fix: swaync -> swaynotificationcenter

Reviewed-on: #47

flake.nix

@@ -12,10 +12,17 @@
       url = "git+https://git.lix.systems/lix-project/lix?ref=main";
       inputs.nixpkgs.follows = "nixpkgs";
     };
-    self.submodules = true;
+    home-manager = {
+      url = "github:nix-community/home-manager/release-25.11";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+    dotfiles = {
+      url = "git+https://code.lazyworkhorse.net/gortium/dotfiles.git";
+      flake = false;
+    };
   };
 
-  outputs = { self, nixpkgs, agenix, lix, ... }@inputs:
+  outputs = { self, nixpkgs, agenix, lix, home-manager, dotfiles, ... }@inputs:
     let
       system = "x86_64-linux";
       keys = import ./lib/keys.nix;
@@ -56,6 +63,7 @@
               agenix.nixosModules.default
               ./hosts/lazyworkhorse/configuration.nix
               ./hosts/lazyworkhorse/hardware-configuration.nix
+              ./modules/nixos/home-manager/default.nix
               ./modules/nixos/filesystem/hoardingcow-mount.nix
               ./modules/nixos/services/docker_manager.nix
               ./modules/nixos/services/open_code_server.nix

hosts/lazyworkhorse/configuration.nix

@@ -36,7 +36,7 @@
     "transparent_hugepage=always" # because mucho ram
   ];
   # 2. Load the specific drivers found by sensors-detect
-  boot.kernelModules = [ "nct6775" "lm96163" "iptable_nat" "iptable_filter" "kvm-intel" "kvm" ];
+  boot.kernelModules = [ "nct6775" "lm96163" "iptable_nat" "iptable_filter" ];
   # 3. Force the nct6775 driver to recognize the chip if it's stubborn
   boot.extraModprobeConfig = ''
     options nct6775 force_id=0xd280
@@ -207,6 +207,7 @@
     ai = {
       path = self + "/assets/compose/ai";
       envFile = config.age.secrets.containers_env.path;
+      ports = [ 22000 ];  # Syncthing TCP sync
     };
 
     cloudstorage = {
@@ -328,21 +329,20 @@
   # Mi50 config
   hardware.graphics = {
     enable = true;
-    enable32Bit = true;
+    enable32Bit = true; # Useful for some compatibility layers
     extraPackages = with pkgs; [
-      rocmPackages.clr.icd
+      rocmPackages.clr.icd # OpenCL/HIP runtime
     ];
   };
   nixpkgs.config.rocmTargets = [ "gfx906" ];
   environment.variables = {
+    # This "tricks" ROCm into supporting the MI50 if using newer versions
     HSA_OVERRIDE_GFX_VERSION = "9.0.6";
+    # Ensures the system sees both GPUs
     HIP_VISIBLE_DEVICES = "0,1";
   };
 
-  # KVM/libvirt for staging VM
-  virtualisation.libvirtd.enable = true;
-
-# Open ports in the firewall.
+ # Open ports in the firewall.
   # networking.firewall.allowedTCPPorts = [ ... ];
   # networking.firewall.allowedUDPPorts = [ ... ];
   # Or disable the firewall altogether.
@@ -475,7 +475,7 @@
   services.openssh.settings = {
     PermitRootLogin = "no";
     MaxAuthTries = 3;
-    MaxSessions = 10;
+    MaxSessions = 20;
     LoginGraceTime = 30;
     ClientAliveInterval = 300;
     ClientAliveCountMax = 2;

modules/nixos/home-manager/default.nix

@@ -0,0 +1,12 @@
+{ config, pkgs, lib, inputs, ... }:
+
+{
+  imports = [ inputs.home-manager.nixosModules.home-manager ];
+
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+
+    users.gortium = import ./dotfiles.nix { inherit config pkgs lib inputs; };
+  };
+}

modules/nixos/home-manager/dotfiles.nix

@@ -0,0 +1,87 @@
+{ config, pkgs, lib, inputs, ... }:
+
+{
+  home = {
+    username = "gortium";
+    homeDirectory = "/home/gortium";
+    stateVersion = "25.11";
+  };
+
+  # Import dotfiles as-is via home.file (Option 3 — git way)
+  # Hyprland
+  home.file.".config/hypr/hyprland.conf".source =
+    "${inputs.dotfiles}/hypr/.config/hypr/hyprland.conf";
+  home.file.".config/hypr/mocha.conf".source =
+    "${inputs.dotfiles}/hypr/.config/hypr/mocha.conf";
+  home.file.".config/hypr/hyprlock.conf".source =
+    "${inputs.dotfiles}/hypr/.config/hypr/hyprlock.conf";
+  home.file.".config/hypr/hypridle.conf".source =
+    "${inputs.dotfiles}/hypr/.config/hypr/hypridle.conf";
+  home.file.".config/hypr/hyprpaper.conf".source =
+    "${inputs.dotfiles}/hypr/.config/hypr/hyprpaper.conf";
+  home.file.".config/hypr/hyprshade.toml".source =
+    "${inputs.dotfiles}/hypr/.config/hypr/hyprshade.toml";
+
+  # Host-specific overrides: sourced from hyprland.conf
+  # hyprland.conf includes: source = ~/.config/hypr/hosts/$HOST.conf
+  # This file is created per-host and contains only the diffs.
+  home.file.".config/hypr/hosts" = {
+    source = "${inputs.dotfiles}/hypr/.config/hypr/hosts";
+    recursive = true;
+  };
+
+  # Zsh
+  home.file.".zshrc".source = "${inputs.dotfiles}/zsh/.zshrc";
+
+  # Tmux
+  home.file.".tmux.conf".source = "${inputs.dotfiles}/tmux/.tmux.conf";
+
+  # Neovim
+  home.file.".config/nvim" = {
+    source = "${inputs.dotfiles}/nvim/.config/nvim";
+    recursive = true;
+  };
+
+  # Wallpapers
+  home.file.".config/wallpapers" = {
+    source = "${inputs.dotfiles}/wallpapers/.config/wallpapers";
+    recursive = true;
+  };
+
+  # Wofi
+  home.file.".config/wofi" = {
+    source = "${inputs.dotfiles}/wofi/.config/wofi";
+    recursive = true;
+  };
+
+  # Packages that should be installed with home-manager
+  home.packages = with pkgs; [
+    # CLI tools
+    ripgrep
+    fd
+    jq
+    fzf
+    bat
+    eza
+    zoxide
+
+    # Development
+    git
+    lazygit
+    gh
+
+    # Hyprland extras
+    hyprshot
+    swaynotificationcenter
+    swww
+    wofi
+    waybar
+    kitty
+    foot
+    brightnessctl
+    playerctl
+    udiskie
+    hyprshade
+    pyprland
+  ];
+}

users/ai-worker.nix

@@ -4,7 +4,7 @@
     group = "ai-worker";
     home = "/home/ai-worker";
     createHome = true;
-    extraGroups = [ "docker" "libvirtd" ];
+    extraGroups = [ "docker" ];
     shell = pkgs.bashInteractive;
     openssh.authorizedKeys.keys = [
       keys.users.ai-worker.main