add visual studio code

add argocd
added zen browser
2025-12-16 23:40:57 +01:00 · 2025-12-16 23:07:53 +01:00 · 2025-12-16 23:07:53 +01:00 · 2025-12-16 23:07:52 +01:00
13 changed files with 265 additions and 294 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -60,7 +60,31 @@
      "inputs": {
        "home-manager": "home-manager",
        "nix-darwin": "nix-darwin",
-        "nixpkgs": "nixpkgs"
+        "nixpkgs": "nixpkgs",
+        "zen-browser": "zen-browser"
+      }
+    },
+    "zen-browser": {
+      "inputs": {
+        "home-manager": [
+          "home-manager"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1765895443,
+        "narHash": "sha256-yftYGV0skUwV5neT1BJrs7RRbXPKozQTzC7d9c7kEFs=",
+        "owner": "0xc000022070",
+        "repo": "zen-browser-flake",
+        "rev": "bc7dfff92cb7919dfb213ea78c11ea0a4d265a56",
+        "type": "github"
+      },
+      "original": {
+        "owner": "0xc000022070",
+        "repo": "zen-browser-flake",
+        "type": "github"
      }
    }
  },
--- a/flake.nix
+++ b/flake.nix
@@ -16,6 +16,16 @@
      url = "github:LnL7/nix-darwin";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+
+    zen-browser = {
+      url = "github:0xc000022070/zen-browser-flake";
+      inputs = {
+        # IMPORTANT: we're using "libgbm" and is only available in unstable so ensure
+        # to have it up-to-date or simply don't specify the nixpkgs input
+        nixpkgs.follows = "nixpkgs";
+        home-manager.follows = "home-manager";
+      };
+    };
  };

  outputs = {
--- a/home/default.nix
+++ b/home/default.nix
@@ -7,10 +7,13 @@
  pkgs,
  lib,
  username,
+  inputs,
  ...
 }: {
  # Import shared modules
  imports = [
+    inputs.zen-browser.homeModules.beta
+
    # Shell configuration (zsh, starship, atuin, direnv, zoxide, fzf, pyenv)
    ../modules/home/shell.nix

--- a/home/personal.nix
+++ b/home/personal.nix
@@ -70,6 +70,10 @@
      username = "morten";
      passwordFile = "/Users/alice/Library/Application Support/jellyfin-tui/pass";
    };
+
+    zen-browser = {
+      enable = true;
+    };
  };

  # Personal-only packages
--- a/hosts/personal/default.nix
+++ b/hosts/personal/default.nix
@@ -11,136 +11,10 @@
 }: {
  # Import darwin modules
  imports = [
+    ../../modules/darwin/system.nix
    ../../modules/darwin/homebrew.nix
  ];

-  # Nix configuration
-  nix = {
-    settings = {
-      # Enable flakes and new nix command
-      experimental-features = ["nix-command" "flakes"];
-      # Avoid unwanted garbage collection when using nix-direnv
-      keep-outputs = true;
-      keep-derivations = true;
-    };
-  };
-
-  # Allow unfree packages
-  nixpkgs.config.allowUnfree = true;
-
-  system = {
-    primaryUser = username;
-    keyboard = {
-      enableKeyMapping = true;
-      remapCapsLockToControl = true;
-    };
-    startup.chime = false;
-
-    defaults = {
-      spaces.spans-displays = false;
-      loginwindow = {
-        GuestEnabled = false;
-        DisableConsoleAccess = true;
-      };
-
-
-      dock = {
-        autohide = true;
-        autohide-delay = 0.0;
-        autohide-time-modifier = 0.0;
-        orientation = "bottom";
-        dashboard-in-overlay = true;
-        largesize = 85;
-        tilesize = 50;
-        magnification = true;
-        launchanim = false;
-        mru-spaces = false;
-        show-recents = false;
-        show-process-indicators = false;
-        static-only = true;
-      };
-
-      finder = {
-        AppleShowAllExtensions = true;
-        AppleShowAllFiles = true;
-        CreateDesktop = false;
-        FXDefaultSearchScope = "SCcf"; # current folder
-        QuitMenuItem = true;
-      };
-
-      NSGlobalDomain = {
-        NSAutomaticSpellingCorrectionEnabled = false;
-        NSAutomaticCapitalizationEnabled = false;
-        NSAutomaticPeriodSubstitutionEnabled = false;
-        NSAutomaticDashSubstitutionEnabled = false;
-        NSAutomaticQuoteSubstitutionEnabled = false;
-        NSAutomaticWindowAnimationsEnabled = false;
-        NSDocumentSaveNewDocumentsToCloud = false;
-        ApplePressAndHoldEnabled = false;
-
-        KeyRepeat = 2;
-        InitialKeyRepeat = 10;
-        # Enable subpixel font rendering on non-Apple LCDs
-        # Reference: https://github.com/kevinSuttle/macOS-Defaults/issues/17#issuecomment-266633501
-        AppleFontSmoothing = 2;
-        # Finder: show all filename extensions
-        AppleShowAllExtensions = true;
-      };
-      CustomUserPreferences = {
-        LaunchServices = {
-          # Whether to enable quarantine for downloaded applications
-          LSQuarantine = false;
-        };
-        trackpad = {
-          Clicking = true;
-          TrackpadRightClick = true;
-        };
-        "com.apple.systempreferences" = {
-          # Disable Resume system-wide
-          NSQuitAlwaysKeepsWindows = false;
-        };
-        "com.apple.desktopservices" = {
-          # Avoid creating .DS_Store files on network or USB volumes
-          DSDontWriteNetworkStores = true;
-          DSDontWriteUSBStores = true;
-        };
-        "com.apple.screensaver" = {
-          # Require password immediately after sleep or screen saver begins
-          askForPassword = 1;
-          askForPasswordDelay = 0;
-        };
-        "com.apple.AdLib" = {
-          # Don't fucking track me...
-          allowApplePersonalizedAdvertising = false;
-        };
-        "com.apple.BluetoothAudioAgent" = {
-          # Increase sound quality for Bluetooth headphones/headsets
-          "Apple Bitpool Min (editable)" = -40;
-        };
-        "com.apple.dashboard" = {
-          # Disable Dashboard
-          mcx-disabled = true;
-        };
-        alf = {
-          # Enables Firewall
-          globalstate = 1;
-          # Enable logging of requests
-          loggingenabled = 1;
-          # Drops incoming requests via ICMP such as ping requests
-          stealthenabled = 1;
-        };
-      };
-    };
-  };
-
-  users.users.${username} = {
-    name = username;
-    home = "/Users/${username}";
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFaIAP/ZJ7+7jeR44e1yIJjfQAB6MN351LDKJAXVF62P"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILAzuPy7D/54GxMq9Zhz0CUjaDnEQ6RkQ/yqVYl7U55k"
-    ];
-  };

  # System-level programs
  programs = {
--- a/hosts/work/default.nix
+++ b/hosts/work/default.nix
@@ -11,137 +11,10 @@
 }: {
  # Import darwin modules
  imports = [
+    ../../modules/darwin/system.nix
    ../../modules/darwin/homebrew.nix
  ];

-  # Nix configuration
-  nix = {
-    settings = {
-      # Enable flakes and new nix command
-      experimental-features = ["nix-command" "flakes"];
-      # Avoid unwanted garbage collection when using nix-direnv
-      keep-outputs = true;
-      keep-derivations = true;
-    };
-  };
-
-  # Allow unfree packages
-  nixpkgs.config.allowUnfree = true;
-
-  system = {
-    primaryUser = username;
-    keyboard = {
-      enableKeyMapping = true;
-      remapCapsLockToControl = true;
-    };
-    startup.chime = false;
-
-    defaults = {
-      spaces.spans-displays = false;
-      loginwindow = {
-        GuestEnabled = false;
-        DisableConsoleAccess = true;
-      };
-
-
-      dock = {
-        autohide = true;
-        autohide-delay = 0.0;
-        autohide-time-modifier = 0.0;
-        orientation = "bottom";
-        dashboard-in-overlay = true;
-        largesize = 85;
-        tilesize = 50;
-        magnification = true;
-        launchanim = false;
-        mru-spaces = false;
-        show-recents = false;
-        show-process-indicators = false;
-        static-only = true;
-      };
-
-      finder = {
-        AppleShowAllExtensions = true;
-        AppleShowAllFiles = true;
-        CreateDesktop = false;
-        FXDefaultSearchScope = "SCcf"; # current folder
-        QuitMenuItem = true;
-      };
-
-      NSGlobalDomain = {
-        NSAutomaticSpellingCorrectionEnabled = false;
-        NSAutomaticCapitalizationEnabled = false;
-        NSAutomaticPeriodSubstitutionEnabled = false;
-        NSAutomaticDashSubstitutionEnabled = false;
-        NSAutomaticQuoteSubstitutionEnabled = false;
-        NSAutomaticWindowAnimationsEnabled = false;
-        NSDocumentSaveNewDocumentsToCloud = false;
-        ApplePressAndHoldEnabled = false;
-
-        KeyRepeat = 2;
-        InitialKeyRepeat = 10;
-        # Enable subpixel font rendering on non-Apple LCDs
-        # Reference: https://github.com/kevinSuttle/macOS-Defaults/issues/17#issuecomment-266633501
-        AppleFontSmoothing = 2;
-        # Finder: show all filename extensions
-        AppleShowAllExtensions = true;
-      };
-      CustomUserPreferences = {
-        LaunchServices = {
-          # Whether to enable quarantine for downloaded applications
-          LSQuarantine = false;
-        };
-        trackpad = {
-          Clicking = true;
-          TrackpadRightClick = true;
-        };
-        "com.apple.systempreferences" = {
-          # Disable Resume system-wide
-          NSQuitAlwaysKeepsWindows = false;
-        };
-        "com.apple.desktopservices" = {
-          # Avoid creating .DS_Store files on network or USB volumes
-          DSDontWriteNetworkStores = true;
-          DSDontWriteUSBStores = true;
-        };
-        "com.apple.screensaver" = {
-          # Require password immediately after sleep or screen saver begins
-          askForPassword = 1;
-          askForPasswordDelay = 0;
-        };
-        "com.apple.AdLib" = {
-          # Don't fucking track me...
-          allowApplePersonalizedAdvertising = false;
-        };
-        "com.apple.BluetoothAudioAgent" = {
-          # Increase sound quality for Bluetooth headphones/headsets
-          "Apple Bitpool Min (editable)" = -40;
-        };
-        "com.apple.dashboard" = {
-          # Disable Dashboard
-          mcx-disabled = true;
-        };
-        alf = {
-          # Enables Firewall
-          globalstate = 1;
-          # Enable logging of requests
-          loggingenabled = 1;
-          # Drops incoming requests via ICMP such as ping requests
-          stealthenabled = 1;
-        };
-      };
-    };
-  };
-
-  users.users.${username} = {
-    name = username;
-    home = "/Users/${username}";
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFaIAP/ZJ7+7jeR44e1yIJjfQAB6MN351LDKJAXVF62P"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILAzuPy7D/54GxMq9Zhz0CUjaDnEQ6RkQ/yqVYl7U55k"
-    ];
-  };
-
  # System-level programs
  programs = {
    # Enable zsh as it's the default macOS shell
--- a/mise.toml
+++ b/mise.toml
@@ -0,0 +1,2 @@
+[tools]
+rust = "latest"
--- a/modules/darwin/homebrew.nix
+++ b/modules/darwin/homebrew.nix
@@ -27,6 +27,7 @@ in {
          # Terminal & Development
          "ghostty"
          "dbeaver-community"
+          "visual-studio-code"

          # Window management
          "aerospace"
--- a/modules/darwin/system.nix
+++ b/modules/darwin/system.nix
@@ -0,0 +1,140 @@
+# It sets up system-level configuration and integrates with home-manager.
+{
+  config,
+  pkgs,
+  lib,
+  username,
+  ...
+}: {
+  # Nix configuration
+  nix = {
+    settings = {
+      # Enable flakes and new nix command
+      experimental-features = ["nix-command" "flakes"];
+      # Avoid unwanted garbage collection when using nix-direnv
+      keep-outputs = true;
+      keep-derivations = true;
+    };
+  };
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  system = {
+    primaryUser = username;
+    keyboard = {
+      enableKeyMapping = true;
+      remapCapsLockToControl = true;
+    };
+    startup.chime = false;
+
+    defaults = {
+      spaces.spans-displays = false;
+      loginwindow = {
+        GuestEnabled = false;
+        DisableConsoleAccess = true;
+      };
+
+
+      dock = {
+        autohide = true;
+        autohide-delay = 0.0;
+        autohide-time-modifier = 0.0;
+        orientation = "bottom";
+        dashboard-in-overlay = true;
+        largesize = 85;
+        tilesize = 50;
+        magnification = true;
+        launchanim = false;
+        mru-spaces = false;
+        show-recents = false;
+        show-process-indicators = false;
+        static-only = true;
+      };
+
+      finder = {
+        AppleShowAllExtensions = true;
+        AppleShowAllFiles = true;
+        CreateDesktop = false;
+        FXDefaultSearchScope = "SCcf"; # current folder
+        QuitMenuItem = true;
+      };
+
+      NSGlobalDomain = {
+        NSAutomaticSpellingCorrectionEnabled = false;
+        NSAutomaticCapitalizationEnabled = false;
+        NSAutomaticPeriodSubstitutionEnabled = false;
+        NSAutomaticDashSubstitutionEnabled = false;
+        NSAutomaticQuoteSubstitutionEnabled = false;
+        NSAutomaticWindowAnimationsEnabled = false;
+        NSDocumentSaveNewDocumentsToCloud = false;
+        ApplePressAndHoldEnabled = false;
+
+        KeyRepeat = 2;
+        InitialKeyRepeat = 10;
+        # Enable subpixel font rendering on non-Apple LCDs
+        # Reference: https://github.com/kevinSuttle/macOS-Defaults/issues/17#issuecomment-266633501
+        AppleFontSmoothing = 2;
+        # Finder: show all filename extensions
+        AppleShowAllExtensions = true;
+      };
+      CustomUserPreferences = {
+        LaunchServices = {
+          # Whether to enable quarantine for downloaded applications
+          LSQuarantine = false;
+        };
+        trackpad = {
+          Clicking = true;
+          TrackpadRightClick = true;
+        };
+        "com.apple.systempreferences" = {
+          # Disable Resume system-wide
+          NSQuitAlwaysKeepsWindows = false;
+        };
+        "com.apple.desktopservices" = {
+          # Avoid creating .DS_Store files on network or USB volumes
+          DSDontWriteNetworkStores = true;
+          DSDontWriteUSBStores = true;
+        };
+        "com.apple.screensaver" = {
+          # Require password immediately after sleep or screen saver begins
+          askForPassword = 1;
+          askForPasswordDelay = 0;
+        };
+        "com.apple.AdLib" = {
+          # Don't fucking track me...
+          allowApplePersonalizedAdvertising = false;
+        };
+        "com.apple.BluetoothAudioAgent" = {
+          # Increase sound quality for Bluetooth headphones/headsets
+          "Apple Bitpool Min (editable)" = -40;
+        };
+        "com.apple.dashboard" = {
+          # Disable Dashboard
+          mcx-disabled = true;
+        };
+        alf = {
+          # Enables Firewall
+          globalstate = 1;
+          # Enable logging of requests
+          loggingenabled = 1;
+          # Drops incoming requests via ICMP such as ping requests
+          stealthenabled = 1;
+        };
+      };
+    };
+  };
+
+  users.users.${username} = {
+    name = username;
+    home = "/Users/${username}";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFaIAP/ZJ7+7jeR44e1yIJjfQAB6MN351LDKJAXVF62P"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILAzuPy7D/54GxMq9Zhz0CUjaDnEQ6RkQ/yqVYl7U55k"
+    ];
+  };
+
+  # Used for backwards compatibility, read the changelog before changing.
+  # $ darwin-rebuild changelog
+  system.stateVersion = 5;
+}
--- a/modules/home/apps.nix
+++ b/modules/home/apps.nix
@@ -21,6 +21,15 @@ in {
      };
    };

+    zen-browser = {
+      enable = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+        description = "Enable Zen Browser configuration (macOS only)";
+      };
+    };
+
+
    jellyfin-tui = {
      enable = lib.mkOption {
        type = lib.types.bool;
@@ -55,6 +64,41 @@ in {
  };

  config = lib.mkIf cfg.enable {
+    programs.zen-browser = lib.mkIf cfg.zen-browser.enable {
+      enable = true;
+      policies = let
+        mkExtensionSettings = builtins.mapAttrs (_: pluginId: {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/${pluginId}/latest.xpi";
+          installation_mode = "force_installed";
+        });
+      in {
+        AutofillAddressEnabled = true;
+        AutofillCreditCardEnabled = false;
+        DisableAppUpdate = true;
+        DisableFeedbackCommands = true;
+        DisableFirefoxStudies = true;
+        DisablePocket = true;
+        DisableTelemetry = true;
+        DontCheckDefaultBrowser = true;
+        NoDefaultBookmarks = true;
+        OfferToSaveLogins = false;
+        EnableTrackingProtection = {
+          Value = true;
+          Locked = true;
+          Cryptomining = true;
+          Fingerprinting = true;
+        };
+
+        ExtensionSettings = mkExtensionSettings {
+          "78272b6fa58f4a1abaac99321d503a20@proton.me" = "proton-pass";
+          "{d7742d87-e61d-4b78-b8a1-b469842139fa}" = "vimium-ff";
+          "readeck@readeck.com" = "readeck";
+          "@testpilot-containers" = "multi-account-containers";
+          "uBlock0@raymondhill.net" = "ublock-origin";
+        };
+      };
+    };
+
    # Aerospace window manager configuration (macOS)
    # Placed at ~/.aerospace.toml
    home.file = lib.mkMerge [
--- a/modules/home/git.nix
+++ b/modules/home/git.nix
@@ -80,18 +80,26 @@ in {
    programs.git = {
      enable = true;

-      # User configuration
-      userName = cfg.userName;
-      userEmail = cfg.userEmail;
-
      # Signing configuration with 1Password
      signing = {
        key = cfg.signingKey;
        signByDefault = true;
      };

-      # Extra configuration
-      extraConfig = {
+      # Conditional includes for project-specific configurations
+      includes = map (inc: {
+        condition = inc.condition;
+        path = inc.path;
+      }) cfg.includes;
+
+      # All git settings using the new unified settings option
+      settings = {
+        # User configuration
+        user = {
+          name = cfg.userName;
+          email = cfg.userEmail;
+        };
+
        # Core settings (pager is set by programs.delta)
        core = {
          hooksPath = "/dev/null";
@@ -144,10 +152,9 @@ in {
        "difftool \"nvimdiff\"" = {
          cmd = "nvim -d \"$LOCAL\" \"$REMOTE\"";
        };
-      };

        # Aliases
-      aliases = {
+        alias = {
          graph = "log --graph --color --pretty=format:\"%C(yellow)%H%C(green)%d%C(reset)%n%x20%cd%n%x20%cn%C(blue)%x20(%ce)%x20%C(cyan)[gpg:%GK%x20%G?]%C(reset)%n%x20%s%n\"";
          ll = "log --oneline";
          st = "status -sb";
@@ -161,12 +168,7 @@ in {
          undo = "reset HEAD~1 --mixed";
          unstage = "reset HEAD --";
        };
-
-      # Conditional includes for project-specific configurations
-      includes = map (inc: {
-        condition = inc.condition;
-        path = inc.path;
-      }) cfg.includes;
+      };
    };
  };
 }
--- a/modules/home/packages.nix
+++ b/modules/home/packages.nix
@@ -30,6 +30,7 @@
    duf # A better df alternative 
    hyperfine # A command-line benchmarking tool.
    choose # A human-friendly and fast alternative to cut and (sometimes) awk
+    coreutils
    yazi # File manager

    # ========================================================================
@@ -87,6 +88,8 @@
    k9s # Kubernetes TUI
    istioctl # Istio service mesh CLI
    fluxcd # GitOps toolkit
+    popeye # 
+    argocd

    # ========================================================================
    # Infrastructure and Cloud Tools
--- a/modules/home/shell.nix
+++ b/modules/home/shell.nix
@@ -69,9 +69,6 @@
        "--color=fg:#cdd6f4,header:#f38ba8,info:#cba6f7,pointer:#f5e0dc"
        "--color=marker:#f5e0dc,fg+:#cdd6f4,prompt:#cba6f7,hl+:#f38ba8"
      ];
-
-      # NVM directory
-      NVM_DIR = "$HOME/.nvm";
    };

    # Shell aliases (migrated from 01-env.sh and 01-nvim.sh)
@@ -237,12 +234,6 @@
    enableZshIntegration = true;
  };

-  # ==========================================================================
-  # NVM - Node Version Manager
-  # ==========================================================================
-  # NVM is installed via Homebrew and sourced in the shell
-  # This allows managing multiple Node.js versions per project
-
  # ==========================================================================
  # Pyenv - Python version management
  # ==========================================================================
Author	SHA1	Message	Date
Morten Olsen	0cbe2bb231	add visual studio code	2025-12-16 23:40:57 +01:00
Morten Olsen	e3c5020937	add argocd	2025-12-16 23:07:53 +01:00
Morten Olsen	2c59d739d7	added zen browser	2025-12-16 23:07:53 +01:00
Morten Olsen	e6167c2f86	improved system setup	2025-12-16 23:07:52 +01:00