Opened Firewall, Added Dashboard-stuff

.github/workflows/build.yml

@@ -1,12 +1,23 @@
 on: [push, pull_request, workflow_dispatch]
 
 jobs:
-  flake-check:
-    runs-on: nixos
-    name: "Check Nix Flake"
+  build-HyperC:
+    runs-on: docker
+    container:
+      image: ghcr.io/lix-project/lix:latest
+    name: "Check NixOS Configuration"
     steps:
       - name: "Git Clone"
         run: git clone https://git.kb-one.de/kb01/aux-config .
 
-      - name: "Check Nix Flake"
-        run: nix flake check --extra-experimental-features 'nix-command flakes'
+      - name: "Nix Flake Update"
+        run: nix flake update --experimental-features 'nix-command flakes'
+
+      - name: "Check evaluation"
+        run: nix flake check --no-build --all-systems --experimental-features 'nix-command flakes'
+
+      - name: "Do linting"
+        run: nix run nixpkgs#statix -- check . --experimental-features 'nix-command flakes'
+
+      - name: "Check formatting"
+        run: nix fmt -- --fail-on-change --experimental-features 'nix-command flakes'

.sops.yaml

@@ -1,9 +1,10 @@
 keys:
-  - &server_kb-game-01 age165jt2q3uxp79k4jfsegnq7ul9j54l2rqsn87rq0qjkcv3y5krcmqsznyw7
-  - &client_LANA9Z age12v97unnfjmhm3ataxpl3mp89kxsr9hdqs4kmgsx8ys75m4ljey5qkf4t55
-  - &client_LoyAdjo age19tr9srawrft90s2a0cydqhuqt3f08aezmj82s43yhgzdte4fv4wstkchsz
+  - &kbwork_yerukall CEFAA4772EBDE0F5CFD1D1B3ED7E4FF32820BDE8
+  - &kbwork_yerukall2 age1lyv48cuxvnwp4ykugw57zjl728pn2tvss6486n9avgvw6uqj3ydqddkrmu
 creation_rules:
-  - path_regex: modules/nixos/services/minecraft/secrets.yaml$
+  - path_regex: systems/x86_64-linux/yerukall/secrets/secrets.yaml$
     key_groups:
-    - age:
-      - *server_kb-game-01
+    - pgp:
+      - *kbwork_yerukall
+      age:
+      - *kbwork_yerukall2

README.md

@@ -1,7 +1,7 @@
 # My NixOS Configurations
 
 ![Forgejo Issues](https://img.shields.io/gitea/issues/open/kb01/nix-config?gitea_url=https%3A%2F%2Fgit.kb-one.de)
-![Forgejo Last Commit](https://img.shields.io/gitea/last-commit/kb01/aux-config?gitea_url=https%3A%2F%2Fgit.kb-one.de)
+![Forgejo Release](https://img.shields.io/gitea/v/release/kb01/nix-config?gitea_url=https%3A%2F%2Fgit.kb-one.de)
 [![standard-readme compliant](https://img.shields.io/badge/readme%20style-standard-brightgreen.svg?style=flat-square)](https://github.com/RichardLitt/standard-readme)
 
 This repository contains my Flake based NixOS Configuration Files.
@@ -14,50 +14,90 @@ Clone this Repository somewhere you can edit it easily:
 git clone https://git.kb-one.de/kb01/aux-config ~/Project/aux-config
 ```
 
-Check if the Hostname of your System matches one of the [Systems](./systems/).
+Check if your Hostname matches one of the [Hosts](#hosts) in the config.
 ```bash
 hostname
 ```
 <details>
   <summary>Hostname does not Match (click to expand)</summary>
 
-  Install NixOS on the current System with forced Hostname.
+  Install NixOS on the current system with forced hostname.
 
   ```bash
   cd ~/Project/aux-config
-  sudo nixos-rebuild switch --flake .#LoyAdjo
+  sudo nixos-rebuild switch --flake .#voloxo
   ```
 
   > **Warning**
   > 
-  > This will change the Hostname of your System to LoyAdjo!
+  > This will change the Hostname of your System to voloxo!
 
 </details>
 
-Install NixOS System with current Hostname.
+Install NixOS for your current Hostname.
 ```bash
 cd ~/Project/aux-config
 sudo nixos-rebuild switch --flake .
 ```
 
-### Updating the Flake based NixOS installation
+### Updating the Flake Based NixOS Installation
 ```bash
 cd ~/Project/aux-config
 sudo nix flake --update   # This Updates the flake.lock
 sudo nixos-rebuild switch --flake .
 ```
 
-### Modify NixOS installation
+### Modify NixOS Installation
 1. Edit the config in ~/Project/aux-config `vim system/x86_64-linux/$HOST/default.nix`
 2. Stage the Changes if you created or deleted Files `git add .` (They will be ignored if you miss this step!)
 3. Build your System to apply the changes `sudo nixos-rebuild switch --flake .`
 4. Commit your Changes if satisfied `git commit -m "Added Software hello-world"`
 5. Then Push your Changes to the Remote, so that other systems can update `git push`
 
-## Used Work
+## Hosts
 
-[Server Icon](./assets/server-solid.svg) © [FontAwesome](https://fontawesome.com) under the [CC BY 4.0 License](https://creativecommons.org/licenses/by/4.0/) 
+### [HyperC](./systems/x86_64-linux/HyperC)
+Surface Pro 2017 Tablet
+
+User: [kb@HyperC](./homes/x86_64-linux/kb@HyperC)
+
+Cpu: Intel i5-7300U
+
+Ram: 8GB
+
+### [LoyAdjo](./systems/x86_64-linux/LoyAdjo)
+My Gaming Desktop
+
+User: [kb@LoyAdjo](./homes/x86_64-linux/kb@LoyAdjo)
+
+Cpu: AMD Ryzen 5 5600X
+
+Ram: 32GB
+
+Gpu: NVIDIA GeForce GTX 1070
+
+### [kb-games-01](./systems/x86_64-linux/kb-games-01)
+My KVM Server for Gameservers (wip)
+
+Cpu: AMD EPYC 7702P 64-Core (4 Cores)
+
+Ram: 16GB
+
+### [U3ncSovm](./systems/x86_64-linux/U3ncSovm)
+My NAS Server, currently under construction only as VM.
+
+Cpu: 3 Cores of Host
+
+Ram: 3GB of Host
+
+Build: `nixos-rebuild build-vm --flake .#U3ncSovm`
+
+Run VM:
+```bash
+export QEMU_NET_OPTS="hostfwd=tcp::443-:443"
+/nix/store/00your00hash00of00build999999999-nixos-vm/bin/run-U3ncSovm-vm
+```
 
 ## License
 
-[MIT © kB01](./LICENSE)
+[MIT © kB01](../LICENSE)

assets/server-solid.svg

@@ -1 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--!Font Awesome Free 6.7.2 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free Copyright 2025 Fonticons, Inc.--><path d="M64 32C28.7 32 0 60.7 0 96l0 64c0 35.3 28.7 64 64 64l384 0c35.3 0 64-28.7 64-64l0-64c0-35.3-28.7-64-64-64L64 32zm280 72a24 24 0 1 1 0 48 24 24 0 1 1 0-48zm48 24a24 24 0 1 1 48 0 24 24 0 1 1 -48 0zM64 288c-35.3 0-64 28.7-64 64l0 64c0 35.3 28.7 64 64 64l384 0c35.3 0 64-28.7 64-64l0-64c0-35.3-28.7-64-64-64L64 288zm280 72a24 24 0 1 1 0 48 24 24 0 1 1 0-48zm56 24a24 24 0 1 1 48 0 24 24 0 1 1 -48 0z"/></svg>

flake.lock

@@ -127,11 +127,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1739416022,
-        "narHash": "sha256-Af1CIT+XlXEb+Dk11sgPDzJoOUiada2Xoj5hA8TBvLY=",
+        "lastModified": 1732482255,
+        "narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "c9d343cfa0565671cc7e8d5aefebaf61cc840abd",
+        "rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
         "type": "github"
       },
       "original": {
@@ -184,11 +184,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1739411192,
-        "narHash": "sha256-cwzAM/v1x8JEi7TYggNm/tLLzDUhGtHDtuAGWY/QK9Y=",
+        "lastModified": 1732585961,
+        "narHash": "sha256-qZk3i/Kk3JL4roSeXlrD2rqjsowBVzoBkXHIzxBGyPs=",
         "owner": "Infinidoge",
         "repo": "nix-minecraft",
-        "rev": "da017303c7373b5d6371f496d628386f4662253b",
+        "rev": "eb1c9ac4398dcc55d644003548c64964c854fac1",
         "type": "github"
       },
       "original": {
@@ -197,49 +197,13 @@
         "type": "github"
       }
     },
-    "nixlib": {
-      "locked": {
-        "lastModified": 1736643958,
-        "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "type": "github"
-      }
-    },
-    "nixos-generators": {
-      "inputs": {
-        "nixlib": "nixlib",
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1737057290,
-        "narHash": "sha256-3Pe0yKlCc7EOeq1X/aJVDH0CtNL+tIBm49vpepwL1MQ=",
-        "owner": "nix-community",
-        "repo": "nixos-generators",
-        "rev": "d002ce9b6e7eb467cd1c6bb9aef9c35d191b5453",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixos-generators",
-        "type": "github"
-      }
-    },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1738816619,
-        "narHash": "sha256-5yRlg48XmpcX5b5HesdGMOte+YuCy9rzQkJz+imcu6I=",
+        "lastModified": 1732483221,
+        "narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "2eccff41bab80839b1d25b303b53d339fbb07087",
+        "rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405",
         "type": "github"
       },
       "original": {
@@ -251,11 +215,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1739214665,
-        "narHash": "sha256-26L8VAu3/1YRxS8MHgBOyOM8xALdo6N0I04PgorE7UM=",
+        "lastModified": 1732014248,
+        "narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "64e75cd44acf21c7933d61d7721e812eac1b5a0a",
+        "rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
         "type": "github"
       },
       "original": {
@@ -270,7 +234,6 @@
         "home-manager": "home-manager",
         "lix-module": "lix-module",
         "nix-minecraft": "nix-minecraft",
-        "nixos-generators": "nixos-generators",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs",
         "snowfall-lib": "snowfall-lib",
@@ -286,11 +249,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1736130495,
-        "narHash": "sha256-4i9nAJEZFv7vZMmrE0YG55I3Ggrtfo5/T07JEpEZ/RM=",
+        "lastModified": 1732544274,
+        "narHash": "sha256-qvzLIxuqukl0nxpXHEh5+iw1BLeLxYOwRC0+7cFUbPo=",
         "owner": "snowfallorg",
         "repo": "lib",
-        "rev": "02d941739f98a09e81f3d2d9b3ab08918958beac",
+        "rev": "cfeacd055545ab5de0ecfd41e09324dcd8fb2bbb",
         "type": "github"
       },
       "original": {
@@ -306,11 +269,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1739262228,
-        "narHash": "sha256-7JAGezJ0Dn5qIyA2+T4Dt/xQgAbhCglh6lzCekTVMeU=",
+        "lastModified": 1732575825,
+        "narHash": "sha256-xtt95+c7OUMoqZf4OvA/7AemiH3aVuWHQbErYQoPwFk=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "07af005bb7d60c7f118d9d9f5530485da5d1e975",
+        "rev": "3433ea14fbd9e6671d0ff0dd45ed15ee4c156ffa",
         "type": "github"
       },
       "original": {

flake.nix

@@ -12,77 +12,39 @@
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
     nix-minecraft.url = "github:Infinidoge/nix-minecraft";
     nix-minecraft.inputs.nixpkgs.follows = "nixpkgs";
-    nixos-generators.url = "github:nix-community/nixos-generators";
-    nixos-generators.inputs.nixpkgs.follows = "nixpkgs";
   };
 
   outputs = inputs: inputs.snowfall-lib.mkFlake {
     inherit inputs;
     src = ./.;
 
-    # Configure Nix
+    channels-config.allowUnfree = false;
+
     nix.gc = {
       automatic = true;
       options = "--delete-older-than 30d";
     };
     nix.optimise.automatic = true;
-    channels-config.allowUnfree = false;
-
-    # Configure Flake Utils Plus
-    supportedSystems = inputs.snowfall-lib.inputs.flake-utils-plus.lib.defaultSystems ++ ["i686-linux"];
-
-    # Configure Snowfall Lib
-    snowfall = {
-      meta.name = "kB01s System Configuration Flake";
-      meta.title = "kB01s System Configuration Flake";
-      namespace = "kb-one";
-    };
 
     # Modules for Host HyperC
     systems.hosts.HyperC.modules = with inputs; [
-      lix-module.nixosModules.default
     ];
 
     # Modules for Host voloxo
     systems.hosts.voloxo.modules = with inputs; [
-      lix-module.nixosModules.default
     ];
 
-    # Modules for Host kb-game-01
-    systems.hosts.kb-game-01.modules = with inputs; [
-      lix-module.nixosModules.default
-    ];
-
-    # Modules for Host LANA7Z
-    systems.hosts.LANA9Z.modules = with inputs; [
-      lix-module.nixosModules.default
-    ];
-
-    # Modules for Host LoyAdjo
-    systems.hosts.LoyAdjo.modules = with inputs; [
-      lix-module.nixosModules.default
-    ];
-
-    # Modules for Host Rubtrm
-    systems.hosts.Rubtrm.modules = with inputs; [
-      # lix-module.nixosModules.default
+    # Modules for Host kb-games-01
+    systems.hosts.kb-games-01.modules = with inputs; [
     ];
 
     # Modules that get imported to every NixOS system
     systems.modules.nixos = with inputs; [
-      sops-nix.nixosModules.sops
+      lix-module.nixosModules.default
     ];
 
     outputs-builder = channels: { formatter = channels.nixpkgs.nixfmt-rfc-style; };
 
   };
-
-  # outputs = { self, nixpkgs, ... }@inputs: {
-  #   nixosConfigurations."Rubtrm" = nixpkgs.lib.nixosSystem {
-  #     system = "i686-linux";
-  #     modules = [ ./systems/i686-linux/Rubtrm/default.nix ];
-  #   };
-  # };
-
 }
 

homes/aarch64-linux/master@kb-senfnvp/default.nix

@@ -1,22 +0,0 @@
-{ config, pkgs, lib, inputs, ... }:
-{
-  home.username = "master";
-  home.homeDirectory = "/home/master";
-  home.packages = with pkgs; [
-   fastfetch
-   btop
-   sops
-  ];
-
-  # SSH Configuration
-  programs.ssh.enable = true;
-  programs.ssh.matchBlocks."kb01@kb-one-git" = {
-    host = "git.kb-one.de";
-    user = "git";
-    identityFile = "/home/master/.ssh/kb01@kb-one-git";
-    port = 9522;
-  };
-
-  home.stateVersion = "24.05"; # NEVER CHANGE!!!
-}
-

homes/x86_64-linux/kb@HyperC/default.nix

@@ -28,6 +28,7 @@ in {
     libreoffice-qt
     logseq
     xournalpp
+    xournal
     rnote
     # Security
     gnupg
@@ -66,7 +67,6 @@ in {
     # Development
     vscodium
     scrcpy
-    android-tools
     # Experiments
     # Gaming
     prismlauncher

homes/x86_64-linux/kb@LANA9Z/default.nix

@@ -1,152 +0,0 @@
-{ config, pkgs, lib, inputs, ... }:
-let
-  # Firefox Profile Setting States
-  lock-false = {
-    Value = false;
-    Status = "locked";
-  };
-  lock-true = {
-    Value = true;
-    Status = "locked";
-  };
-  lock-empty-string = {
-    Value = "";
-    Status = "locked";
-  };
-in {
-  home.username = "kb";
-  home.homeDirectory = "/home/kb";
-  home.packages = with pkgs; [
-    # System
-    kdePackages.kate
-    kdePackages.kcalc
-    kdePackages.filelight
-    # Office
-    thunderbird
-    libreoffice
-    logseq
-    kmymoney
-    brave
-    # Security
-    gnupg
-    keepassxc
-    pass-wayland
-    veracrypt
-    protonvpn-gui
-    # Media
-    freetube
-    inkscape
-    blender
-    obs-studio
-    cheese
-    gimp
-    vlc
-    kid3
-    calibre
-    tidal-hifi
-    transmission_4-qt
-    # Messengers
-    element-desktop # Matrix Client
-    signal-desktop
-    deltachat-desktop
-    webcord
-    # Customization
-    firefoxpwa
-    # Development
-    vscodium
-    # Gaming
-    mangohud
-    prismlauncher
-    # Terminal Tools
-    mosh # Fast SSH
-    btop # Task Mgr
-    fastfetch # System Info
-    yazi # File Management 
-    taskwarrior3 # Task Manager
-    zk # Notetaking
-    helix # IDE
-    parted
-    nerd-fonts.shure-tech-mono
-  ];
-
-  services.syncthing.enable = true;
-  services.syncthing.extraOptions = [
-    "--config=/home/kb/.config/syncthing"
-    "--data=/home/kb/sync"
-  ];
-  services.safeeyes.enable = true;
-
-  services.gpg-agent.enable = true;
-
-  services.kdeconnect.enable = true;
-  services.kdeconnect.indicator = true;
-
-  programs.firefox = {
-    enable = true;
-    nativeMessagingHosts = [ pkgs.firefoxpwa ];
-    policies = {
-      DisableTelemetry = true;
-      DisableFirefoxStudies = true;
-      DisablePocket = true;
-      DisableFirefoxAccounts = true;
-      AutofillAddressEnabled = false;
-      AutofillCreditCardEnabled = false;
-      OfferToSaveLogins = false;
-      FirefoxHome.TopSites = false;
-      FirefoxHome.SponsoredTopSites = false;
-      Preferences = {
-        "browser.newtabpage.pinned" = lock-empty-string;
-        "browser.topsites.contile.enabled" = lock-false;
-      };
-      DontCheckDefaultBrowser = true;
-      DisableProfileImport = true;
-      SearchBar = "unified";
-      SearchEngines.Add = [ # Only Available in ESR Releases https://mozilla.github.io/policy-templates/#searchengines--add
-        {
-          Name = "Brave";
-          URLTemplate = "https://search.brave.com/search?q={SearchTerms}";
-          Alias = "br";
-        }
-      ];
-      ExtensionSettings = { # See https://mozilla.github.io/policy-templates/#extensionsettings
-        "extension@tabliss.io" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/3940751/tabliss-2.6.0.xpi";
-          installation_mode = "normal_installed";
-        };
-        "idcac-pub@guus.ninja" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4216095/istilldontcareaboutcookies-1.1.4.xpi";
-          installation_mode = "normal_installed";
-        };
-        "uBlock0@raymondhill.net" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4391011/ublock_origin-1.61.2.xpi";
-          installation_mode = "normal_installed";
-        };
-        "keepassxc-browser@keepassxc.org" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4395146/keepassxc_browser-1.9.5.xpi";
-          installation_mode = "normal_installed";
-        };
-        "offline-qr-code@rugk.github.io" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4349427/offline_qr_code_generator-1.9.xpi";
-          installation_mode = "normal_installed";
-        };
-        "addon@darkreader.org" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4405074/darkreader-4.9.99.xpi";
-          installation_mode = "normal_installed";
-        };
-        "firefoxpwa@filips.si" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4383345/pwas_for_firefox-2.13.1.xpi";
-          installation_mode = "normal_installed";
-        };
-      };
-      Bookmarks = [
-        {
-          Title = "Syncthing";
-          URL = "localhost:8384";
-          Placement = "toolbar";
-        }
-      ];
-    };
-  };
-
-  home.stateVersion = "24.05";
-}

homes/x86_64-linux/kb@LoyAdjo/default.nix

@@ -48,6 +48,7 @@ in {
     signal-desktop
     webcord
     # Customization
+    nerdfonts
     razergenie
     firefoxpwa
     # Development
@@ -60,8 +61,6 @@ in {
     mangohud
     prismlauncher
     # Terminal Tools
-    tmux
-    mosh
     btop
     fastfetch
   ];
@@ -71,7 +70,6 @@ in {
     "--config=/home/kb/.config/syncthing"
     "--data=/home/kb/sync"
   ];
-  services.safeeyes.enable = true;
 
   services.gpg-agent.enable = true;
 

homes/x86_64-linux/kb@Ohybke/default.nix

@@ -1,190 +0,0 @@
-{ config, pkgs, lib, inputs, ... }:
-let
-  # Firefox Profile Setting States
-  lock-false = {
-    Value = false;
-    Status = "locked";
-  };
-  lock-true = {
-    Value = true;
-    Status = "locked";
-  };
-  lock-empty-string = {
-    Value = "";
-    Status = "locked";
-  };
-in {
-  home.username = "kb";
-  home.homeDirectory = "/home/kb";
-  home.packages = with pkgs; [
-    # System
-    kate
-    kdePackages.kcalc
-    # Office
-    thunderbird
-    libreoffice-qt6-fresh
-    logseq
-    # Security
-    gnupg
-    keepassxc
-    pass-wayland
-    veracrypt
-    protonvpn-gui
-    # Media
-    freetube
-    inkscape
-    blender
-    obs-studio
-    cheese
-    gimp
-    vlc
-    kid3
-    #calibre
-    spotify-player
-    tidal-hifi
-    # Messengers
-    element-desktop # Matrix Client
-    telegram-desktop
-    signal-desktop
-    webcord
-    # Customization
-    razergenie
-    firefoxpwa
-    # Development
-    vscodium
-    scrcpy
-    # Experiments
-    yazi # Terminal File-Manager
-    # Gaming
-    ryujinx # Experimental Nitendo Switch Emulator
-    mangohud
-    prismlauncher
-    # Terminal Tools
-    mosh
-    btop
-    fastfetch
-  ];
-
-  services.syncthing.enable = true;
-  services.syncthing.extraOptions = [
-    "--config=/home/kb/.config/syncthing"
-    "--data=/home/kb/sync"
-  ];
-
-  services.kdeconnect.enable = true;
-  services.safeeyes.enable = true;
-
-  services.gpg-agent.enable = true;
-
-  # SSH Configuration
-  services.ssh-agent.enable = true;
-  programs.ssh.enable = true;
-  programs.ssh.matchBlocks."kb01@kb-one-git" = {
-    host = "git.kb-one.de";
-    user = "git";
-    identityFile = "/home/kb/.ssh/kb01@kb-one-git";
-    port = 9522;
-  };
-  programs.ssh.matchBlocks."kb01@0x90-git" = {
-    host = "git.0x90.space";
-    user = "git";
-    identityFile = "/home/kb/.ssh/kb01@0x90-git";
-  };
-  programs.ssh.matchBlocks."master@kb-game-01" = {
-    host = "kb-game-01";
-    hostname = "game01.kb-one.de";
-    user = "master";
-    identityFile = "/home/kb/.ssh/master@kb-game-01";
-    port = 3422;
-  };
-  programs.ssh.matchBlocks."master@kb-web-01" = {
-    host = "kb-web-01";
-    hostname = "kb-one.de";
-    user = "master";
-    identityFile = "/home/kb/.ssh/master@kb-web-01";
-    port = 2222;
-  };
-  programs.ssh.matchBlocks."root@kb-senfnvp-remoteunlock" = {
-    host = "kb-senfnvp-remoteunlock";
-    hostname = "senfnvp.kb-one.de";
-    user = "root";
-    identityFile = "/home/kb/.ssh/root@kb-senfnvp-remoteunlock";
-    port = 7299;
-  };
-  programs.ssh.matchBlocks."master@kb-senfnvp" = {
-    host = "kb-senfnvp";
-    hostname = "senfnvp.kb-one.de";
-    user = "master";
-    identityFile = "/home/kb/.ssh/master@kb-senfnvp";
-    port = 9553;
-  };
-
-  programs.firefox = {
-    enable = true;
-    nativeMessagingHosts = [ pkgs.firefoxpwa ];
-    policies = {
-      DisableTelemetry = true;
-      DisableFirefoxStudies = true;
-      DisablePocket = true;
-      DisableFirefoxAccounts = true;
-      AutofillAddressEnabled = false;
-      AutofillCreditCardEnabled = false;
-      OfferToSaveLogins = false;
-      FirefoxHome.TopSites = false;
-      FirefoxHome.SponsoredTopSites = false;
-      Preferences = {
-        "browser.newtabpage.pinned" = lock-empty-string;
-        "browser.topsites.contile.enabled" = lock-false;
-      };
-      DontCheckDefaultBrowser = true;
-      DisableProfileImport = true;
-      SearchBar = "unified";
-      SearchEngines.Add = [ # Only Available in ESR Releases https://mozilla.github.io/policy-templates/#searchengines--add
-        {
-          Name = "Brave";
-          URLTemplate = "https://search.brave.com/search?q={SearchTerms}";
-          Alias = "br";
-        }
-      ];
-      ExtensionSettings = { # See https://mozilla.github.io/policy-templates/#extensionsettings
-        "extension@tabliss.io" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/3940751/tabliss-2.6.0.xpi";
-          installation_mode = "normal_installed";
-        };
-        "gdpr@cavi.au.dk" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4362793/consent_o_matic-1.1.3.xpi";
-          installation_mode = "normal_installed";
-        };
-        "uBlock0@raymondhill.net" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4382536/ublock_origin-1.61.0.xpi";
-          installation_mode = "normal_installed";
-        };
-        "keepassxc-browser@keepassxc.org" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4376326/keepassxc_browser-1.9.4.xpi";
-          installation_mode = "normal_installed";
-        };
-        "offline-qr-code@rugk.github.io" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4349427/offline_qr_code_generator-1.9.xpi";
-          installation_mode = "normal_installed";
-        };
-        "addon@darkreader.org" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4378073/darkreader-4.9.96.xpi";
-          installation_mode = "normal_installed";
-        };
-        "firefoxpwa@filips.si" = {
-          install_url = "https://addons.mozilla.org/firefox/downloads/file/4383345/pwas_for_firefox-2.13.1.xpi";
-          installation_mode = "normal_installed";
-        };
-      };
-      Bookmarks = [
-        {
-          Title = "Syncthing";
-          URL = "localhost:8384";
-          Placement = "toolbar";
-        }
-      ];
-    };
-  };
-
-  home.stateVersion = "24.05";
-}

modules/nixos/hardware/bosto-touchpad/default.nix

@@ -1,43 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  system,
-  ...
-}:
-let
-  cfg = config.hardware.bosto-touchpad;
-in
-{
-  options.hardware.bosto-touchpad.enable = lib.mkOption {
-    type = with lib.types; uniq bool;
-    default = false;
-    description = "Enable Bosto Touchpad Support";
-  };
-
-  config = lib.mkIf (cfg.enable) {
-
-    # boot.kernelModules = [ "hid-magicmouse" ];
-
-    # Add Driver Options to extra ModprobeConfig, to support reloading hid-magicmouse
-    boot.extraModprobeConfig = ''
-      options hid-magicmouse emulate_scroll_wheel=Y emulate_3button=Y middle_click_3finger=Y scroll_acceleration=Y scroll_speed=10
-    '';
-
-    # Service to load Driver with options
-    systemd.services."bostoService" = {
-      description = "Bosto Touchpad Service";
-      path = [ pkgs.kmod ];
-      serviceConfig = {
-        Type = "oneshot";
-        ExecStart = ''
-          ${pkgs.kmod.out}/bin/modprobe -r hid-magicmouse
-          ${pkgs.kmod.out}/bin/modprobe hid-magicmouse emulate_scroll_wheel=Y emulate_3button=Y middle_click_3finger=Y scroll_acceleration=Y scroll_speed=10
-        '';
-      };
-      wantedBy = [ "multi-user.target" ];
-    };
-  };
-}
-

modules/nixos/hardware/t2-mac-WirelessReload/default.nix

@@ -1,38 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  system,
-  ...
-}:
-let
-  cfg = config.hardware.t2-mac-WirelessReload;
-in
-{
-  options.hardware.t2-mac-WirelessReload.enable = lib.mkOption {
-    type = with lib.types; uniq bool;
-    default = false;
-    description = "Reloads the Wireless Drivers";
-  };
-
-  config = lib.mkIf (cfg.enable) {
-    # Service to load Driver with options
-    systemd.services."t2-mac-WirelessReload" = {
-      description = "Reloads Wireless Drivers for Mac";
-      path = [ pkgs.kmod ];
-      serviceConfig = {
-        Type = "oneshot";
-        ExecStart = ''
-	  ${pkgs.kmod.out}/bin/modprobe -r brcmfmac_wcc || true
-	  ${pkgs.kmod.out}/bin/modprobe -r brcmfmac || true
-	  ${pkgs.kmod.out}/bin/modprobe brcmfmac || true
-	  ${pkgs.kmod.out}/bin/modprobe -r hci_bcm4377 || true
-	  ${pkgs.kmod.out}/bin/modprobe hci_bcm4377 || true
-        '';
-      };
-      wantedBy = [ "multi-user.target" ];
-    };
-  };
-}
-

modules/nixos/services/binary-cache/default.nix

@@ -1,35 +0,0 @@
-{ inputs, config, lib, pkgs, ... }:
-let
-  cfg = config.services.binary-cache;
-in
-{
-  imports = [
-  ];
-
-  options.services.binary-cache = {
-    enable = lib.mkOption {
-      type = with lib.types; uniq bool;
-      default = false;
-      description = "Enable Preconfigured Binary-Cache";
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    services.nix-serve = {
-      enable = true;
-      secretKeyFile = "/var/secrets/cache-game01-private-key.pem";
-    };
-
-    # Configure Reverse-Proxy
-    services.traefik.dynamicConfigOptions = {
-      http.services.nix-cache.loadBalancer.servers = [ { url = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}/"; } ];
-      http.routers.nix-cache.entrypoints = "websecure";
-      # http.routers.nix-cache.tls = true;
-      http.routers.nix-cache.tls.certresolver = "letsencrypt";
-      http.routers.nix-cache.rule = "Host(`cache.game01.kb-one.de`)";
-      http.routers.nix-cache.service = "nix-cache";
-    };
-
-  };
-}
-

modules/nixos/services/forgejo-runner/default.nix

@@ -1,87 +0,0 @@
-{ inputs, config, lib, pkgs, ... }:
-let
-  cfg = config.services.forgejo-runner;
-in
-{
-  options.services.forgejo-runner = {
-    enable = lib.mkOption {
-      type = with lib.types; uniq bool;
-      default = false;
-      description = "Enable Forgejo Runners";
-    };
-  };
-  config = lib.mkIf (cfg.enable) {
-    # services.gitea-actions-runner.package = pkgs.forgejo-runner;
-    # services.gitea-actions-runner.instances."kb-one-runner@games-01" = {
-    #   enable = true;
-    #   name = "kb-one-runner@games-01";
-    #   url = "https://git.kb-one.de/";
-    #   tokenFile = "/opt/secrets/kb-one-runner@games-01_token";
-    #   labels = [
-    #     # provide a debian base with nodejs for actions
-    #     "debian-latest:docker://node:18-bullseye"
-    #     # fake the ubuntu name, because node provides no ubuntu builds
-    #     "ubuntu-latest:docker://node:18-bullseye"
-    #     # provide native execution on the host
-    #     "native:host"
-    #   ];
-    #   hostPackages = with pkgs; [
-    #     bash
-    #     coreutils
-    #     curl
-    #     gawk
-    #     gitMinimal
-    #     gnused
-    #     nodejs
-    #     wget
-    #     nix
-    #   ];
-    # };
-
-    # systemd.services.forgejo-runner = {
-    #   wantedBy = [ "multi-user.target" ];
-    #   after = [ "docker.service" ];
-    #   description = "";
-    #   serviceConfig = {
-    #     Type = "notify";
-    #     User = "runner";
-    #     WorkingDirectory = "/home/runner";
-    #     ExecStart = ''${pkgs.forgejo-runner}/bin/forgejo-runner deamon''; 
-    #     ExecStop = ''/bin/kill -s HUP $MAINPID'';
-    #     Restart = "on-failure";
-    #     TimeoutSec = 0;
-    #     RestartSec = 10;
-    #   };
-    # };
-
-    # users.users.runner = {
-    #   isNormalUser = true;
-    # };
-
-    # environment.systemPackages = [ pkgs.forgejo-runner ];
-
-    # virtualisation.podman.enable = true;
-    # virtualisation.podman.defaultNetwork.settings.dns_enabled = true;
-    # virtualisation.podman.dockerCompat = true;
-
-    virtualisation.docker.enable = true;
-    virtualisation.oci-containers.backend = "docker";
-
-    virtualisation.oci-containers.containers."docker-in-docker" = {
-      image = "docker:dind";
-      hostname = "docker";
-      extraOptions = [ "--privileged" "--network=kb-forgejo-runner" ];
-      cmd = [ "dockerd" "-H" "tcp://docker:42349" "--tls=false" ];
-    };
-    virtualisation.oci-containers.containers."forgejo-runner" = {
-      image = "code.forgejo.org/forgejo/runner:4.0.0";
-      hostname = "forgejo-runner";
-      extraOptions = [ "--network=kb-forgejo-runner" ];
-      environment.DOCKER_HOST = "tcp://docker:42349";
-      user = "1001:1001";
-      volumes = [ "forgejo-runner-data:/data" ];
-      cmd = [ "/bin/sh" "-c" "sleep 5; forgejo-runner daemon" ];
-    };
-  };
-}
-

modules/nixos/services/minecraft/README.md

@@ -1,10 +0,0 @@
-# Minecraft Server Configuration
-
-Details about the Minecraft Module.
-
-## Installation
-
-1. Rebuild switch configuration
-2. Create Database Structure 
-  1. New Database `sudo mysql -u root < /run/secrets/rendered/minecraft/database/database-init.sql`
-  2. Restore Backup `sudo mysql -u root < path/to/backup.sql`

modules/nixos/services/minecraft/database.nix

@@ -1,27 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  system,
-  ...
-}:
-let
-  cfg = config.services.minecraft;
-in
-{
-  config = lib.mkIf (cfg.enable && (cfg.servers.velocity.enable || cfg.servers.survival.enable)) {
-    services.mysql = {
-      package = pkgs.mariadb;
-      enable = true;
-      settings.mysqld.port = 3459;
-    };
-    sops.secrets."minecraft/database/luckperms_password" = { sopsFile = ./secrets.yaml; };
-    sops.templates."minecraft/database/database-init.sql".content = ''
-      CREATE DATABASE 'luckperms';
-      CREATE USER 'luckperms'@'localhost';
-      GRANT ALL PRIVILEGES ON luckperms.* TO 'luckperms'@'localhost' IDENTIFIED BY '${config.sops.placeholder."minecraft/database/luckperms_password"}';
-    '';
-    # services.mysqlBackup.databases = [ "luckperms" ]; # Add Luckperms Database to Backups
-  };
-}

modules/nixos/services/minecraft/default.nix

@@ -8,14 +8,13 @@ in
     ./vanilla-test.nix
     ./survival.nix
     ./velocity.nix
-    ./database.nix
   ];
 
   options.services.minecraft = {
     enable = lib.mkOption {
       type = with lib.types; uniq bool;
       default = false;
-      description = "Enable kBs Minecraft Servers";
+      description = "Enable minecraft server";
     };
     servers.vanilla.enable = lib.mkOption {
       type = with lib.types; uniq bool;
@@ -35,15 +34,10 @@ in
   };
 
   config = lib.mkIf cfg.enable {
-    nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
-      "minecraft-server"
-    ];
     services.minecraft-servers = {
       enable = true;
       eula = true;
     };
-
-    
   };
 }
 

modules/nixos/services/minecraft/secrets.yaml

@@ -1,23 +0,0 @@
-minecraft:
-    database:
-        luckperms_password: ENC[AES256_GCM,data:Gnt/SilH7q4t1NzCeaqCc6nxso9cWt7b/KXCxzrDdR1LAnmex3QL5Q==,iv:PrTkXcMPPyfJkAKxSKUkaPbYcH+9n6W7MPcTR5e4L8g=,tag:sxDdUHyN+fCIi4g0K+oQIw==,type:str]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age:
-        - recipient: age165jt2q3uxp79k4jfsegnq7ul9j54l2rqsn87rq0qjkcv3y5krcmqsznyw7
-          enc: |
-            -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBScTUyNFBNdHFwd1pudWNK
-            Y2F2aXFLYmh4RURJLy9mMisxMU96VGRiU2hjCjdSZmxLRFF6OVpFNy9iQ0NLdytl
-            UHdSaUVtMnlWQ3d1ZnluNXVHOWdoalkKLS0tIDBxVGdaZWhTclJWZ3FwZHRHSTN1
-            RDhlN1JjWW1XZERLWExRSTlDN3ZjZkEKMiQaUezdBcWOH82Sk451PdB54SzYwcXY
-            YkjGp+bB7rIz07no68Xl4qmO+/iHKSFlPvG4jR/j4ZaNYiU9aeldLA==
-            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-01-17T14:22:01Z"
-    mac: ENC[AES256_GCM,data:BlLD3wEezCCA9t1X4xmy9lfT3ztsR3dknio78Si9v3UJmpJSOpwJ/VhU5RRbMzL1EyOrU1abEr6em83s6LRq87fwso1j6asOavELT5WOfl6f5CU2iK8nQGWZCFeR+09d9hVI+AAH9farpgTDd5sHfUFPCKEaGwuTenpeF4Tonak=,iv:JYoHMIPkT+Dv3GZlp1wt7wlU7IYL6erd/u0cuclB0Ow=,tag:XD8pd/GCrdLRvdEFBgowJA==,type:str]
-    pgp: []
-    unencrypted_suffix: _unencrypted
-    version: 3.9.2

modules/nixos/services/minecraft/survival.nix

@@ -11,37 +11,27 @@ let
 in
 {
   config = lib.mkIf (cfg.enable && cfg.servers.survival.enable) {
+    nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+      "minecraft-server"
+    ];
+
     services.minecraft-servers.servers."survival" = {
       enable = true;
       autoStart = true;
       enableReload = true;
-      package = pkgs.paperServers.paper-1_21_4;
+      package = pkgs.paperServers.paper-1_21_3-build_25;
+      whitelist = {
+        kB01guy = "1ff88b66-beda-4386-85b9-a00a5c27437a";
+      };
       serverProperties = {
-        online-mode = false;
-        server-ip = "127.0.0.1";
-        server-port = 49333;
         difficulty = 3;
         gamemode = 1;
         max-players = 5;
       };
       openFirewall = false; # Should use Velocity Player Proxy
-
-      # Add Plugins
+      serverProperties.server-port = 41000;
       symlinks = {
-        "plugins/LuckPerms.jar" = pkgs.fetchurl {
-          url = "https://download.luckperms.net/1567/bukkit/loader/LuckPerms-Bukkit-5.4.150.jar"; 
-          sha512 = "39cr9nd68afrrvn80kvdgaml37xkj3mzhv50y3app5j1199hg12kls29r49x06p9rxm6dk7i0j8aww2hw4ahm18andb69a5kp97vf94"; 
-        };
-      };
-
-      # Configure Velocity Modern forwarding https://docs.papermc.io/velocity/player-information-forwarding#configuring-modern-forwarding-for-paper
-      files."spigot.yml".value = {
-        settings.bungeecord = false;
-      };
-      files."config/paper-global.yml".value = {
-        proxies.velocity.enabled = true;
-        proxies.velocity.online-mode = "online-mode";
-        forwarding.secret = ""; # TODO: Add Forewarding Secret using Sops
+        "plugins/LuckPerms.jar" = pkgs.fetchurl { url = "https://download.luckperms.net/1561/bukkit/loader/LuckPerms-Bukkit-5.4.146.jar"; sha512 = "3yx163xas6g30crj41ad8j9gh55ygfh7vbaq12hlm4rxf1npnxh95rhn2nx0qcjd4nl1rz8f8pbvmlh6ka32ahvn6x9rxsc8g6v24jz"; };
       };
     };
   };

modules/nixos/services/minecraft/velocity.nix

@@ -11,62 +11,19 @@ let
 in
 {
   config = lib.mkIf (cfg.enable && cfg.servers.velocity.enable) {
+    nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+      "minecraft-server"
+    ];
 
-    # Configure Server 
     services.minecraft-servers.servers."velocity" = {
       enable = true;
       autoStart = true;
       enableReload = true;
-      stopCommand = "end";
       package = pkgs.velocityServers.velocity;
+      openFirewall = true;
       symlinks = {
-        "plugins/LuckPerms.jar" = pkgs.fetchurl { 
-          url = "https://download.luckperms.net/1567/velocity/LuckPerms-Velocity-5.4.150.jar"; 
-          sha512 = "3dr69g2fbav3if44nmifgz7hn86gdf62hcks92kkvwxf4xa3z7x615j426kgljyhgy84hf75wzpai258mg7dj9x17vpkn634kkzwmw6";
+        "plugins/LuckPerms.jar" = pkgs.fetchurl { url = "https://download.luckperms.net/1561/velocity/LuckPerms-Velocity-5.4.146.jar"; sha512 = "1xk7fwb5z3bz0x3hpmnyg7cldzrf9anpp4aavq5s69lz2idzxvkjn9b5iv2yy22p17k26lqwfn8n9ivi59srz2hvgdb1jibqg5d5hj5"; };
       };
-        "plugins/Geyser-Velocity.jar" = pkgs.fetchurl {
-          url = "https://download.geysermc.org/v2/projects/geyser/versions/2.6.0/builds/730/downloads/velocity";
-          sha512 = "3shnm8q8vq8j44xxg4qwqwalw6ml9nkzfrzvv8pkblkjp25nfk3h14b4y9vdim1sa2a18mkf8hmhb16g1mka2rh7l0z0yg4kh3lj2i0";
-        };
-        "plugins/floodgate-velocity.jar" = pkgs.fetchurl {
-          url = "https://download.geysermc.org/v2/projects/floodgate/versions/2.2.3/builds/114/downloads/velocity";
-          sha512 = "1k7qban3gar0fxxi5kp5i8d72k6ck65cvsfbg4nh8bz40jwqn35fx9gj3zbb06x5l8sg6qxl7w2nsn3jan4hjq7m5lwf2c1l1mjaw81";
-        };
-        "plugins/LibreLogin.jar" = pkgs.fetchurl {
-          url = "https://modrinth.com/plugin/libre-login/version/0.23.0";
-          sha512 = "1wrnp82vv47hhvjp1lxdndmngndykshi7iindnpg61j0v7i8bdgr9rk5qvanvw95gcj59cnhxdmjynq8fm127n4gv53acdidlxz39sd";
-        };
-      };
-      files = {
-        "velocity.toml".value = {
-          config-version = "2.7"; # NEVER change this!
-          bind = "0.0.0.0:25565";
-          online-mode = false;
-          player-info-forwarding-mode = "modern";
-          enable-player-address-logging = false;
-          # servers.lobby = "";
-          servers.survival = "127.0.0.1:${toString config.services.minecraft-servers.servers."survival".serverProperties.server-port}";
-          servers.lobby = "127.0.0.1:123";
-          servers.try = [
-            #"lobby"
-            "survival"
-          ];
-          forced-hosts."lobby.example.com" = [ "lobby" ];
-          advanced.tcp-fast-open = true;
-        };
-      };
-    };
-    networking.firewall.allowedTCPPorts = [ 25565 ];
-
-    # Configure Plugin Luckperms
-    sops.templates."minecraft/velocity/plugin/luckperms/config.yml".path = "/srv/minecraft/velocity/plugins/luckperms/config.yml";
-    sops.templates."minecraft/velocity/plugin/luckperms/config.yml".owner = config.services.minecraft-servers.user;
-    sops.templates."minecraft/velocity/plugin/luckperms/config.yml".content = lib.generators.toYAML { } { # Unfortunately currently lib.generators.toYAML generates JSON, and the File will not be Human readable
-      storage-method = "mariadb";
-      data.address = "localhost:${toString config.services.mysql.settings.mysqld.port}";
-      data.database = "luckperms";
-      data.username = "luckperms";
-      data.password = ''${config.sops.placeholder."minecraft/database/luckperms_password"}''; # Secret created in ./database.nix
     };
   };
 }

modules/nixos/services/nas/audiobookshelf.nix

@@ -0,0 +1,29 @@
+{
+  inputs,
+  config,
+  lib,
+  pkgs,
+  system,
+  ...
+}:
+let
+  cfg = config.services.nas;
+in
+{
+  config = lib.mkIf (cfg.enable && cfg.servers.audiobookshelf.enable) {
+
+    services.audiobookshelf = {
+      enable = true;
+      port = 63001;
+    };
+
+    services.traefik.dynamicConfigOptions = {
+      http.routers.audiobookshelf.entrypoints = "websecure";
+      http.routers.audiobookshelf.tls = true;
+      http.routers.audiobookshelf.rule = "Host(`audiobookshelf.localhost`)";
+      http.routers.audiobookshelf.service = "audiobookshelf";
+      services.audiobookshelf.loadBalancer.servers = [ { url = "http://localhost:63001/"; } ];
+    };
+  };
+}
+

modules/nixos/services/nas/default.nix

@@ -0,0 +1,29 @@
+{ inputs, config, lib, pkgs, ... }:
+let
+  cfg = config.services.nas;
+in
+{
+  imports = [
+    ./traefik-proxy.nix
+    ./audiobookshelf.nix
+  ];
+
+  options.services.nas = {
+    enable = lib.mkOption {
+      type = with lib.types; uniq bool;
+      default = false;
+      description = "Enable NAS Server Configuration";
+    };
+    useTraefik.enable = lib.mkOption {
+      type = with lib.types; uniq bool;
+      default = true;
+      description = "Enables Traefik Reverese Proxy";
+    };
+    servers.audiobookshelf.enable = lib.mkOption {
+      type = with lib.types; uniq bool;
+      default = false;
+      description = "Audiobookshelf Server";
+    };
+  };
+}
+

modules/nixos/services/nas/traefik-proxy.nix

@@ -0,0 +1,37 @@
+{
+  inputs,
+  config,
+  lib,
+  pkgs,
+  system,
+  ...
+}:
+let
+  cfg = config.services.nas;
+in
+{
+  config = lib.mkIf (cfg.enable && cfg.useTraefik.enable) {
+    # Default Config
+    services.traefik = {
+      enable = true;
+      staticConfigOptions = {
+        entryPoints.web.address = ":80";
+        entryPoints.websecure.address = ":443";
+      };
+    };
+    networking.firewall.interfaces.eth0.allowedTCPPorts = [ 80 443 ];
+
+    # Enable Secure Dashboard
+    services.traefik.staticConfigOptions.api = {};
+    services.traefik.dynamicConfigOptions = {
+      http.routers.dashboard.entrypoints = "websecure";
+      http.routers.dashboard.tls = true;
+      http.routers.dashboard.rule = "Host(`traefik.localhost`) && (PathPrefix(`/api`) || PathPrefix(`/dashboard`))";
+      http.routers.dashboard.service = "api@internal";
+      http.routers.dashboard.middlewares = "auth";
+      http.middlewares.auth.basicauth.users = "master:\$\$2y\$\$05\$\$JwzsNHz7CMJh0RU1eMe3AOfY5H30Qr1Q/glS1r/qEHCNpo5LvWnRW";
+    };
+
+  };
+}
+

modules/nixos/services/numen/default.nix

@@ -1,105 +0,0 @@
-{ config, lib, pkgs, ... }:
-# Source: https://github.com/Lykos153/numen-nix
-with lib;
-
-let
-  cfg = config.services.numen;
-in
-{
-  options.services.numen = {
-    enable = mkOption {
-      type = types.bool;
-      default = false;
-      description = ''
-        Enables Numen Voice Control. Only available to Users in Group "input".
-      '';
-    };
-
-    numenPkg = mkOption {
-      type = types.package;
-      default = pkgs.kb-one.numen;
-    };
-
-    modelPkg = mkOption {
-      type = types.package;
-      default = pkgs.kb-one.vosk-model-small-en-us;
-      description = ''
-        Vosk model to be loaded by numen. Overrides modelPkg!
-      '';
-    };
-
-    # models = mkOption {
-    #   type = types.uniq types.listOf types.package;
-    #   default = [vosk-model-small-en-us];
-    #   example = "[vosk-model-small-en-us]";
-    #   description = ''
-    #     List of vosk models to be loaded by numen. They can be referred to using the index, eg. model0 or model1.
-    #   '';
-    # };
-
-    dotoolPkg = mkOption {
-      type = types.package;
-      default = pkgs.kb-one.dotool;
-    };
-
-    autoStart = mkOption {
-      type = types.bool;
-      default = true;
-    };
-
-    phrases = mkOption {
-      type = types.listOf types.path;
-      default = [
-        ./phrases/character.phrases
-        ./phrases/control.phrases
-        ./phrases/environment.phrases
-        ./phrases/voice.phrases
-      ];
-      description = ''
-        Phrases to be loaded by numen. If empty, the default phrases are used.
-      '';
-    };
-
-    extraArgs = mkOption {
-      type = types.singleLineStr;
-      default = "";
-      description = ''
-        Additional arguments to be passed to numen.
-      '';
-    };
-
-    dotoolXkbLayout = mkOption {
-      type = types.singleLineStr;
-      default = "de";
-      description = ''
-        The XKB keyboard layout that should be used by dotool.
-      '';
-    };
-  };
-
-  config = mkIf cfg.enable {
-
-    # System Configuration
-    environment.systemPackages = [
-      cfg.numenPkg
-      cfg.dotoolPkg
-      cfg.modelPkg
-    ];
-    services.udev.extraRules = ''
-      KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput"
-    '';
-
-    # Enable AutoStart Service
-    systemd.user.services.numen = mkIf cfg.autoStart {
-      description = "Numen voice control";
-      after = [ "graphical-session-pre.target" ];
-      partOf = [ "graphical-session.target" ];
-      wantedBy = [ "graphical-session.target" ];
-      environment = {
-        DOTOOL_XKB_LAYOUT = "${cfg.dotoolXkbLayout}";
-        NUMEN_MODEL = "${cfg.modelPkg}/usr/share/vosk-models/small-en-us/";
-      };
-      serviceConfig.ExecStart = "${cfg.numenPkg}/bin/numen ${cfg.extraArgs} ${lib.strings.concatStringsSep " " cfg.phrases}";
-    };
-  };
-}

modules/nixos/services/numen/phrases/character.phrases

@@ -1,71 +0,0 @@
-air: press a
-bat: press b
-cap: press c
-drum: press d
-each: press e
-fig: press f
-gust: press g
-hoof: press h
-ice: press i
-jive: press j
-kid: press k
-link: press l
-made: press m
-nerd: press n
-odd: press o
-pit: press p
-quench: press q
-red: press r
-sun: press s
-trap: press t
-urge: press u
-void: press v
-whiz: press w
-plex: press x
-yank: press y
-zip: press z
-
-newt: press 0
-one: press 1
-two: press 2
-three: press 3
-four: press 4
-five: press 5
-six: press 6
-sept: press 7
-eight: press 8
-nine: press 9
-
-ask: press question
-plus: press plus
-mine: press minus
-tide: press asciitilde
-yell: press exclam
-quid: press dollar
-score: press underscore
-clause: press colon
-same: press semicolon
-wax: press parenleft
-wane: press parenright
-curl: press braceleft
-crimp: press braceright
-bric: press bracketleft
-brac: press bracketright
-small: press less
-big: press greater
-star: press asterisk
-hash: press numbersign
-mood: press percent
-blunt: press asciicircum
-snail: press at
-gain: press ampersand
-vert: press bar
-spoke: press quotedbl
-mark: press apostrophe
-tick: press grave
-slash: press slash
-slope: press backslash
-list: press comma
-point: press period
-match: press equal
-

modules/nixos/services/numen/phrases/control.phrases

@@ -1,85 +0,0 @@
-space: press space
-yes: press Return
-tab: press Tab
-scape: stick off \
-	press Escape
-
-# Enable a modifier for the next press
-# (The Super modifier is also known as the "Windows key")
-shy: mod shift
-troy: mod ctrl
-hype: mod alt
-shock: mod super \
-	stick off
-# Clear modifiers
-cleanse: mod clear \
-	caps off \
-	stick off
-
-# Enable Caps Lock until the end of the sentence or you say "cleanse"
-shout: caps on
-<complete>: caps off
-
-# Start holding down each pressed key, and stop by saying "cleanse"
-squeeze: run notify-send STICKING & \
-	stick off \
-	stick on
-
-hack: press BackSpace
-mince: press BackSpace BackSpace
-toss: press Delete
-smite: press Delete Delete
-raze: press BackSpace BackSpace BackSpace BackSpace
-# Delete a word (depending on the program)
-swipe: press ctrl+BackSpace
-
-left: press Left
-right: press Right
-up: press Up
-down: press Down
-lunge: press Left Left
-rush: press Right Right
-leave: press Left Left Left Left
-charge: press Right Right Right Right
-
-# I use these to navigate words and to complete bits of shell autosuggestions
-stretch: press ctrl+Right
-wrench: press ctrl+Left
-
-# PageDown, PageUp, Home, End
-page: press Next
-reel: press Prior
-home: press Home
-end: press End
-
-# Paste the clipboard (depending on the program)
-gluten: stick off \
-	press XF86Paste
-
-# Repeat the previous press etc.
-more: repeat 1
-bunch: repeat 2
-handful: repeat 4
-fistful: repeat 8
-plateful: repeat 12
-
-frank one: press F1
-frank two: press F2
-frank three: press F3
-frank four: press F4
-frank five: press F5
-frank six: press F6
-frank sept: press F7
-frank eight: press F8
-frank nine: press F9
-frank one newt: press F10
-frank one one: press F11
-frank one two: press F12
-
-# This saves your changes in vi-style programs
-save: caps off \
-	press Escape colon w Return
-# This cycles round splits in Vim
-switch: caps off \
-	press Escape ctrl+w w
-

modules/nixos/services/numen/phrases/environment.phrases

@@ -1,36 +0,0 @@
-# I use these for managing application windows but they just simulate keys,
-# so you'll need to configure your desktop environment, or you can use my
-# preconfigured desktop environment: https://git.sr.ht/~geb/tiles
-
-# Navigate to the window in the given direction
-west: stick off \
-	press super+Left
-east: stick off \
-	press super+Right
-north: stick off \
-	press super+Up
-south: stick off \
-	press super+Down
-
-# Cycle round the windows
-cycle: stick off \
-	press super+c
-recycle: stick off \
-	press super+C
-
-# Close window
-exterminate: stick off \
-	press super+q
-
-# Toggle fullscreen
-screen: stick off \
-	press super+f
-
-
-
-# These two are just for --gadget mode.
-
-# Switch to controlling the gadget
-@gadget shock gadget: handler uinput
-# Switch to controlling the host machine
-@gadget shock host: handler gadget

modules/nixos/services/numen/phrases/voice.phrases

@@ -1,67 +0,0 @@
-# Cancel sentence
-# For example, "four down no five down" would just do "five down".
-@cancel no:
-
-# Transcribe a sentence
-# For example, "scribe please type this".
-@transcribe scribe: set numen_fmt echo normal \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-
-# Transcribe a sentence formatted...
-
-# With the first letter uppercase
-@transcribe scrub: set numen_fmt echo sentence \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# With Each First Letter Uppercase
-@transcribe tight scribe: set numen_fmt echo title \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# with_underscrores_inbetween
-@transcribe snake: set numen_fmt echo snake \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# with-dashes-inbetween
-@transcribe dash: set numen_fmt echo dash \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# with.dots.inbetween
-@transcribe dot scribe: set numen_fmt echo dot \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# with, commas, inbetween
-@transcribe roh scribe: set numen_fmt echo list \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# with/slashes/inbetween
-@transcribe path scribe: set numen_fmt echo path \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# allsmashedtogether
-@transcribe kludge: set numen_fmt echo smash \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# camelCase
-@transcribe camel: set numen_fmt echo camel \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# PascalCase
-@transcribe pascal: set numen_fmt echo pascal \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# dot.camelCase
-@transcribe dot camel: set numen_fmt echo dotcamel \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# dot.PascalCase
-@transcribe dot pascal: set numen_fmt echo dotpascal \
-	pen /etc/numen/scripts/tweak; /etc/numen/scripts/transcripts | head -n 1
-# (You can also do "shout scribe" etc.)
-
-# Erase the transcription
-ditch: eval /etc/numen/scripts/transcripts | sed 's/./ BackSpace/g; s/^/press/; q'
-
-# Go to the start of the transcription
-trudge: eval /etc/numen/scripts/transcripts | sed 's/./ Left/g; s/^/press/; q'
-
-# Menus to type or choose another transcription result
-# They use the dmenu command (only works in X11) or the command specified
-# by $NUMEN_DMENU or $DMENU (you could use wmenu if you're on Wayland).
-transcripts: run /etc/numen/scripts/menu | numenc & \
-	run sleep 0.1
-change: run /etc/numen/scripts/menu change | numenc & \
-	run sleep 0.1
-
-
-# Ignore this, vosk-model-small-en-us-0.15 can output huh after a long silence.
-huh:
-

modules/nixos/services/traefik-proxy/default.nix

@@ -1,53 +0,0 @@
-{ inputs, config, lib, pkgs, ... }:
-let
-  cfg = config.services.traefik-proxy;
-in
-{
-  imports = [
-  ];
-
-  options.services.traefik-proxy = {
-    enable = lib.mkOption {
-      type = with lib.types; uniq bool;
-      default = false;
-      description = "Enable Pre-Configured Traefik Proxy";
-    };
-  };
-
-  config = lib.mkIf (cfg.enable ||
-                     config.services.binary-cache.enable ||
-                     config.suites.nas.media.enable) {
-    services.traefik = {
-      enable = true;
-      staticConfigOptions = {
-        entryPoints = {
-          web = {
-            address = ":80";
-            asDefault = true;
-            http.redirections.entrypoint = {
-              to = "websecure";
-              scheme = "https";
-            };
-          };
-          websecure = {
-            address = ":443";
-            asDefault = true;
-            http.tls.certResolver = "letsencrypt";
-          };
-        };
-      };
-    };
-    networking.firewall.allowedTCPPorts = [ 80 443 ];
-
-    # Configure Letsencrypt
-    services.traefik.staticConfigOptions = {
-      certificatesResolvers.letsencrypt.acme = {
-        email = "kb01@kb-one.de";
-        tlsChallenge = {};
-        storage = "/var/secrets/traefik/acme.json";
-      };
-    };
-
-  };
-}
-

modules/nixos/suites/nas/default.nix

@@ -1,59 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  system,
-  ...
-}:
-let
-  cfg = config.suites.nas;
-in
-{
-  imports = [
-    ./jellyfin.nix
-    ./kavita.nix
-  ];
-  options.suites.nas.enable = lib.mkOption {
-    type = with lib.types; uniq bool;
-    default = false;
-    description = "Enable Preconfigured NAS Config";
-  };
-  options.suites.nas.domain = lib.mkOption {
-    type = with lib.types; string;
-    default = "localhost";
-    description = "NAS Reachable Domain Name";
-  };
-  options.suites.nas.media.enable = lib.mkOption {
-    type = with lib.types; uniq bool;
-    default = true;
-    description = "Enable Media Servers";
-  };
-  options.suites.nas.media.folder = lib.mkOption {
-    type = with lib.types; str;
-    default = "/home/media/media";
-    description = "Media Root Directory";
-  };
-
-  # Media Config
-  config = lib.mkIf (cfg.enable && cfg.media.enable) {
-
-    # Media Defaults
-    suites.nas.media.jellyfin.enable = true;
-    suites.nas.media.kavita.enable = false;
-
-    # Create Media User
-    users.groups.media = {};
-    users.users.media = {
-      isSystemUser = true;
-      createHome = true;
-      description = "Media User";
-      group = "media";
-      home = "/home/media";
-    };
-
-  };
-
-
-}
-

modules/nixos/suites/nas/jellyfin.nix

@@ -1,41 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  system,
-  ...
-}:
-let
-  cfg = config.suites.nas.media.jellyfin;
-in
-{
-  options.suites.nas.media.jellyfin.enable = lib.mkOption {
-    type = with lib.types; uniq bool;
-    default = false;
-    description = "Enable Preconfigured Jellyfin Config";
-  };
-  options.suites.nas.media.jellyfin.subdomain = lib.mkOption {
-    type = with lib.types; string;
-    default = "watch";
-    description = "Subdomain for Jellyfin Server";
-  };
-
-  config = lib.mkIf (cfg.enable) {
-
-    services.jellyfin.enable = true;
-    services.jellyfin.user = "media";
-    
-    # Configure Reverse-Proxy
-    services.traefik.dynamicConfigOptions = {
-      http.services.jellyfin.loadBalancer.servers = [ { url = "http://localhost:8096/"; } ];
-      http.routers.jellyfin.entrypoints = "websecure";
-      http.routers.jellyfin.tls = true;
-      #http.routers.jellyfin.tls.certresolver = "letsencrypt";
-      http.routers.jellyfin.rule = "Host(`${cfg.subdomain}.${config.suites.nas.domain}`)";
-      http.routers.jellyfin.service = "jellyfin";
-    };
-
-  };
-}
-

modules/nixos/suites/nas/kavita.nix

@@ -1,42 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  system,
-  ...
-}:
-let
-  cfg = config.suites.nas.media.kavita;
-in
-{
-  options.suites.nas.media.kavita.enable = lib.mkOption {
-    type = with lib.types; uniq bool;
-    default = false;
-    description = "Enable Preconfigured kavita Config";
-  };
-  options.suites.nas.media.kavita.subdomain = lib.mkOption {
-    type = with lib.types; string;
-    default = "read";
-    description = "Kavita Subdomain";
-  };
-
-  config = lib.mkIf (cfg.enable) {
-
-    services.kavita.enable = true;
-    services.kavita.user = "media";
-    services.kavita.tokenKeyFile = "/home/media/secrets/kavita-secret";
-    
-    # Configure Reverse-Proxy
-    services.traefik.dynamicConfigOptions = {
-      http.services.kavita.loadBalancer.servers = [ { url = "http://localhost:5000/"; } ];
-      http.routers.kavita.entrypoints = "websecure";
-      http.routers.kavita.tls = true;
-      #http.routers.kavita.tls.certresolver = "letsencrypt";
-      http.routers.kavita.rule = "Host(`${cfg.subdomain}.${config.suites.nas.domain}`)";
-      http.routers.kavita.service = "kavita";
-    };
-
-  };
-}
-

packages/dotool/default.nix

@@ -1,18 +0,0 @@
-{ fetchFromSourcehut, buildGoModule, pkg-config, libxkbcommon, tree }:
-# Source: https://github.com/Lykos153/numen-nix
-buildGoModule rec {
-  pname = "dotool";
-  version = "1.5";
-  src = fetchFromSourcehut {
-    owner = "~geb";
-    repo = pname;
-    rev = version;
-    hash = "sha256-4QmTHeU3TnpRATKIvilkIA3i2hDjM5zQwSvmRvoWuNE=";
-  };
-  vendorHash = "sha256-IQ847LHDYJPboWL/6lQNJ4vPPD/+xkrGI2LSZ7kBnp4=";
-  nativeBuildInputs = [ pkg-config tree ];
-  buildInputs = [ libxkbcommon ];
-  postInstall = ''
-    install -D $src/80-dotool.rules $out/lib/udev/rules.d/80-dotool.rules
-  '';
-}

packages/intel-media-sdk/default.nix

@@ -1,66 +0,0 @@
-{
-  lib,
-  stdenv,
-  fetchFromGitHub,
-  cmake,
-  pkgs,
-  ...
-}:
-
-stdenv.mkDerivation rec {
-  pname = "intel-media-sdk";
-  version = "23.2.2";
-
-  src = fetchFromGitHub {
-    owner = "Intel-Media-SDK";
-    repo = "MediaSDK";
-    rev = "intel-mediasdk-${version}";
-    hash = "sha256-wno3a/ZSKvgHvZiiJ0Gq9GlrEbfHCizkrSiHD6k/Loo=";
-  };
-
-  patches = [
-    # Search oneVPL-intel-gpu in NixOS specific /run/opengl-driver/lib directory
-    # See https://github.com/NixOS/nixpkgs/pull/315425
-    ./nixos-search-onevplrt-in-run-opengl-driver-lib.patch
-    # https://github.com/Intel-Media-SDK/MediaSDK/pull/3005
-    (pkgs.fetchpatch {
-      name = "include-cstdint-explicitly.patch";
-      url = "https://github.com/Intel-Media-SDK/MediaSDK/commit/a4f37707c1bfdd5612d3de4623ffb2d21e8c1356.patch";
-      hash = "sha256-OPwGzcMTctJvHcKn5bHqV8Ivj4P7+E4K9WOKgECqf04=";
-    })
-  ];
-
-  nativeBuildInputs = [
-    pkgs.cmake
-    pkgs.pkg-config
-  ];
-  buildInputs = [
-    pkgs.libdrm
-    pkgs.libva
-    pkgs.xorg.libpciaccess
-    pkgs.xorg.libX11
-    pkgs.xorg.libXau
-    pkgs.xorg.libXdmcp
-    pkgs.xorg.libpthreadstubs
-  ];
-  nativeCheckInputs = [ pkgs.gtest ];
-
-  cmakeFlags = [
-    "-DBUILD_SAMPLES=OFF"
-    "-DBUILD_TESTS=${if doCheck then "ON" else "OFF"}"
-    "-DUSE_SYSTEM_GTEST=ON"
-  ];
-
-  doCheck = true;
-
-  meta = with lib; {
-    description = "Intel Media SDK";
-    mainProgram = "mfx-tracer-config";
-    license = licenses.mit;
-    maintainers = with maintainers; [
-      midchildan
-      pjungkamp
-    ];
-    platforms = [ "x86_64-linux" "i686-linux" ];
-  };
-}

packages/intel-media-sdk/nixos-search-onevplrt-in-run-opengl-driver-lib.patch

@@ -1,45 +0,0 @@
-From aceb689ae69857def8a26a8d1ceb114ccfbb2569 Mon Sep 17 00:00:00 2001
-From: Philipp Jungkamp <p.jungkamp@gmx.net>
-Date: Tue, 28 May 2024 19:22:29 +0200
-Subject: [PATCH] NixOS: Search ONEVPLRT in /run/opengl-driver/lib
-
----
- api/mfx_dispatch/linux/mfxloader.cpp                            | 2 ++
- .../suites/mfx_dispatch/linux/mfx_dispatch_test_cases_libs.cpp  | 1 +
- 2 files changed, 3 insertions(+)
-
-diff --git a/api/mfx_dispatch/linux/mfxloader.cpp b/api/mfx_dispatch/linux/mfxloader.cpp
-index 39b6bff1..f76ed65d 100644
---- a/api/mfx_dispatch/linux/mfxloader.cpp
-+++ b/api/mfx_dispatch/linux/mfxloader.cpp
-@@ -193,6 +193,7 @@ mfxStatus LoaderCtx::Init(mfxInitParam& par)
-   if (selected_runtime && strcmp(selected_runtime, "ONEVPL") == 0) {
-     libs.emplace_back(ONEVPLRT);
-     libs.emplace_back(MFX_MODULES_DIR "/" ONEVPLRT);
-+    libs.emplace_back("/run/opengl-driver/lib/" ONEVPLRT);
-   } else if ((selected_runtime && strcmp(selected_runtime, "MSDK") == 0) || (platform != MFX_HW_UNKNOWN)) {
-     if (MFX_IMPL_BASETYPE(par.Implementation) == MFX_IMPL_AUTO ||
-         MFX_IMPL_BASETYPE(par.Implementation) == MFX_IMPL_AUTO_ANY) {
-@@ -213,6 +214,7 @@ mfxStatus LoaderCtx::Init(mfxInitParam& par)
-   } else {
-     libs.emplace_back(ONEVPLRT);
-     libs.emplace_back(MFX_MODULES_DIR "/" ONEVPLRT);
-+    libs.emplace_back("/run/opengl-driver/lib/" ONEVPLRT);
-   }
- 
-   mfxStatus mfx_res = MFX_ERR_UNSUPPORTED;
-diff --git a/tests/unit/suites/mfx_dispatch/linux/mfx_dispatch_test_cases_libs.cpp b/tests/unit/suites/mfx_dispatch/linux/mfx_dispatch_test_cases_libs.cpp
-index dedee0b3..9657da4b 100644
---- a/tests/unit/suites/mfx_dispatch/linux/mfx_dispatch_test_cases_libs.cpp
-+++ b/tests/unit/suites/mfx_dispatch/linux/mfx_dispatch_test_cases_libs.cpp
-@@ -123,6 +123,7 @@ TEST_P(DispatcherLibsTestParametrized, ShouldEnumerateCorrectLibNames)
-     {
-         libs.emplace_back(ONEVPLRT);
-         libs.emplace_back(modules_dir + "/" + ONEVPLRT);
-+        libs.emplace_back("/run/opengl-driver/lib/" + ONEVPLRT);
-     }
- 
-     for (const std::string& lib : libs)
--- 
-2.44.0
-

packages/numen/default.nix

@@ -1,88 +0,0 @@
-{ fetchFromSourcehut
-, stdenv
-, buildGoModule
-, makeWrapper
-, scdoc
-, pkgs
-, lib
-, alsa-utils
-, libxkbcommon
-, gnused
-, gawk
-, coreutils
-, libnotify
-, dmenu
-, procps
-}:
-# Source: https://github.com/Lykos153/numen-nix
-buildGoModule rec {
-  pname = "numen";
-  version = "master";
-  vendorHash = "sha256-Y3CbAnIK+gEcUfll9IlEGZE/s3wxdhAmTJkj9zlAtoQ=";
-  src = fetchFromSourcehut {
-    owner = "~geb";
-    repo = pname;
-    rev = version;
-    hash = "sha256-haiaMBq9xbcDd83Kmm00Xc7823U+90DworOZk9H2n9w=";
-  };
-
-  allowGoReference = true;
-  preBuild = ''
-    export CGO_CFLAGS="-I${pkgs.kb-one.vosk-bin}/include"
-    export CGO_LDFLAGS="-L${pkgs.kb-one.vosk-bin}/lib"
-  '';
-  nativeBuildInputs = [
-    makeWrapper
-    scdoc
-  ];
-  ldflags = [
-    "-X main.Version=${version}"
-    "-X main.DefaultModelPackage=vosk-model-small-en-us"
-    "-X main.DefaultModelPaths=${pkgs.kb-one.vosk-model-small-en-us}/usr/share/vosk-models/small-en-us"
-    "-X main.DefaultPhrasesDir=${placeholder "out"}/etc/numen/phrases"
-  ];
-  # This is necessary because while the scripts are copied relative to
-  # the nix store, the hard-coded paths inside the scripts themselves
-  # still point outside of the store.
-  patchPhase = ''
-    substituteInPlace scripts/* \
-      --replace /etc/numen/scripts "$out/etc/numen/scripts" \
-      --replace sed ${gnused}/bin/sed \
-      --replace awk ${gawk}/bin/awk \
-      --replace cat ${coreutils}/bin/cat \
-      --replace notify-send ${libnotify}/bin/notify-send
-    substituteInPlace scripts/menu \
-      --replace "-dmenu" "-${dmenu}/bin/dmenu"
-    substituteInPlace scripts/displaying \
-      --replace "(pgrep" "(${procps}/bin/pgrep" \
-      --replace "(ps" "(${procps}/bin/ps"
-    substituteInPlace phrases/* \
-      --replace /etc/numen/scripts "$out/etc/numen/scripts" \
-      --replace numenc "$out/bin/numenc"
-    substituteInPlace numenc \
-      --replace /bin/echo "${coreutils}/bin/echo" \
-      --replace cat "${coreutils}/bin/cat"
-  '';
-  installPhase = ''
-    runHook preInstall
-
-    install -Dm755 $GOPATH/bin/numen -t "$out/bin"
-    install -Dm755 numenc -t "$out/bin"
-    install -Dm755 scripts/* -t "$out/scripts"
-    install -Dm644 phrases/* -t "$out/prases"
-    sed -i "s:/etc/numen/scripts:${placeholder "out"}/scripts:g" \
-           $out/scripts/* \
-           $out/prases/*
-    mkdir -p "$out/usr/share/man/man1" || exit
-    scdoc < doc/numen.1.scd > "$out/usr/share/man/man1/numen.1" || exit
-    echo Installed Successfully.
-
-
-    runHook postInstall
-  '';
-  postFixup = ''
-    wrapProgram $out/bin/numen \
-      --prefix PATH : ${lib.makeBinPath [ pkgs.kb-one.dotool alsa-utils ]} \
-      --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ libxkbcommon stdenv.cc.cc.lib ]} \
-  '';
-}

packages/vosk-bin/default.nix

@@ -1,40 +0,0 @@
-{ stdenv, fetchurl, unzip, system }:
-# Source https://github.com/Lykos153/numen-nix
-let
-  getSource = system: version: let
-    sources = {
-      x86_64-linux = {
-        systemString = "linux-x86_64";
-        sha256 = "sha256-u9yO2FxDl59kQxQoiXcOqVy/vFbP+1xdzXOvqHXF+7I=";
-      };
-      aarch64-linux = {
-        systemString = "linux-aarch64";
-        sha256 = "sha256-ReldN3Vd6wdWjnlJfX/rqMA67lqeBx3ymWGqAj/ZRUE=";
-      };
-      i686-linux = {
-        systemString = "linux-x86";
-        sha256 = "sha256-tTnvwieAlIvZji7LnBuSygizxVKhh0T3ICq3hAW44fk=";
-      };
-    };
-  in {
-    url = "https://github.com/alphacep/vosk-api/releases/download/v${version}/vosk-${(builtins.getAttr system sources).systemString}-${version}.zip";
-    sha256 = (builtins.getAttr system sources).sha256;
-
-  };
-in
-stdenv.mkDerivation rec {
-  # todo: other arches as well.
-  name = "vosk-bin";
-  version = "0.3.45";
-  src = fetchurl (getSource system version);
-  nativeBuildInputs = [ unzip ];
-  unpackCmd = "unzip $curSrc";
-
-  installPhase = ''
-    mkdir -p $out/lib
-    mv libvosk.so $out/lib/
-    mkdir -p $out/include
-    mv vosk_api.h $out/include/
-  '';
-}
-

packages/vosk-model-small-en-us/default.nix

@@ -1,18 +0,0 @@
-{ stdenv, fetchurl, unzip }:
-# Source: https://github.com/Lykos153/numen-nix
-stdenv.mkDerivation {
-  name = "vosk-model-small-en-us";
-  version = "0.15";
-  src = fetchurl {
-    url =
-      "https://alphacephei.com/kaldi/models/vosk-model-small-en-us-0.15.zip";
-    sha256 = "sha256-MPJiQsTrRJ+UjkLLMC3XpobLKaNCOoNn+Z/0F4CUJJg=";
-  };
-  nativeBuildInputs = [ unzip ];
-  unpackCmd = "unzip $curSrc";
-
-  installPhase = ''
-    mkdir -p $out/usr/share/vosk-models
-    cp -r . $out/usr/share/vosk-models/small-en-us
-  '';
-}

systems/README.md

@@ -1,198 +0,0 @@
-# Systems
-
-## [LANA9Z](./x86_64-linux/LANA9Z)
-<table>
-  <tr>
-    <td><img src="../assets/LANA9Z.jpeg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td><a href="../main/homes/x86_64-linux/kb@LANA9Z">kb@LANA9Z</a></td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td><a href="https://www.intel.com/content/www/us/en/products/sku/53464/intel-core-i72640m-processor-4m-cache-up-to-3-50-ghz/specifications.html">Intel i7-2640M</a>, 2 Cores, max 3.50 GHz</td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>16 GB</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>MacBook Pro 2011 (MacBook Pro 8,1)</td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>
-
-## [LoyAdjo](./x86_64-linux/LoyAdjo)
-<table>
-  <tr>
-    <td><img src="../assets/LoyAdjo.jpeg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td><a href="../main/homes/x86_64-linux/kb@LoyAdjo">kb@LoyAdjo</a></td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td><a href="https://www.amd.com/en/products/processors/desktops/ryzen/5000-series/amd-ryzen-5-5600x.html">AMD Ryzen 5 5600X</a>, 6 Cores, max 4.60 GHz</td>
-        </tr>
-        <tr>
-          <td>Gpu</td>
-          <td><a href="https://www.nvidia.com/en-us/geforce/10-series/">GeForce GTX 1070</a></td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>32 GB</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>Custom Desktop Computer</td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>
-
-## [Ohybke](./x86_64-linux/Ohybke)
-<table>
-  <tr>
-    <td><img src="../assets/Ohybke.jpeg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td><a href="../main/homes/x86_64-linux/kb@Ohybke">kb@Ohybke</a></td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td><a href="https://www.intel.com/content/www/us/en/products/sku/196586/intel-core-i31000ng4-processor-4m-cache-up-to-3-20-ghz/specifications.html">Intel i3-1000NG4</a>, 2 Cores, 3.20 GHz</td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>8 GB</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>MacBook Air early 2020 (MacBook Air 9,1)</td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>
-
-## [HyperC](./x86_64-linux/HyperC)
-<table>
-  <tr>
-    <td><img src="../assets/HyperC.jpeg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td><a href="../main/homes/x86_64-linux/kb@HyperC">kb@HyperC</a></td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td><a href="https://www.intel.com/content/www/us/en/products/sku/97472/intel-core-i57300u-processor-3m-cache-up-to-3-50-ghz/specifications.html">Intel i5-7300U</a>, 2 Cores, max 3.50 GHz</td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>8 GB</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>Surface Pro 2017 (Surface Pro 5)</td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>
-
-## [Rubtrm](./i686-linux/Rubtrm)
-<table>
-  <tr>
-    <td><img src="../assets/Rubtrm.jpeg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td>kb@Rubtrm</td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td><a href="https://www.intel.com/content/www/us/en/products/sku/36331/intel-atom-processor-n270-512k-cache-1-60-ghz-533-mhz-fsb/specifications.html">Intel Atom N270</a>, 2 Cores, 1.60 GHz</td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>2 GB</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>Lenovo ideapad S10 4333-A13</td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>
-
-## [kb-game-01](./x86_64-linux/kb-game-01)
-<table>
-  <tr>
-    <td><img src="../assets/server-solid.svg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td>master@kb-game-01</td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td><a href="https://www.amd.com/en/products/processors/server/epyc/7002-series.html">AMD EPYC 7702P</a>, 4 / 64 Cores, max 3.35 GHz</td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>16 GB</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>KVM Server for Game-Servers (or Build-Server)</td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>
-
-## [U3ncSovm](./x86_64-linux/U3ncSovm)
-<table>
-  <tr>
-    <td><img src="../assets/server-solid.svg" width="152" height="114"></td>
-    <td>
-      <table>
-        <tr>
-          <td>User</td>
-          <td>master@U3ncSovm</td>
-        </tr>
-        <tr>
-          <td>Cpu</td>
-          <td>...</td>
-        </tr>
-        <tr>
-          <td>Ram</td>
-          <td>...</td>
-        </tr>
-        <tr>
-          <td>Device</td>
-          <td>Custom NAS Server, currently under construction only as VM.</td>
-        </tr>
-        <tr>
-          <td>Build</td>
-          <td><pre lang="bash">nixos-rebuild build-vm --flake .#U3ncSovm</pre></td>
-        </tr>
-      </table>
-    </td>
-  </tr>
-</table>

systems/aarch64-linux/kb-senfnvp/default.nix

@@ -1,75 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  imports = [
-    ./hardware.nix
-  ];
-
-  # Configure Nix
-  nix.settings.experimental-features = [ "nix-command" "flakes" ];
-  nix.settings.trusted-users=[ "remotebuild" ];
-  nix.package = pkgs.lix;
-
-  # Networking
-  networking.hostName = "kb-senfnvp"; 
-  networking.networkmanager.enable = true;
-  networking.nameservers = [
-    "1.1.1.1"
-  ];
- 
-  # Set your time zone.
-  time.timeZone = "Europe/Amsterdam";
-
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = "de";
-  };
-
-  users.users.master = { # Managed by Homemanager
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJszrrdVHmMUdgOakyFNOIPV9BfopwflqivmK13Fmsab kb@Ohybke"
-    ];
-    isNormalUser = true;
-    extraGroups = [ "wheel" ];
-  };
-
-  users.users.remotebuild = {
-    isNormalUser = true;
-    createHome = true;
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJV9cwMXlbaBdg2gReSnLxH3EV5cyFoSi21f5fZhPfdC kb@Ohybke"
-    ];
-  };
-
-  environment.systemPackages = with pkgs; [
-    git
-    wget
-    vim
-    tree
-    fastfetch
-  ];
-
-  # Default Editor
-  programs.vim.enable = true;
-  programs.vim.defaultEditor = true;
-
-  # SSH and Mosh
-  services.openssh = {
-    enable = true;
-    settings.PasswordAuthentication = false;
-    settings.KbdInteractiveAuthentication = false;
-    ports = [ 9553 ];
-    openFirewall = true;
-  };
-  programs.mosh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-
-  system.stateVersion = "24.11"; # NEVER CHANGE THIS !!!!
-
-}
-

systems/aarch64-linux/kb-senfnvp/hardware.nix

@@ -1,52 +0,0 @@
-{ config, lib, pkgs, modulesPath, ... }:
-{
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-  ];
-
-  # System
-  boot.initrd.availableKernelModules = [ "xhci_pci" "virtio_scsi" "sr_mod" "sr_mod" "r8169" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
-
-  # Boot Loader
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  # SSH Remote Unlock
-  boot.kernelParams = [ "ip=dhcp" ];
-  boot.initrd.systemd.users.root.shell = "/bin/cryptsetup-askpass";
-  boot.initrd.network = {
-    enable = true;
-    ssh = {
-      enable = true;
-      port = 7299;
-      authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6jJa135d46R9XgV7h5SfxALabycI5ZPN8kdSQbEkYM kb@Ohybke" ];
-      hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" ];
-    };
-    postCommands = ''
-      echo 'cryptsetup-askpass' >> /root/.profile
-    '';
-  };
-
-  # Disks
-  boot.initrd.luks.devices."luks-2d08047a-a014-480b-8a24-a70e20a2d7d7".device = "/dev/disk/by-uuid/2d08047a-a014-480b-8a24-a70e20a2d7d7";
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/9c1d9682-5cfb-4683-a789-f544fc6e7681";
-    fsType = "ext4";
-  };
-  fileSystems."/boot" = { 
-    device = "/dev/disk/by-uuid/FEAA-61DA";
-    fsType = "vfat";
-    options = [ "fmask=0077" "dmask=0077" ];
-  };
-
-  swapDevices = [ ];
-
-  # Networking
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
-
-}

systems/i686-linux/Rubtrm/default.nix

@@ -1,121 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page, on
-# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-
-{ config, lib, pkgs, ... }:
-
-{
-  imports =
-    [ 
-      ./hardware.nix
-    ];
-
-  # Configure Nix
-  nix.settings = {
-    experimental-features = [ "nix-command" "flakes" ];
-    substituters = [ 
-      "https://cache.games01.kb-one.de"
-    ];
-    trusted-public-keys = [
-      "cache.game01.kb-one.de:XcqI+uobV7EoTKuRmnzYup/+oSfn8uLwnsiQFp8dk/g="
-    ];
-  };
-  # nixpkgs.config.allowUnsupportedSystem = true;
-  nixpkgs.config.allowUnfree = true;
-
-  # Use the GRUB 2 boot loader.
-  boot.loader.grub.enable = true;
-  # Define on which hard drive you want to install Grub.
-  boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
-
-  networking.hostName = "Rubtrm"; # Define your hostname.
-  networking.networkmanager.enable = true;
-
-  # Set your time zone.
-  time.timeZone = "Europe/Amsterdam";
-
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = lib.mkForce "de";
-    useXkbConfig = true; # use xkb.options in tty.
-  };
-
-  # Enable the X11 windowing system.
-  services.xserver.enable = true;
-  services.xserver.videoDrivers = [ "modesetting" "fbdev" "vesa" "intel_drv" "intel-media-sdk" ];
-  # Enable Desktop Environment.
-  services.displayManager.sddm.enable = true;
-  # services.displayManager.sddm.wayland.enable = true;
-  # services.xserver.displayManager.lightdm.enable = true;
-  # services.desktopManager.plasma6.enable = true;
-  # services.xserver.desktopManager.plasma5.enable = true;
-  services.xserver.desktopManager.xfce.enable = true;
-  # services.xserver.desktopManager.lxqt.enable = true;
-
-  # Configure keymap in X11
-  services.xserver.xkb = {
-    layout = "de";
-    variant = "";
-  };
-
-  # Enable sound with pipewire.
-  services.pulseaudio.enable = false;
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-  };
-
-  # Enable touchpad support (enabled default in most desktopManager).
-  services.libinput.enable = true;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.kb = {
-    isNormalUser = true;
-    description = "kB";
-    extraGroups = [ "wheel" "networkmanager" "input" ];
-    packages = with pkgs; [
-      tree
-      kb-one.numen
-    ];
-  };
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment.systemPackages = with pkgs; [
-    vim 
-    wget
-    git
-    btop
-    fastfetch
-  ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
-
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-
-  # Needed for dotool to act on numen voice commands
-  services.udev.extraRules = ''
-    KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput"
-  '';
-
-
-  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
-  system.stateVersion = "24.05"; # Did you read the comment?
-}
-

systems/i686-linux/Rubtrm/hardware.nix

@@ -1,44 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ata_piix" "usbhid" "usb_storage" "ums_realtek" "sd_mod" ];
-  boot.initrd.kernelModules = [ "dm-snapshot" "cryptd" ];
-  boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-label/NIXOS_LUKS";
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-  boot.kernelParams = [ "i915.force_probe=27ae" ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-label/NIXOS_ROOT";
-      fsType = "ext4";
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-label/NIXOS_BOOT";
-      fsType = "vfat";
-    };
-
-  swapDevices = [ 
-    {
-      device = "/.swapfile";
-    }
-  ];
-
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "i686-linux";
-  # networking.enableIntel3945ABGFirmware = true;
-  hardware.graphics.extraPackages = [ pkgs.intel-vaapi-driver pkgs.kb-one.intel-media-sdk ];
-  hardware.graphics.extraPackages32 = [ pkgs.intel-vaapi-driver pkgs.kb-one.intel-media-sdk ];
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-  hardware.enableAllFirmware = true;
-}

systems/x86_64-iso/plasma6-64bit-iso/default.nix

@@ -1,7 +0,0 @@
-{ pkgs, modulesPath, lib, ... }: 
-{
-  imports = [
-    "${modulesPath}/installer/cd-dvd/installation-cd-graphical-calamares-plasma6.nix"
-  ];
-
-}

systems/x86_64-linux/HyperC/default.nix

@@ -109,7 +109,7 @@
   services.printing.enable = true;
 
   # Enable sound with pipewire.
-  services.pulseaudio.enable = false;
+  hardware.pulseaudio.enable = false;
   security.rtkit.enable = true;
   services.pipewire = {
     enable = true;
@@ -152,11 +152,6 @@
     download-dir = "${config.services.transmission.home}/Torrents";
   };
 
-  services.protonmail-bridge = {
-    enable = true;
-    path = with pkgs; [ kdePackages.kwallet ];
-  };
-
   services.nix-serve = {
     enable = true;
     secretKeyFile = "/var/cache-HyperC-priv-key.pem";

systems/x86_64-linux/HyperC/hardware.nix

@@ -11,12 +11,9 @@ in {
     ];
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
-  boot.initrd.kernelModules = [ "ipts" "mei" "mei_me" ];
-  boot.initrd.systemd.enable = true;
-  boot.initrd.unl0kr.enable = true;
-  boot.initrd.unl0kr.settings = {
-    general.backend = "drm";
-  };
+  boot.initrd.kernelModules = [ ];
+#  boot.initrd.systemd.enable = true;
+#  boot.initrd.unl0kr.enable = true;
 
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];

systems/x86_64-linux/LANA9Z/default.nix

@@ -1,127 +0,0 @@
-{ config, pkgs, lib, ... }:
-
-{
-  imports =
-    [
-      ./hardware.nix
-    ];
-
-  # Configure Nix
-  nix.package = pkgs.lix;
-  nix.settings = {
-    experimental-features = [ "nix-command" "flakes" ];
-    substituters = [ "https://cache.games01.kb-one.de" ];
-    trusted-public-keys = [ 
-      "cache.game01.kb-one.de:JF++7CgrasYciQeB5jlziqT5BTjaknEk9cMeh4lQf30="
-    ];
-  };
-  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg)
-  [
-    "b43-firmware"
-    "broadcom-sta"
-    "veracrypt"
-  ];
-  nixpkgs.config.permittedInsecurePackages = [
-    "electron-27.3.11"
-  ];
-
-  # Bootloader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-
-  # Networking
-  networking.hostName = "LANA9Z"; # Define your hostname.
-  networking.networkmanager.enable = true;
-  networking.firewall.enable = true;
-  # Allow KDE Connect Ports
-  networking.firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }];
-  networking.firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }];
-  # Allow Minecraft Ports
-  #networking.firewall.allowedTCPPorts = [ 25565 19132 ];
-  #networking.firewall.allowedUDPPorts = [ 25565 19132 ];
-
-  # Enable Bluetooth
-  hardware.bluetooth.enable = true; # enables support for Bluetooth
-  hardware.bluetooth.powerOnBoot = true; # powers up the default Bluetooth controller on boot
-
-  # Set your time zone.
-  time.timeZone = "Europe/Berlin";
-
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-
-  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "de_DE.UTF-8";
-    LC_IDENTIFICATION = "de_DE.UTF-8";
-    LC_MEASUREMENT = "de_DE.UTF-8";
-    LC_MONETARY = "de_DE.UTF-8";
-    LC_NAME = "de_DE.UTF-8";
-    LC_NUMERIC = "de_DE.UTF-8";
-    LC_PAPER = "de_DE.UTF-8";
-    LC_TELEPHONE = "de_DE.UTF-8";
-    LC_TIME = "de_DE.UTF-8";
-  };
-
-  services.xserver.enable = true;
-
-  # Enable the KDE Plasma Desktop Environment.
-  services.displayManager.sddm.enable = true;
-  services.desktopManager.plasma6.enable = true;
-
-  # Configure keymap in X11
-  services.xserver.xkb = {
-    layout = "de";
-    variant = "";
-  };
-
-  # Configure console keymap
-  console.keyMap = "de";
-
-  # Enable CUPS to print documents.
-  services.printing.enable = true;
-
-  # Enable SSH-Agent
-  programs.ssh.startAgent = true;
-
-  # Enable LanguageTool Server
-  services.languagetool = {
-    enable = true;
-    allowOrigin = "*";
-  };
-
-  # Enable sound with pipewire.
-  security.rtkit.enable = true;
-  services.pulseaudio.enable = false;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-  };
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.kb = {
-    isNormalUser = true;
-    description = "kB";
-    extraGroups = [ "networkmanager" "wheel" ];
-  };
-
-  # List packages installed in system profile. To search, run: $ nix search wget
-  environment.systemPackages = with pkgs; [
-    vim
-    wget
-    tree
-    git
-    sops
-  ];
-
-  # Default Editor
-  programs.vim.enable = true;
-  programs.vim.defaultEditor = true;
-
-  # Sops Secrets Config
-  sops.defaultSopsFormat = "yaml";
-  sops.age.keyFile = "/home/kb/.config/sops/age/keys.txt";
-
-  system.stateVersion = "24.11"; # NEVER Change this
-}

systems/x86_64-linux/LANA9Z/hardware.nix

@@ -1,85 +0,0 @@
-{ config, lib, pkgs, modulesPath, inputs, ... }: let
-  inherit (inputs) nixos-hardware;
-in {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-       nixos-hardware.nixosModules.apple-macbook-pro-8-1
-    ];
-
-  # Configure NixOS
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-
-  # Boot Parameters
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" "wl" ];
-  boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
-
-  # Filesystems
-  fileSystems."/" = { 
-    device = "/dev/disk/by-uuid/33872d2c-3008-47ad-a7cf-fed7b259dfb0";
-    fsType = "ext4";
-  };
-  boot.initrd.luks.devices."luks-732125b8-36af-43ea-b684-db71b4c20406".device = "/dev/disk/by-uuid/732125b8-36af-43ea-b684-db71b4c20406";
-  fileSystems."/boot" = { 
-    device = "/dev/disk/by-uuid/3C84-DD6D";
-    fsType = "vfat";
-    options = [ "fmask=0077" "dmask=0077" ];
-  };
-  swapDevices = [ 
-    {
-      device = "/swapfile";
-      size = 16*1024;
-    }
-  ];
-
-  # Network
-  networking.useDHCP = lib.mkDefault true;
-
-  # Hardware
-  hardware.bosto-touchpad.enable = true;
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-  hardware.graphics = {
-    enable = true;
-    extraPackages = [ pkgs.intel-media-sdk ];
-  };
-
-  # Power Management
-#  services.tlp.enable = false;
-#  services.power-profiles-daemon.enable = false;
-#  services.auto-cpufreq.enable = true;
-#  services.auto-cpufreq.settings = {
-#    battery = {
-#       governor = "powersave";
-#       turbo = "never";
-#    };
-#    charger = {
-#       governor = "performance";
-#       turbo = "auto";
-#    };
-#  };
-
-  services.power-profiles-daemon.enable = false;
-  services.tlp = {
-    enable = true;
-    settings = {
-      CPU_SCALING_GOVERNOR_ON_AC = "performance";
-      CPU_SCALING_GOVERNOR_ON_BAT = "balanced";
-
-      CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
-      CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
-
-      CPU_MIN_PERF_ON_AC = 0;
-      CPU_MAX_PERF_ON_AC = 100;
-      CPU_MIN_PERF_ON_BAT = 0;
-      CPU_MAX_PERF_ON_BAT = 80;
-
-      #Optional helps save long term battery health
-      START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge
-      STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging
-    };
-  };
-
-
-
-}

systems/x86_64-linux/LoyAdjo/default.nix

@@ -2,39 +2,34 @@
 
 {
   imports =
-    [
+    [ # Include the results of the hardware scan.
       ./hardware.nix
     ];
 
   # Configure Nix
   nix.package = pkgs.lix;
-  nix.settings = {
-    experimental-features = [ "nix-command" "flakes" ];
-    substituters = [ "https://cache.games01.kb-one.de" ];
-    trusted-users = [ "remotebuild" ];
-    trusted-public-keys = [ 
-      "cache.game01.kb-one.de:JF++7CgrasYciQeB5jlziqT5BTjaknEk9cMeh4lQf30="
-    ];
-  };
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
   nixpkgs.config.allowUnfree = true;
   nixpkgs.config.permittedInsecurePackages = [
     "electron-27.3.11"
   ];
 
+
   # Bootloader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
   networking.hostName = "LoyAdjo";
 
-  # Wireless
+  # Enable networking
   networking.networkmanager.enable = true;
-  hardware.bluetooth.enable = true; # enables support for Bluetooth
-  hardware.bluetooth.powerOnBoot = true; # powers up the default Bluetooth controller on boot
 
-  # Locale
+  # Set your time zone.
   time.timeZone = "Europe/Berlin";
+
+  # Select internationalisation properties.
   i18n.defaultLocale = "en_US.UTF-8";
+
   i18n.extraLocaleSettings = {
     LC_ADDRESS = "de_DE.UTF-8";
     LC_IDENTIFICATION = "de_DE.UTF-8";
@@ -47,23 +42,28 @@
     LC_TIME = "de_DE.UTF-8";
   };
 
-  # GUI
+  # Enable the X11 windowing system.
   services.xserver.enable = true;
   services.xserver.videoDrivers = [ "nvidia" ];
+
+  # Enable the KDE Plasma Desktop Environment.
   services.displayManager.sddm.enable = true;
   services.desktopManager.plasma6.enable = true;
 
-  # Input
-  services.xserver.xkb.layout = "de";
-  services.xserver.xkb.variant = "";
-  console.keyMap = "de";
-  services.numen = {
-    enable = true;
-    autoStart = false;
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "de";
+    variant = "";
   };
 
-  # Output
-  services.pulseaudio.enable = false;
+  # Configure console keymap
+  console.keyMap = "de";
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable sound with pipewire.
+  hardware.pulseaudio.enable = false;
   security.rtkit.enable = true;
   services.pipewire = {
     enable = true;
@@ -71,42 +71,25 @@
     alsa.support32Bit = true;
     pulse.enable = true;
   };
-  services.printing.enable = true;
 
-  # Users
   users.users.kb = { # Managed by Homemanager
     isNormalUser = true;
     description = "kB";
-    extraGroups = [ "networkmanager" "wheel" "input" ];
-  };
-  users.users.remotebuild = {
-    isNormalUser = true;
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIuvGIdO1nwuzq3YrjpxH84rpGhquNvRKz1SSPwKUsth kb @ Rubtrm"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGRlk8FEIN7P81SRVEkP1wjlBjsiUGcBcqzSbHVGB0sF root @ Ohybke"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAl0qiBLwbdSAMfnZCcpG23LgkhlV3Bko3U17oV3m18A root @ HyperC"
-    ];
+    extraGroups = [ "networkmanager" "wheel" ];
   };
  
-  # SSH
-  programs.ssh.startAgent = true;
-  services.openssh = {
-    enable = true;
-    settings.PasswordAuthentication = false;
-    settings.KbdInteractiveAuthentication = false;
-    ports = [ 7325 ];
-    openFirewall = true;
-  };
+  # Enable automatic login for the user.
+  # services.xserver.displayManager.autoLogin.enable = true;
+  # services.xserver.displayManager.autoLogin.user = "kb";
 
-  # System Packages
-  environment.systemPackages = with pkgs; [ # To search, run: $ nix search wget
+#  services.gpg-agent.enable = true;
+
+  # List packages installed in system profile. To search, run: $ nix search wget
+  environment.systemPackages = with pkgs; [
     vim
     git
-    kb-one.numen
-    kb-one.dotool
-    kb-one.vosk-model-small-en-us
-    tree
   ];
 
   system.stateVersion = "24.05"; # NEVER Change this!
+
 }

systems/x86_64-linux/LoyAdjo/hardware.nix

@@ -10,13 +10,11 @@
 
   boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ 
-    "kvm-amd"
-  ];
+  boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
   # Setup Nvidia Driver
-  hardware.graphics.enable = true;
+  hardware.opengl.enable = true;
   hardware.nvidia = 
   {
     modesetting.enable = true;
@@ -27,9 +25,6 @@
     package = config.boot.kernelPackages.nvidiaPackages.beta;
   };
 
-  # Enable Bosto Tochpad Support (See ../../../modules/nixos/hardware/bosto-touchpad/default.nix)
-  hardware.bosto-touchpad.enable = true;
-
   fileSystems."/" =
     { device = "/dev/disk/by-uuid/b3344eaa-384e-4779-92b8-92f6e9a27d7d";
       fsType = "ext4";

systems/x86_64-linux/Ohybke/default.nix

@@ -1,124 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-{
-  imports = [
-    ./hardware.nix
-  ];
-
-  # Configure Nix
-  nix.package = pkgs.lix;
-  nix.settings = {
-    experimental-features = [ "nix-command" "flakes" ];
-  };
-  nixpkgs.config.allowUnfree = true;
-  nixpkgs.config.permittedInsecurePackages = [
-    "electron-27.3.11"
-  ];
-
-  # Distributed Builds
-  nix.buildMachines = [
-    {
-      hostName = "kb-senfnvp-remotebuild";
-      systems = [ "aarch64-linux" ];
-      protocol = "ssh-ng";
-      maxJobs = 10;
-      speedFactor = 2;
-      supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" ];
-      mandatoryFeatures = [];
-    }
-  ];
-  nix.distributedBuilds = true;
-  nix.extraOptions = ''
-    builders-use-substitutes = true
-  '';
-
-  # NAS Test-Config
-  suites.nas.enable = false;
-  
-  # Networking
-  networking.hostName = "Ohybke";
-  networking.networkmanager.enable = true;
-  #networking.wireless.enable = true;
-  # Allow KDE Connect Ports
-  networking.firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }];
-  networking.firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }];
-
-  # Enable Bluetooth
-  hardware.bluetooth.enable = true;
-  hardware.bluetooth.powerOnBoot = true;
-
-  # Locale
-  time.timeZone = "Europe/Berlin";
-  i18n.defaultLocale = "en_US.UTF-8";
-  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "de_DE.UTF-8";
-    LC_IDENTIFICATION = "de_DE.UTF-8";
-    LC_MEASUREMENT = "de_DE.UTF-8";
-    LC_MONETARY = "de_DE.UTF-8";
-    LC_NAME = "de_DE.UTF-8";
-    LC_NUMERIC = "de_DE.UTF-8";
-    LC_PAPER = "de_DE.UTF-8";
-    LC_TELEPHONE = "de_DE.UTF-8";
-    LC_TIME = "de_DE.UTF-8";
-  };
-
-  # Enable the X11 windowing system.
-  services.xserver.enable = true;
-
-  # Enable the KDE Plasma Desktop Environment.
-  services.displayManager.sddm.enable = true;
-  services.desktopManager.plasma6.enable = true;
-
-  # Keyboard and Keymap
-  services.xserver.xkb = {
-    layout = "de";
-    variant = "mac_nodeadkeys";
-    options = "";
-  };
-  console = {
-    font = "Lat2-Terminus16";
-    # keyMap = "de";
-    useXkbConfig = true;
-  };
-
-  # Enable CUPS to print documents.
-  services.printing.enable = true;
-
-  # Enable sound with pipewire.
-  services.pulseaudio.enable = false;
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-  };
-
-  # Users
-  users.users.kb = { # Managed by Homemanager
-    isNormalUser = true;
-    description = "kB";
-    extraGroups = [ "networkmanager" "wheel" ];
-  };
-
-  # Enable SSH-Agent
-  programs.ssh.startAgent = true;
-
-  # Packages installed in system profile. Search Packages: $ nix search wget
-  environment.systemPackages = with pkgs; [
-    vim
-    git
-    tree
-    dmg2img
-    curl
-    python3
-    sops
-    kb-one.numen
-    kb-one.dotool
-    kb-one.vosk-model-small-en-us
-  ];
-
-  system.stateVersion = "24.11"; # NEVER Change this!
-
-}
-

systems/x86_64-linux/Ohybke/hardware.nix

@@ -1,41 +0,0 @@
-{ config, lib, pkgs, modulesPath, inputs, ... }: let
-  inherit (inputs) nixos-hardware;
-in {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-    nixos-hardware.nixosModules.apple-t2
-  ];
-
-  # Nix Config
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-
-  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "cryptd" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.loader.efi.efiSysMountPoint = "/boot";
-
-  # File Systems
-  fileSystems."/" = { 
-    device = "/dev/disk/by-uuid/e36a3f85-020f-4d6c-844f-b81131ce7e63";
-    fsType = "ext4";
-  };
-  boot.initrd.luks.devices."luks-a226aaf4-1250-447b-a5fc-fa37758d332a".device = "/dev/disk/by-uuid/a226aaf4-1250-447b-a5fc-fa37758d332a";
-  fileSystems."/boot" = { 
-    device = "/dev/disk/by-uuid/5F66-17ED";
-    fsType = "vfat";
-    options = [ "fmask=0022" "dmask=0022" ];
-  };
-  swapDevices = [ { device = "/swapfile"; size = 8 * 1024; } ];
-
-  # Misc
-  networking.useDHCP = lib.mkDefault true;
-
-  hardware.bosto-touchpad.enable = true;
-
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

systems/x86_64-linux/U3ncSovm/default.nix

@@ -2,7 +2,7 @@
 
 {
   imports = [ # Include the results of the hardware scan.
-    ./hardware.nix
+    ./vm.nix
   ];
 
   # Configure Nix
@@ -28,6 +28,7 @@
   users.users.master = {
     initialPassword = "test";
     openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF82e+j7y8qsSvLn/DZuosvsH0S2EsHpqDkvZ8jiONm3 kb@LoyAdjo"
     ];
     isNormalUser = true;
     extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
@@ -45,6 +46,12 @@
     git
   ];
 
+  # Enable NAS Functionality
+  services.nas = {
+    enable = true;
+    servers.audiobookshelf.enable = true;
+  };
+
   # SSH and Mosh
   services.openssh = {
     enable = true;

systems/x86_64-linux/U3ncSovm/hardware.nix

@@ -1,49 +0,0 @@
-{ config, lib, pkgs, modulesPath, inputs, ... }:
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  # Configure NixOS
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-
-  # Boot Parameters
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "ahci" "firewire_ohci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" "wl" ];
-  boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
-
-  # Filesystems
-  fileSystems."/" = { 
-    device = "/dev/disk/by-uuid/00000000-0000-0000-0000-000000000000";
-    fsType = "ext4";
-  };
-  boot.initrd.luks.devices."luks-00000000-0000-0000-0000-000000000000".device = "/dev/disk/by-uuid/00000000-0000-0000-0000-000000000000";
-  fileSystems."/boot" = { 
-    device = "/dev/disk/by-uuid/0000-0000";
-    fsType = "vfat";
-    options = [ "fmask=0077" "dmask=0077" ];
-  };
-  swapDevices = [ 
-    {
-      device = "/swapfile";
-      size = 4*1024;
-    }
-  ];
-
-  # Network
-  networking.useDHCP = lib.mkDefault true;
-
-  # Hardware
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-
-  # Virtual Machine Configuration
-  virtualisation.vmVariant = {
-    # following configuration is added only when building VM with build-vm
-    virtualisation = {
-      memorySize = 4*1024;
-      cores = 3;         
-    };
-  };
-
-}

systems/x86_64-linux/U3ncSovm/vm.nix

@@ -0,0 +1,10 @@
+{ config, lib, pkgs, modulesPath, ... }:
+{
+  virtualisation.vmVariant = {
+    # following configuration is added only when building VM with build-vm
+    virtualisation = {
+      memorySize = 4*1024;
+      cores = 3;         
+    };
+  };
+}

systems/x86_64-linux/kb-games-01/default.nix

@@ -21,7 +21,7 @@
   boot.loader.efi.canTouchEfiVariables = true;
 
   # Define your hostname.
-  networking.hostName = "kb-game-01";
+  networking.hostName = "kb-games-01";
 
   # Set your time zone.
   time.timeZone = "Europe/Amsterdam";
@@ -36,15 +36,12 @@
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHS3DoQe/4TtdTLD/Fl41rTjE0n5MyFMl59VGVejcskO kb voloxo"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpN/3esM0SFLJ2guCBOYX8IdBC+jUiMF+xPYkTEuzbe kb-work yerukall"
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMN1LWMOfFtRKkSLIA/XTj3KYm7OG2bjqEmGXj0gmDc7 kb@LoyAdjo"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7W8FUUvM8rUGK6qV3XOIxR0y/pdyo9z5HZNzOADs5+ kb@Rubtrm"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILgfAxGyxjNOZyuUZIlwVCzj/mBM9uM7apNDzEJ3g+F+ kb@LANA9C"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKurR2GzSHyD3AM0Xn+YmwfGcLjBlQX1ZRh93S8YiQwn kb@Ohybke"
     ];
     isNormalUser = true;
     extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
     packages = with pkgs; [
+      tree
       vim
-      sops
     ];
   };
 
@@ -52,8 +49,6 @@
     isNormalUser = true;
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBHdxVb42GEb/rwrsQx/Wc2v2P+WIq8/WNlF+l31Rl/a Remotebuilds from HyperC"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL/WONflZXVoZd8I4HdNMXNtoYELnCaxqdFY0QKDXXS9 Remotebuilds from Rubtrm"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJqjdhtK0xeJcHwwCAia6I+WuZCkN9pUS21MNjJ2jOuc Remotebuilds from LANA9Z"
     ];
   };
 
@@ -62,17 +57,8 @@
     vim
     wget
     git
-    tree
   ];
 
-  # Default Editor
-  programs.vim.enable = true;
-  programs.vim.defaultEditor = true;
-
-  # Sops Secrets Config
-  sops.defaultSopsFormat = "yaml";
-  sops.age.keyFile = "/home/master/.config/sops/age/keys.txt";
-
   # SSH and Mosh
   services.openssh = {
     enable = true;
@@ -90,14 +76,10 @@
     servers.survival.enable = true;
   };
 
-  # Forgejo Runner
-  services.forgejo-runner.enable = true;
-
-  # Binary Cache 
-  services.binary-cache.enable = false; # No Binary-Cache, when there are Secrets in the /nix/store
-
-  # Enable QUEMU Quest Agent
-  services.qemuGuest.enable = true;
+  services.nix-serve = {
+    enable = true;
+    secretKeyFile = "/var/cache-kb-games-01-priv-key.pem";
+  };
 
   # Do NOT change this value 
   system.stateVersion = "24.05"; # Did you read the comment?

systems/x86_64-linux/voloxo/default.nix

@@ -18,6 +18,7 @@
     "cache.HyperC:90YNJ0eWsuBGVVP989lJh1rL8C0KM6IKbAtEUiu+FCU="
   ];
 
+
   # Bootloader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
@@ -26,6 +27,11 @@
   boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
 
   networking.hostName = "voloxo"; # Define your hostname.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
 
   # Enable networking
   networking.networkmanager.enable = true;
@@ -48,6 +54,8 @@
     LC_TIME = "de_DE.UTF-8";
   };
 
+
+
   # Nvidia Configuration
   hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
   hardware.bluetooth.enable = true;
@@ -80,15 +88,24 @@
   services.printing.enable = true;
 
   # Enable sound with pipewire.
-  services.pulseaudio.enable = false;
+  hardware.pulseaudio.enable = false;
   security.rtkit.enable = true;
   services.pipewire = {
     enable = true;
     alsa.enable = true;
     alsa.support32Bit = true;
     pulse.enable = true;
+    # If you want to use JACK applications, uncomment this
+    #jack.enable = true;
+
+    # use the example session manager (no others are packaged yet so this is enabled by default,
+    # no need to redefine it in your config for now)
+    #media-session.enable = true;
   };
 
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
   # Define a user account. Don't forget to set a password with ‘passwd’.
   users.users.kb = {
     isNormalUser = true;
@@ -122,6 +139,7 @@
       tidal-hifi
       iamb # Matrix with Vim-Binds
       yazi
+      nerdfonts
       scrcpy
       ryujinx
       razergenie
@@ -191,6 +209,14 @@
     ntfs3g
   ];
 
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
+  #   enable = true;
+  #   enableSSHSupport = true;
+  # };
+
   # List services that you want to enable:
   systemd.services.languagetool = {
     description = "LanguageTool HTTP Server for local Spellchecking";