configs/applicative.nix

{
  config,
  pkgs,
  lib,
  ...
}:
{
  users.users.applicative = {
    name = "asg";
    description = "Applicative Systems";
    hashedPasswordFile = config.age.secrets.kfm-password.path;
    home = "/home/applicative";
    uid = 1001;
    isNormalUser = true;
    extraGroups = [
      "pipewire"
      "audio"
    ];
  };

  nixpkgs.overlays = [
    (final: prev: {
      niphas-wallpaper =
        let
          backgroundColor = config.lib.stylix.colors.withHashtag.base06;
          foregroundColor = config.lib.stylix.colors.withHashtag.base01;
          width = 1920;
          height = 1080;

          svgUrl = "https://applicative.systems/_astro/logo-full.D8zRvqBZ.svg";
          logoSvg = prev.fetchurl {
            url = svgUrl;
            hash = "sha256-qXDIEZsAPn4eUJ3kb5U6L3PMUCtWGYqhqyIaBt7FntE=";
          };
        in
        prev.runCommand "applicative-wallpaper.png"
          {
            nativeBuildInputs = [ prev.imagemagick ];
          }
          ''
            # 1. We use -background to set the canvas color
            # 2. We use -fuzz and -opaque to replace the logo's internal colors
            # 3. We use -gravity and -extent to center it on a wallpaper-sized canvas

            convert \
              -background none \
              -density 300 \
              "${logoSvg}" \
              -fuzz 100% -fill "${foregroundColor}" -opaque black \
              -resize 800x800 \
              -gravity center \
              -background "${backgroundColor}" \
              -extent ${toString width}x${toString height} \
              $out
          '';
    })
  ];

  services.getty.autologinOnce = lib.mkForce false;

  # to run nspawn in nix sandbox
  nix.settings = {
    auto-allocate-uids = true;
    system-features = [ "uid-range" ];
    experimental-features = [
      "auto-allocate-uids"
      "cgroups"
    ];
    trusted-users = [ config.users.users.applicative.name ];
  };

  services.restic.backups.niveum = {
    extraBackupArgs = [
      "--exclude=${config.users.users.applicative.home}/src/nixpkgs/.git"
    ];
    paths = [
      config.users.users.applicative.home
    ];
  };

  security.sudo.extraRules = [
    {
      # still required for systemd-nspawn
      users = [ config.users.users.applicative.name ];
      commands = [ "ALL" ];
    }
  ];
}
work profile 2026-01-09 12:36:46 +01:00			`{`
			`config,`
			`pkgs,`
			`lib,`
			`...`
			`}:`
			`{`
			`users.users.applicative = {`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00			`name = "asg";`
			`description = "Applicative Systems";`
work profile 2026-01-09 12:36:46 +01:00			`hashedPasswordFile = config.age.secrets.kfm-password.path;`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00			`home = "/home/applicative";`
			`uid = 1001;`
work profile 2026-01-09 12:36:46 +01:00			`isNormalUser = true;`
			`extraGroups = [`
			`"pipewire"`
			`"audio"`
			`];`
			`};`

use shared config from niphas 2026-02-04 16:49:28 +01:00			`nixpkgs.overlays = [`
			`(final: prev: {`
			`niphas-wallpaper =`
			`let`
			`backgroundColor = config.lib.stylix.colors.withHashtag.base06;`
			`foregroundColor = config.lib.stylix.colors.withHashtag.base01;`
			`width = 1920;`
			`height = 1080;`

			`svgUrl = "https://applicative.systems/_astro/logo-full.D8zRvqBZ.svg";`
			`logoSvg = prev.fetchurl {`
			`url = svgUrl;`
			`hash = "sha256-qXDIEZsAPn4eUJ3kb5U6L3PMUCtWGYqhqyIaBt7FntE=";`
			`};`
			`in`
			`prev.runCommand "applicative-wallpaper.png"`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00			`{`
use shared config from niphas 2026-02-04 16:49:28 +01:00			`nativeBuildInputs = [ prev.imagemagick ];`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00			`}`
			`''`
use shared config from niphas 2026-02-04 16:49:28 +01:00			`# 1. We use -background to set the canvas color`
			`# 2. We use -fuzz and -opaque to replace the logo's internal colors`
			`# 3. We use -gravity and -extent to center it on a wallpaper-sized canvas`

			`convert \`
			`-background none \`
			`-density 300 \`
			`"${logoSvg}" \`
			`-fuzz 100% -fill "${foregroundColor}" -opaque black \`
			`-resize 800x800 \`
			`-gravity center \`
			`-background "${backgroundColor}" \`
			`-extent ${toString width}x${toString height} \`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00			`$out`
			`'';`
use shared config from niphas 2026-02-04 16:49:28 +01:00			`})`
			`];`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00
use shared config from niphas 2026-02-04 16:49:28 +01:00			`services.getty.autologinOnce = lib.mkForce false;`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00
work profile 2026-01-09 12:36:46 +01:00			`# to run nspawn in nix sandbox`
			`nix.settings = {`
			`auto-allocate-uids = true;`
			`system-features = [ "uid-range" ];`
			`experimental-features = [`
			`"auto-allocate-uids"`
			`"cgroups"`
			`];`
applicative: enable auto-login if not present 2026-01-25 13:46:48 +01:00			`trusted-users = [ config.users.users.applicative.name ];`
work profile 2026-01-09 12:36:46 +01:00			`};`

			`services.restic.backups.niveum = {`
			`extraBackupArgs = [`
			`"--exclude=${config.users.users.applicative.home}/src/nixpkgs/.git"`
			`];`
			`paths = [`
			`config.users.users.applicative.home`
			`];`
			`};`

			`security.sudo.extraRules = [`
			`{`
			`# still required for systemd-nspawn`
			`users = [ config.users.users.applicative.name ];`
			`commands = [ "ALL" ];`
			`}`
			`];`
			`}`