m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Compare commits

base: m3tam3re:feat/m3ta-home-integration
Branches Tags
m3tam3re:master m3tam3re:feat/m3ta-home-integration
..
compare: m3tam3re:b1b6895101192e5aa73394827b1cc1d3568f2bf0
Branches Tags
m3tam3re:feat/m3ta-home-integration m3tam3re:master

1 Commits
feat/m3ta- ... b1b6895101

Author SHA1 Message Date
m3ta-chiron
b1b6895101 feat: enable orchestrator + switch TTS to Edge (Katja voice) 
- Enable delegation.orchestrator_enabled with max_spawn_depth=2
- Switch TTS from ElevenLabs (paid) to Edge TTS (free) with de-DE-KatjaNeural
- Katja is a warm, friendly German female voice — no API key required
 2026-05-01 12:19:58 +02:00
8 changed files with 43 additions and 507 deletions
Expand all files Collapse all files

132
AGENTS.md
View File

@@ -186,8 +186,6 @@ _(Note to Pi: Your file write/edit tools run in a different directory by default
| ---------------- | --------------------------------- |
| **Nixpkgs** | nixos-unstable + 25.05 stable |
| **Home Manager** | github:nix-community/home-manager |
| **m3ta-home** | code.m3ta.dev/m3tam3re/m3ta-home |
| **m3ta-nixpkgs** | code.m3ta.dev/m3tam3re/nixpkgs |
| **Agenix** | github:ryantm/agenix |
| **Disko** | github:nix-community/disko |
| **NUR** | github:nix-community/NUR |
@@ -203,33 +201,32 @@ _(Note to Pi: Your file write/edit tools run in a different directory by default
```
nixos-config/
├── flake.nix # Entry point: hosts, overlays, dev shells, m3ta-home input
├── flake.nix # Entry point: hosts, overlays, dev shells
├── coding-rules.json # Opencode rules configuration
├── hosts/ # Per-host NixOS configurations
│ ├── common/ # Shared across all hosts
│ │ ├── users/
│ │ │ └── m3tam3re.nix # ← Central user + m3ta-home integration
│ │ ── default.nix # Shared NixOS settings, overlays, home-manager setup
│ ├── ports.nix # Network ports config
│ └── extraServices/ # Common service toggles
│ ├── m3-ares/ # TUXEDO laptop (desktop)
│ └── home.nix # Hyprland: eDP-1 + HDMI, XDG/MIME
── m3-kratos/ # AMD desktop (desktop)
│ │ └── home.nix # Hyprland: dual DP, XDG/MIME
│ ├── m3-daedalus/ # Portable laptop (desktop, no Hyprland)
│ │ └── home.nix # XDG/MIME only
│ ├── m3-atlas/ # Primary server (server + coding)
│ ├── m3-helios/ # AdGuard DNS server (minimal server)
│ ├── m3-hermes/ # Secondary server (minimal server)
│ └── m3-aether/ # Cloud VM (minimal server)
│ │ ├── users/ # User definitions
│ │ ├── ports.nix # Network ports config
│ │ ── extraServices/ # Common service toggles
├── m3-ares/ # Main desktop
├── m3-atlas/ # Desktop with disko
│ ├── m3-helios/ # Desktop with disko
├── m3-hermes/ # Desktop with disko + hermes-agent
── m3-kratos/ # Server with NUR
├── modules/ # Reusable NixOS modules
── nixos/ # NixOS-specific modules
├── modules/ # Reusable NixOS/home-manager modules
── nixos/ # NixOS-specific modules
│ │ └── default.nix # Imports common + service configs
│ └── home-manager/ # Home-manager configurations
├── overlays/ # Package overlays (stable/locked/master/pinned)
── default.nix
│ └── mods/
├── home/ # Per-user, per-host home configs
── m3tam3re/
└── m3-daedalus.nix
├── overlays/ # Package overlays
│ ├── default.nix # Stable/locked/master branches
│ └── mods/ # Package modifications
├── pkgs/ # Custom packages
@@ -237,64 +234,13 @@ nixos-config/
│ └── secrets.nix
├── .opencode-rules/ # Opencode AI rules
│ ├── concerns/
│ ├── languages/nix.md
│ ├── concerns/ # Coding style rules
│ ├── languages/nix.md # Nix conventions
│ └── USAGE.md
└── .pi/ # Agent configuration
```
### Home-Manager Integration
Home-Manager configs are managed centrally in the **`m3ta-home`** repository:
- **Repo**: `code.m3ta.dev/m3tam3re/m3ta-home`
- **Docs**: See m3ta-home README for full documentation
What lives where:
| Concern | Location | Why |
|---------|----------|-----|
| Shell, CLI tools, editors, apps | `m3ta-home/profiles/` | Portable across all hosts |
| User identity (git, SSH, JJ) | `m3ta-home/users/` | Switchable: private vs work |
| Feature flags (enable/disable) | `nixos-config/hosts/common/users/m3tam3re.nix` | Per-host decisions |
| Monitor layouts, window rules | `nixos-config/hosts/<name>/home.nix` | Hardware-specific |
| XDG/MIME defaults | `nixos-config/hosts/<name>/home.nix` | Host-specific preferences |
| NixOS overlays | `nixos-config/overlays/` | System-level package management |
#### Host → Profile Mapping
Defined in `hosts/common/users/m3tam3re.nix`:
```nix
hostProfiles = {
# Desktop hosts
m3-ares = { context = "desktop"; sets = ["coding" "gaming" "media"]; };
m3-kratos = { context = "desktop"; sets = ["coding" "gaming" "media"]; };
m3-daedalus = { context = "desktop"; sets = ["coding" "media"]; };
# Server hosts
m3-atlas = { context = "server"; sets = ["coding"]; };
m3-helios = { context = "server"; sets = []; };
m3-hermes = { context = "server"; sets = []; };
m3-aether = { context = "server"; sets = []; };
};
```
#### Work Identity Use Case
The same `m3ta-home` repo supports a **work identity** for company machines:
```nix
# On a work NixOS machine:
(m3ta-lib.mkHome {
user = "m3tam3re";
identity = "work"; # ← switches git to sascha.koenig, SSH to AZ hosts
context = "desktop";
sets = ["coding"];
})
```
This provides the familiar shell/editor/CLI setup but with work git credentials and SSH configuration.
---
## Commands
@@ -365,14 +311,6 @@ config = lib.mkMerge [
- Never commit plaintext secrets
- Use `.nix` extension for secret files
### Flake Input URLs
All `code.m3ta.dev` inputs use **SSH** URLs:
```nix
url = "git+ssh://gitea@code.m3ta.dev/m3tam3re/<repo>";
```
Anonymous HTTPS git on Gitea is unreliable and prompts for auth. SSH works with configured keys.
---
## Key Files
@@ -380,9 +318,12 @@ Anonymous HTTPS git on Gitea is unreliable and prompts for auth. SSH works with
| File | Purpose |
| ---------------------------------- | ------------------------------------------------------------------------------------------ |
| `flake.nix` | Central entry point defining all hosts, overlays, packages, dev shells, and nixpkgs config |
| `hosts/common/default.nix` | Shared Nix settings, nixpkgs overlays, home-manager setup (`useGlobalPkgs = true`) |
| `hosts/common/users/m3tam3re.nix` | User definition + m3ta-home mkHome integration + per-host feature flags |
| `hosts/<name>/home.nix` | Host-specific overrides: monitors, workspaces, window rules, XDG/MIME |
| `hosts/common/default.nix` | Shared Nix settings, nixpkgs overlays, home-manager integration, user defaults |
| `hosts/m3-ares/default.nix` | Main desktop host configuration, imports common + service modules |
| `hosts/m3-ares/configuration.nix` | Desktop environment config (Hyprland, display, audio, etc.) |
| `hosts/m3-ares/programs.nix` | CLI tools, dev tools, shell configs |
| `hosts/m3-ares/services/` | Service-specific configs (firewall, printing, etc.) |
| `modules/nixos/default.nix` | Orchestrates common + configuration imports |
| `overlays/default.nix` | Package version overrides (stable/locked/master branches) |
| `.opencode-rules/languages/nix.md` | Nix-specific conventions and patterns |
@@ -411,10 +352,7 @@ Anonymous HTTPS git on Gitea is unreliable and prompts for auth. SSH works with
- `configuration.nix` — host-specific system config
- `hardware-configuration.nix` — from `nixos-generate-config`
- `programs.nix`, `services/`, `secrets.nix` as needed
3. Add entry to `hostProfiles` in `hosts/common/users/m3tam3re.nix`
4. Add feature flags in the `hostFlags` section
5. Create `hosts/<name>/home.nix` if the host needs monitor/XDG overrides
6. Run `sudo nixos-generate-config --dir ./hosts/new-host` first time
3. Run `sudo nixos-generate-config --dir ./hosts/new-host` first time
### Adding a New Package
@@ -422,12 +360,6 @@ Anonymous HTTPS git on Gitea is unreliable and prompts for auth. SSH works with
2. For complex packages: create in `pkgs/` directory
3. For upstream packages: use NUR or add as flake input
### Adding a New Home-Manager Feature
1. Create the module in `m3ta-home` under the appropriate profile directory
2. Add the import to the parent `default.nix` in m3ta-home
3. Enable it per-host via feature flags in `hosts/common/users/m3tam3re.nix`
### Development Workflow
1. Edit config files
@@ -443,3 +375,9 @@ Anonymous HTTPS git on Gitea is unreliable and prompts for auth. SSH works with
nix copy --to ssh://user@host .#nixosConfigurations.m3-ares.config.system.build.toplevel
ssh user@host 'sudo nixos-rebuild switch --flake /nix/store/...-closure'
```
### Home Manager
- Home configs live in `home/m3tam3re/`
- Use `home-manager.users.m3tam3re` in host config
- Access via `config.home-manager.users.m3tam3re`

9
flake.nix
View File

@@ -22,7 +22,7 @@
nixpkgs-9e58ed7.url = "github:nixos/nixpkgs/9e58ed7ba759d81c98f033b7f5eba21ca68f53b0";
nixpkgs-master.url = "github:nixos/nixpkgs/master";
m3ta-nixpkgs.url = "git+ssh://gitea@code.m3ta.dev/m3tam3re/nixpkgs";
m3ta-nixpkgs.url = "git+https://code.m3ta.dev/m3tam3re/nixpkgs";
llm-agents.url = "github:numtide/llm-agents.nix";
#
@@ -43,14 +43,9 @@
rose-pine-hyprcursor.url = "github:ndom91/rose-pine-hyprcursor";
nix-colors.url = "github:misterio77/nix-colors";
m3ta-home = {
url = "git+ssh://gitea@code.m3ta.dev/m3tam3re/m3ta-home";
inputs.nixpkgs.follows = "nixpkgs";
};
agents = {
# url = "path:/home/m3tam3re/p/AI/AGENTS";
url = "git+ssh://gitea@code.m3ta.dev/m3tam3re/AGENTS";
url = "git+https://code.m3ta.dev/m3tam3re/AGENTS";
};
## Skills
skills-basecamp = {

1
hosts/common/default.nix
View File

@@ -18,7 +18,6 @@
environment.pathsToLink = ["/share/xdg-desktop-portal" "/share/applications"];
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = {
inherit inputs outputs system;

227
hosts/common/users/m3tam3re.nix
View File

@@ -1,211 +1,11 @@
# hosts/common/users/m3tam3re.nix — Central user definition with m3ta-home integration.
#
# This module:
# 1. Creates the m3tam3re NixOS user
# 2. Loads the m3ta-home profile system via mkHome
# 3. Sets per-host feature flags based on a host profile mapping
# 4. Imports per-host home.nix overrides (monitors, HW-specific config)
#
# To add a new host:
# 1. Add entry to hostProfiles below
# 2. Add feature flags in the hostFlags section
# 3. Create hosts/<hostname>/home.nix if the host needs overrides (monitors, etc.)
{
config,
pkgs,
inputs,
...
}: let
hostname = config.networking.hostName;
# ── Per-host profile mapping ──
# Determines which m3ta-home context and sets each host gets.
hostProfiles = {
# ── Desktop hosts ──
m3-ares = {
context = "desktop";
sets = ["coding" "gaming" "media"];
};
m3-kratos = {
context = "desktop";
sets = ["coding" "gaming" "media"];
};
m3-daedalus = {
context = "desktop";
sets = ["coding" "media"];
};
# ── Server hosts ──
m3-atlas = {
context = "server";
sets = ["coding"];
};
m3-helios = {
context = "server";
sets = [];
};
m3-hermes = {
context = "server";
sets = [];
};
m3-aether = {
context = "server";
sets = [];
};
};
profile = hostProfiles.${hostname} or {
context = "server";
sets = [];
};
m3ta-lib = inputs.m3ta-home.lib;
# Check if a per-host home.nix exists
hostHomeFile = ./../../${hostname}/home.nix;
hostHomeExists = builtins.pathExists hostHomeFile;
# ── Per-host feature flags ──
# These enable/disable specific m3ta-home modules per host.
hostFlags =
if hostname == "m3-ares" || hostname == "m3-kratos"
then {
# Full desktop workstation
base = {
shell = {
fish.enable = true;
nushell.enable = true;
starship.enable = true;
};
cliTools = {
fzf.enable = true;
nitch.enable = true;
television.enable = true;
};
secrets.enable = true;
};
desktop = {
wm = {
hyprland.enable = true;
rofi.enable = true;
wayland.enable = true;
};
apps = {
crypto.enable = true;
obsidian.enable = true;
office.enable = true;
};
theme = {
fonts.enable = true;
wallpapers.enable = true;
};
};
coding = {
editors = {
neovim.enable = true;
zed.enable = true;
};
lsp.enable = true;
packages.enable = true;
languages = {
python.enable = true;
javascript.enable = true;
rustToolchain.enable = true;
go.enable = true;
typescript.enable = true;
};
};
profiles.gaming = {
steam.enable = true;
gamescope.enable = true;
};
profiles.media = {
obs.enable = true;
ffmpeg.enable = true;
kdenlive.enable = true;
ytDlp.enable = true;
};
}
else if hostname == "m3-daedalus"
then {
# Portable laptop — desktop without gaming, no Hyprland
base = {
shell = {
fish.enable = true;
nushell.enable = true;
starship.enable = true;
};
cliTools = {
fzf.enable = true;
nitch.enable = true;
television.enable = true;
};
secrets.enable = true;
};
desktop = {
wm = {
hyprland.enable = false;
wayland.enable = false;
};
apps = {
crypto.enable = false;
obsidian.enable = true;
office.enable = false;
};
theme = {
fonts.enable = true;
wallpapers.enable = false;
};
};
coding = {
editors = {
neovim.enable = true;
zed.enable = true;
};
lsp.enable = true;
packages.enable = true;
languages = {
python.enable = true;
javascript.enable = true;
rustToolchain.enable = true;
go.enable = true;
typescript.enable = true;
};
};
profiles.media = {
ytDlp.enable = true;
};
}
else if hostname == "m3-atlas"
then {
# Primary server — coding capable
base = {
shell = {
nushell.enable = true;
starship.enable = true;
};
cliTools = {
fzf.enable = true;
nitch.enable = true;
zellij.enable = true;
};
};
coding.editors.neovim.enable = true;
}
else {
# m3-helios, m3-hermes, m3-aether — minimal server
base = {
shell = {
fish.enable = true;
starship.enable = true;
};
cliTools = {
fzf.enable = true;
nitch.enable = true;
};
};
};
in {
# ── NixOS user definition ──
}: {
users.users.m3tam3re = {
#initialHashedPassword = "$y$j9T$IoChbWGYRh.rKfmm0G86X0$bYgsWqDRkvX.EBzJTX.Z0RsTlwspADpvEF3QErNyCMC";
password = "12345";
isNormalUser = true;
description = "m3tam3re";
@@ -229,25 +29,6 @@ in {
];
packages = [inputs.home-manager.packages.${pkgs.stdenv.hostPlatform.system}.default];
};
# ── Home-Manager configuration via m3ta-home ──
home-manager.users.m3tam3re = {
imports =
[
# Load m3ta-home composition engine
(m3ta-lib.mkHome {
user = "m3tam3re";
identity = "private";
inherit (profile) context sets;
})
# Per-host feature flags
hostFlags
]
# Per-host home.nix (Hyprland monitors, XDG/MIME, HW-specific overrides)
++ (
if hostHomeExists
then [hostHomeFile]
else []
);
};
home-manager.users.m3tam3re =
import ../../../home/m3tam3re/${config.networking.hostName}.nix;
}

71
hosts/m3-ares/home.nix
View File

@@ -1,71 +0,0 @@
# hosts/m3-ares/home.nix — Host-specific home-manager overrides.
# TUXEDO laptop: eDP-1 + HDMI-A-1 external monitor.
# Everything else (shell, editors, gaming, media, theme, etc.) comes from
# m3ta-home via the profile mapping in hosts/common/users/m3tam3re.nix.
{
config,
lib,
...
}:
with lib; {
config = mkMerge [
# ── XDG / MIME defaults ──
{
xdg = {
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
};
};
}
# ── Hyprland monitor layout ──
(mkIf config.desktop.wm.hyprland.enable {
wayland.windowManager.hyprland = {
enable = true;
settings = {
exec-once = ["tuxedo-backlight"];
monitor = [
"eDP-1,preferred,0x0,1.25"
"HDMI-A-1,1920x1080@120,2560x0,1"
];
workspace = [
"1, monitor:eDP-1, default:true"
"2, monitor:eDP-1"
"3, monitor:eDP-1"
"4, monitor:HDMI-A-1"
"5, monitor:HDMI-A-1,border:false,rounding:false"
"6, monitor:HDMI-A-1"
];
windowrule = [
"match:class dev.zed.Zed, workspace 1"
"match:class Msty, workspace 1"
"match:class ^(com.obsproject.Studio)$, workspace 2"
"match:class ^(brave-browser)$, workspace 4, opacity 1.0"
"match:class ^(vivaldi-stable)$, workspace 4, opacity 1.0"
"match:class ^steam_app_\\d+$, fullscreen on"
"match:class ^steam_app_\\d+$, workspace 5"
"match:class ^steam_app_\\d+$, idle_inhibit focus"
];
};
};
})
];
}

37
hosts/m3-daedalus/home.nix
View File

@@ -1,37 +0,0 @@
# hosts/m3-daedalus/home.nix — Host-specific home-manager overrides.
# Portable laptop: no Hyprland, no external monitors.
# Everything else (shell, editors, media, theme, etc.) comes from
# m3ta-home via the profile mapping in hosts/common/users/m3tam3re.nix.
{
config,
lib,
...
}:
with lib; {
config = {
# ── XDG / MIME defaults ──
xdg = {
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
};
};
};
}

4
hosts/m3-hermes/services/hermes-agent.nix
View File

@@ -4,8 +4,8 @@
inputs,
...
}: let
# Edge TTS: Seraphina — friendly, multilingual German female voice (free, no API key)
edgeVoice = "de-DE-SeraphinaMultilingualNeural";
# Edge TTS: Katja — warm, friendly German female voice (free, no API key)
edgeVoice = "de-DE-KatjaNeural";
# Extra Python packages from the container's writable venv layer.
# matrix-nio is installed via pip in /home/hermes/.venv but the hermes

69
hosts/m3-kratos/home.nix
View File

@@ -1,69 +0,0 @@
# hosts/m3-kratos/home.nix — Host-specific home-manager overrides.
# AMD desktop: dual 2560x1440@144 via DisplayPort.
# Everything else (shell, editors, gaming, media, theme, etc.) comes from
# m3ta-home via the profile mapping in hosts/common/users/m3tam3re.nix.
{
config,
lib,
...
}:
with lib; {
config = mkMerge [
# ── XDG / MIME defaults ──
{
xdg = {
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
};
};
}
# ── Hyprland monitor layout ──
(mkIf config.desktop.wm.hyprland.enable {
wayland.windowManager.hyprland = {
enable = true;
settings = {
monitor = [
"DP-1,2560x1440@144,0x0,1"
"DP-2,2560x1440@144,2560x0,1"
];
workspace = [
"1, monitor:DP-1, default:true"
"2, monitor:DP-1"
"3, monitor:DP-1"
"4, monitor:DP-2"
"5, monitor:DP-2"
"6, monitor:DP-2"
"7, monitor:DP-2"
];
windowrule = [
"match:class dev.zed.Zed, workspace 1"
"match:class Msty, workspace 1"
"match:class ^(com.obsproject.Studio)$, workspace 2"
"match:class ^(brave-browser)$, workspace 4, opacity 1.0"
"match:class ^(vivaldi-stable)$, workspace 4, opacity 1.0"
"match:class ^steam_app_\\d+$, idle_inhibit focus"
];
};
};
})
];
}