features a custom Hyprland desktop environment, automated theming via Matugen, and strict separation of concerns using a custom `myConfig` object.
+
+## Project Structure
+
+*   **`flake.nix`**: The entry point. Defines inputs (Hyprland, Chaotic, Home Manager, etc.) and creates the system configuration.
+*   **`config.nix`**: Central source of truth. Defines global variables (user details, monitor config, theme settings) exposed as `myConfig`.
+*   **`hosts/hakase/`**: Host-specific configuration.
+    *   `configuration.nix`: Main system entry point.
+*   **`modules/`**: Reusable modules.
+    *   `nixos/`: System-level modules (boot, hardware, services).
+    *   `home/`: Home-manager modules (UI, apps, user services).
+*   **`apps/`**: Application-specific configurations. Each app has its own directory (e.g., `hyprland`, `firefox`, `ghostty`) with a `default.nix`.
+*   **`assets/`**: Static assets like wallpapers (`firewatch.png`).
+*   **`secrets/`**: Encrypted secrets managed by SOPS.
+
+## Architecture & Conventions
+
+### 1. The `myConfig` Object
+Global configuration is not hardcoded in modules. Instead, it is defined in `config.nix` and passed to all modules via `specialArgs`.
+**Usage Pattern:**
+```nix
+# In any module
+{ pkgs, config, myConfig, ... }:
+{
+  # Access values
+  home.username = myConfig.nixos.username;
+}
+```
+
+### 2. Module Hierarchy
+*   **System**: `flake.nix` -> `hosts/hakase/configuration.nix` -> `modules/nixos/default.nix` -> `modules/nixos/*.nix`
+*   **User**: `modules/nixos/user.nix` (or similar) -> `home-manager` -> `home/hakase.nix` -> `modules/home/*.nix` -> `apps/*/default.nix`
+
+### 3. Application Configuration
+Do not dump config into one large file. Create a dedicated folder in `apps/<app_name>/` with a `default.nix`.
+*   Example: `apps/ghostty/default.nix`
+
+## Key Commands
+
+### System Management
+*   **Rebuild & Switch**:
+    ```bash
+    sudo nixos-rebuild switch --flake ~/.config/nixos/#hakase
+    # or alias:
+    update
+    ```
+
+### Secrets (SOPS)
+*   **Edit Secrets**:
+    ```bash
+    nix-shell -p sops --run "sops secrets/secrets.yaml"
+    ```
+*   **Update Keys**:
+    ```bash
+    nix-shell -p sops --run "sops updatekeys secrets/secrets.yaml"
+    ```
+
+## Development Guidelines
+
+*   **Matugen**: used for theming. Templates are located in `apps/matugen/templates/`.
+*   **Hyprland**: Config is split into `apps/hyprland/hypr/*.nix`.
+*   **Formatting**: Follow existing indentation (2 spaces usually).
+*   **Commits**: Use Conventional Commits (e.g., `feat(hyprland): add new bind`).

apps/firefox/default.nix

@@ -44,7 +44,6 @@
           ublock-origin
           bitwarden
           tridactyl
-          # pywalfox
         ];
 
         bookmarks = {
@@ -61,12 +60,12 @@
         settings = {
           # --- Privacy & Hardening ---
           "browser.contentblocking.category" = "strict";
-          "privacy.trackingprotection.enabled" = true;
-          "privacy.resistFingerprinting" = true; # Note: Spoofs timezone and caps FPS to 60
           "geo.enabled" = false;
           "media.peerconnection.enabled" = false; # Prevents WebRTC IP leaks
           "network.dns.disablePrefetch" = true;
           "network.prefetch-next" = false;
+          "privacy.resistFingerprinting" = true; # Note: Spoofs timezone and caps FPS to 60
+          "privacy.trackingprotection.enabled" = true;
 
           # --- NixOS / Hyprland Integration ---
           "widget.use-xdg-desktop-portal.file-picker" = 1; # Use native file picker
@@ -74,28 +73,28 @@
           # --- UI & Behavior ---
           "accessibility.typeaheadfind" = false;
           "browser.compactmode.show" = true;
-          "browser.tabs.closeWindowWithLastTab" = false;
-          "extensions.pocket.enabled" = false;
-          "extensions.screenshots.disabled" = true;
-          "browser.topsites.contile.enabled" = false;
           "browser.formfill.enable" = false;
-          "browser.search.suggest.enabled" = false;
-          "browser.search.suggest.enabled.private" = false;
-          "browser.urlbar.suggest.searches" = false;
-          "browser.urlbar.showSearchSuggestionsFirst" = false;
           "browser.newtabpage.activity-stream.feeds.section.topstories" = false;
           "browser.newtabpage.activity-stream.feeds.snippets" = false;
-          "browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
           "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = false;
           "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = false;
+          "browser.newtabpage.activity-stream.section.highlights.includePocket" = false;
           "browser.newtabpage.activity-stream.section.highlights.includeVisited" = false;
           "browser.newtabpage.activity-stream.showSponsored" = false;
-          "browser.newtabpage.activity-stream.system.showSponsored" = false;
           "browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
+          "browser.newtabpage.activity-stream.system.showSponsored" = false;
+          "browser.search.suggest.enabled" = false;
+          "browser.search.suggest.enabled.private" = false;
+          "browser.tabs.closeWindowWithLastTab" = false;
+          "browser.topsites.contile.enabled" = false;
+          "browser.urlbar.showSearchSuggestionsFirst" = false;
+          "browser.urlbar.suggest.searches" = false;
+          "extensions.pocket.enabled" = false;
+          "extensions.screenshots.disabled" = true;
 
           # --- Homepage & Navigation ---
-          "browser.startup.homepage" = "https://dash.sakamoto.dev";
           "browser.newtabpage.pinned" = myConfig.firefox.newtabpage;
+          "browser.startup.homepage" = "https://dash.sakamoto.dev";
 
           # --- DNS over HTTPS (Quad9) ---
           "network.trr.mode" = 2; # Use DoH with system fallback
@@ -131,21 +130,6 @@
         UrlbarInterventions = false;
         WhatsNew = false;
       };
-
-      # ExtensionSettings = {
-      #   "uBlock0@raymondhill.net" = {
-      #     install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
-      #     installation_mode = "force_installed";
-      #   };
-      #   "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
-      #     install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
-      #     installation_mode = "force_installed";
-      #   };
-      #   "tridactyl.vim@cmcaine.co.uk" = {
-      #     install_url = "https://addons.mozilla.org/firefox/downloads/latest/tridactyl-vim/latest.xpi";
-      #     installation_mode = "force_installed";
-      #   };
-      # };
     };
   };
 }

apps/hyprland/default.nix

@@ -4,18 +4,16 @@
   ...
 }: {
   imports = [
-    ./hypr/binds.nix
-    ./hypr/general.nix
-    ./hypr/exec.nix
-    ./hypr/rules.nix
     ./hypr/animation.nix
-    ./hypr/misc.nix
+    ./hypr/binds.nix
+    ./hypr/exec.nix
+    ./hypr/general.nix
     ./hypr/input.nix
     ./hypr/layers.nix
+    ./hypr/misc.nix
+    ./hypr/rules.nix
 
     ./scripts/movement.nix
-
-    # volume stuff
   ];
   wayland.windowManager.hyprland.enable = true;
   wayland.windowManager.hyprland.systemd.enable = false; # for UWSM support...

modules/nixos/default.nix

@@ -1,27 +1,22 @@
 {pkgs, ...}: {
   imports = [
-    ./time.nix
-    ./nix.nix
+    ./amd.nix
     ./backlight.nix
     ./boot.nix
-    ./amd.nix
+    ./fonts.nix
     ./hardware.nix
     ./home-manager.nix
-    ./services.nix
-    ./user.nix
-    ./version.nix
-    ./fonts.nix
+    ./input-method.nix
+    ./kernel.nix
+    ./nix.nix
+    ./power.nix # TODO: this one has to be optional
     ./programs.nix
     ./security.nix
+    ./services.nix
+    ./time.nix
+    ./user.nix
+    ./utils.nix
     ./variables.nix
-    ./kernel.nix
-    ./input-method.nix
-    ./power.nix # TODO: this one has to be optional
-  ];
-  environment.systemPackages = with pkgs; [
-    # FIXME: must be on their own app
-    git
-    cloudflared
-    cachix
+    ./version.nix
   ];
 }

modules/nixos/gaming.nix

@@ -8,7 +8,7 @@
   hardware.steam-hardware.enable = true;
   hardware.xpadneo.enable = true; # Xbox controllers via Bluetooth
   hardware.uinput.enable = true;
-  services.udev.packages = [pkgs.game-devices-udev-rules];
+  # services.udev.packages = [pkgs.game-devices-udev-rules];
 
   programs.steam = {
     enable = true;
@@ -24,4 +24,5 @@
   programs.gamemode.enable = true;
   # Fix slow Steam Download speeds
   services.resolved.enable = true;
-}
+}
+

modules/nixos/utils.nix

@@ -0,0 +1,7 @@
+{pkgs, ...}: {
+  environment.systemPackages = with pkgs; [
+    git
+    cloudflared
+    cachix
+  ];
+}