feat: add formatter

system/dev/dn-lap/common/hardware-configuration.nix

@@ -1,28 +1,42 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
 
 {
   imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "thunderbolt"
+    "nvme"
+    "uas"
+    "sd_mod"
+    "rtsx_pci_sdmmc"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    {
-      device = "/dev/disk/by-label/nixos";
-      fsType = "ext4";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+  };
 
-  fileSystems."/boot" =
-    {
-      device = "/dev/disk/by-label/BOOT";
-      fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
-    };
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/BOOT";
+    fsType = "vfat";
+    options = [
+      "fmask=0077"
+      "dmask=0077"
+    ];
+  };
 
   swapDevices = [
     { device = "/dev/disk/by-label/swap"; }
@@ -36,6 +50,5 @@
   # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode =
-    lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

system/dev/dn-lap/home/default.nix

@@ -55,10 +55,6 @@ in
 
     imports = [
       ../../../../home/presets/basic.nix
-      (import ../../../../home/user/bitwarden.nix {
-        email = "danny@net.dn";
-        baseUrl = "https://bitwarden.net.dn";
-      })
 
       # waybar
       (import ../../../../home/user/waybar.nix {

system/dev/dn-pre7780/expr/default.nix

@@ -1,5 +1,6 @@
 {
   imports = [
     # ./osx-kvm.nix
+    ./noise-cancel.nix
   ];
 }

system/dev/dn-pre7780/expr/noise-cancel.nix

@@ -0,0 +1,4 @@
+{ ... }:
+{
+  programs.noisetorch.enable = true;
+}

system/dev/dn-pre7780/games/default.nix

@@ -3,5 +3,6 @@
     ../../../modules/gaming.nix
     ./shadps4.nix
     ./minecraft.nix
+    ./heroic.nix
   ];
 }

system/dev/dn-pre7780/games/heroic.nix

@@ -0,0 +1,10 @@
+{ pkgs, ... }:
+{
+  home-manager.sharedModules = [
+    {
+      home.packages = with pkgs; [
+        heroic
+      ];
+    }
+  ];
+}

system/dev/dn-pre7780/home/default.nix

@@ -126,12 +126,6 @@ in
         ./expr
         ./wm
 
-        # Bitwarden client
-        (import ../../../../home/user/bitwarden.nix {
-          email = "danny@net.dn";
-          baseUrl = "https://bitwarden.net.dn";
-        })
-
         # waybar
         (import ../../../../home/user/waybar.nix {
           matchByDesc = true;

system/dev/dn-server/network/services.nix

@@ -5,9 +5,11 @@
   ...
 }:
 let
+  inherit (builtins) concatStringsSep;
   inherit (config.systemConf) username security;
-  inherit (lib) concatStringsSep mkForce optionalString;
+  inherit (lib) mkForce optionalString;
   inherit (helper.nftables) mkElementsStatement;
+
   netbirdCfg = config.services.netbird;
 
   ethInterface = "enp0s31f6";

system/dev/dn-server/services/minecraft-server.nix

@@ -27,6 +27,7 @@ in
       "mods" = "${modpack}/mods";
     };
     serverProperties = {
+
       server-port = 25565;
       difficulty = 3;
       gamemode = "survival";

system/dev/dn-server/services/netbird.nix

@@ -10,8 +10,7 @@ let
   cfg = config.services.netbird;
   srv = cfg.server;
 
-  # TODO: Change realm to master
-  realm = "netbird";
+  realm = "master";
 in
 {
   sops.secrets."netbird/wt0-setupKey" = {
@@ -30,7 +29,7 @@ in
       inherit realm vDomain;
       domain = "netbird.${domain}";
       oidcURL = "https://${config.services.keycloak.settings.hostname}";
-      enableNginx = false;
+      enableNginx = true;
       oidcType = "keycloak";
     })
   ];
@@ -71,49 +70,11 @@ in
     real_ip_recursive on;
   '';
 
-  services.nginx.virtualHosts."netbird.local" = {
-    locations = {
-      "/" = {
-        root = cfg.server.dashboard.finalDrv;
-        tryFiles = "$uri $uri.html $uri/ =404";
-      };
-
-      "/404.html".extraConfig = ''
-        internal;
-      '';
-
-      "/api" = {
-        extraConfig = ''
-          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        '';
-        proxyPass = "http://127.0.0.1:${builtins.toString srv.management.port}";
-      };
-
-      "/management.ManagementService/".extraConfig = ''
-        client_body_timeout 1d;
-
-        grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-        grpc_pass grpc://127.0.0.1:${builtins.toString srv.management.port};
-        grpc_read_timeout 1d;
-        grpc_send_timeout 1d;
-        grpc_socket_keepalive on;
-      '';
-
-      "/signalexchange.SignalExchange/".extraConfig = ''
-        client_body_timeout 1d;
-
-        grpc_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-        grpc_pass grpc://127.0.0.1:${builtins.toString srv.signal.port};
-        grpc_read_timeout 1d;
-        grpc_send_timeout 1d;
-        grpc_socket_keepalive on;
+  services.nginx.virtualHosts."${srv.domain}" = {
+    locations."/api" = {
+      extraConfig = ''
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       '';
     };
-
-    extraConfig = ''
-      error_page 404 /404.html;
-    '';
   };
 }

system/dev/dn-server/sops/secret.yaml

@@ -3,7 +3,7 @@ wireguard:
     wg1.conf: ENC[AES256_GCM,data:Wq8PgaNaEZNYpxqC2sO9CY+Cc+Qsk+sWpQ43FkjXqY5rSYo7rSjzN3sde44ba2IY85Dwyo+TKNp+mmLnjDM3Bgxb3h/sLLEJRwVGS1lU7GQKuT2ZL3MupnKVYXyK/2VmP+Umfw75AHYeMM809HRr7UroDEFQEll3DVqNqWSJRAll2hR14lnxUQpZIewMWTerEE0b+SEADXhPCOsgTUXFxJMtXTfsifGjf0HO2sLrW7EQvMxuiTvSCwosUilc/HgaA/+vNm+UkZ3pSwybYm9fIFvEu0IEqHuLyvy41J70DdxFdS9mNAcYcpeOFrTR4BE6NQ==,iv:zgyIqdH9OWEXPNkHs94Tcet16zvbxV7rbkwzVybkQBc=,tag:GJgAAGyrAhhaxVmcsT/reA==,type:str]
 netbird:
     oidc:
-        secret: ENC[AES256_GCM,data:zZ8zuDqUdZANk1VV44kfp/Y4eXxJDwead9440QJma4Q=,iv:d6/RSEtuhqL+RQDuOQMJhyC9U9ikcasEz0DIdtaBtKg=,tag:8be6FBymbIN+To0dFz2ncA==,type:str]
+        secret: ENC[AES256_GCM,data:6LEiompRgmip9NJUSHBevdwbnDhR3IXrSSorK7ToNlk=,iv:UshQW7lNdXZ6K/LX4prpRhZXTItXSM9fEIkJhOysYtc=,tag:aOrs44I7DbDQmdioB64Peg==,type:str]
     dataStoreKey: ENC[AES256_GCM,data:FGyqII1DZMtImMtWiUx0e1I4J+yMzrWKwhBB6kjmRHqlLz8Oy+C/zCM5SQ8=,iv:AXD8u9vcha8CSRnMPabtdXDQoeqpqKIbWGwfcgIc8Dw=,tag:3nSIt0V+G6NJQ7JSslNOWg==,type:str]
     coturn:
         password: ENC[AES256_GCM,data:AMWBkWLcj1EFfufl8pALpVOG0PE=,iv:sngIedZE4X8clhGIsQyiGKbdsheRbEqeU57Emz2DWJM=,tag:daRLPNrO5fq84rtieYuYYw==,type:str]
@@ -19,7 +19,7 @@ nextcloud:
         backendsecret: ENC[AES256_GCM,data:pV5yw755RkAwHBdmfeP37/SobFZqJouWyIiRJ+Y2mk0iiVdW04vhYVsyjcI=,iv:NhkewgnyE2Dw8mQMMSq6AWo6IOWu8BlyPZvZAszyZuQ=,tag:BlZO15qZWViV8pCWIgZHZQ==,type:str]
 step_ca:
     password: ENC[AES256_GCM,data:3NtUAl344gHiXLlMl88X17Vsm/4OKFM0W8bntzbXC0U=,iv:q9cWW8xTxYQnRYohBxnPIsbVSpvkZYVpYLRVeZgmsRM=,tag:ibumK7ebPKNO/CXAS0eeRA==,type:str]
-vaultwarden: ENC[AES256_GCM,data:5gn2+IYznojrYbmzCJx17qAlBvJBv3CnMEZensyep9JpKEHVz29teOYDh5Zetv0mSrgmrUxCTdNsm0OZCX9EswhslNl5ay6zkhoL+64JIyUcNFWcvu7oD2w1qynWgz41GS2yzuw91LntN4mcpODKhHNN8XFCU9d71Z9zTSIdWn2PoG8wME2hVBJ2YxLpqzDyJYlkWYf4VYUnn9vXZatZqQd0n7bjx3dgX3ogFG/UNfMAs2oLCfuYLkxBqpR2cGNktIxWctCEAWwG68Pfk7X66KMi5w==,iv:JcExp8YkGwV2nMbCK+n0KSL3+SryJZ0iKtVcU/Q+Cgs=,tag:Ut6ahXVAuOKlcwk6DE56Ig==,type:str]
+vaultwarden: ENC[AES256_GCM,data:h8GFyXRMI51DZutX60up4vXTQLNY3q0pr+BWpZ5frJHwy6PVBTYts81K0aTIIU71epT4SVR3p3e8yUdU7jXS1Tw1ol0RnPL+bBNv7JyUede9mkrP4pnozmuCQqOdlHCaUvYyIoWFPrLiz/drXX7gJvWh6zYTTFn9mQ3wQE9J6rxoLzbMyS6raSn2O8Ke+YM0VRXYgVvsyEL3Aa0wV3qO5NDCZ67rZp4TG5U8tOrziw0gnKU3eBCuNyL/uU/7ySvfdxwv631vEi24+dxN+Kx6rlaJpJIywx9xxxoRhOz5TrHzptqRMWpg2GZL5qdVXiUxqYLgC3s7Ri0P2BwOslteO6Z6NXk0HSravbpz3sevEu+bRS7u2MLvL3keP48+EBsXNebnKY7nfqCoIPUQ86CIVGw5fNI+irnRR8kq6oV0MBDGXu6DgmzKV7crFp65zzVSqfFOntVYSqgtQnnM1CmkuGJD,iv:51zbASyFgprzYCMswiEM81p8C0kFhSc28VavCHqRsF0=,tag:LvcY2DbeA71/PXEnjph3dw==,type:str]
 ldap:
     password: ENC[AES256_GCM,data:gz5WBopSffGyvJxKDPekPQ==,iv:bX7N9/oNMhtE/KbPah2ge4s87P2VsxHGoFkOyl83dxs=,tag:YoTe6NPAJgp/0nvhHC9Y5A==,type:str]
     env: ENC[AES256_GCM,data:68EvTHeBqtCVfde5oO+Wzny+l/YIMWQmbcNQ0Wl59EjMrSlJM0rmFm2lMJpxKzCN2cFs0N2z6zG1/eQ9t/SxxyVBrNA6ECnCZrerIo2YGlaT30tc1rffpd8TchMH1VKP5qHnbLUqORMx5z0LR4U49l2HVcHgSCjt/1f127oMi411vIU=,iv:+m1F0CBaoJGv6Z1u+h6rbsXGPUhxgHouTalj13ccJiY=,tag:I/hK65yPaIcgHEZVaXJHBA==,type:str]
@@ -89,7 +89,7 @@ sops:
             OFloWEFuTC9GTXJsMG5NNktmdmIrY1kK0yN0ae0xNaydujV5lt2FiwXdyursG0DK
             9i/B3TTAm9csDMMSTSFbiAUJDzG7kIqn++JU/cxvsGScSnhMqjEK/g==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2026-01-07T08:19:02Z"
-    mac: ENC[AES256_GCM,data:hWVuAT2P1vXtSWUiCYh52vr2FY60611QlO+lNf9GbB98Tzk6K3/RaEtQR8a1KVGz9qoJFwxRk0jm9Mo78ezxaCmjePWklyDYFTPGCcBZbPNGTcZfiCfp5yzFGDbGsR2s3nVDHP+a+BIwIWYEJZz2T4Gi/sPK2rUwGdvq6b0rnKQ=,iv:trEF/xsJobs87q96BdRxDkZHmInEU9krhUQiMvNu87g=,tag:PkYNLlnl72J+dxgnWhvWAw==,type:str]
+    lastmodified: "2026-01-09T04:59:21Z"
+    mac: ENC[AES256_GCM,data:NIHLAoNatyAhKHwCNdRGMR8+rUv00y/ssoGSQlq9/QayYt/GATfelgNwcqksSWf/db5v+Jz92bbk3RT9SKeoMWRxjm+8xzARbjhHGrzxAeLoerGPjQpEpkYYWbFC2ihSODrE+ar3HskAkQmVxmiGKEtYSg3+X2hiEy6ydZkP5Ps=,iv:mAyO820PpeG6NWQlmQf+l9MLIL4OTGJXCBSqYbmozZk=,tag:+Bex5hyAGBXiFoqxqVtaqg==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.11.0

system/dev/dn-server/sops/sops-conf.nix

@@ -6,7 +6,6 @@ in
   sops.secrets = {
     "wireguard/privateKey" = { };
     "step_ca/password" = { };
-    vaultwarden = { };
     "oauth/password" = { };
     "oauth/adminEnv" = { };
     "ldap/password" = lib.mkIf config.mail-server.enable {

system/dev/generic/hardware-configuration.nix

@@ -1,12 +1,21 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
 
 {
   imports = [ ];
 
-  boot.initrd.availableKernelModules = [ "virtio_scsi" "sd_mod" ];
+  boot.initrd.availableKernelModules = [
+    "virtio_scsi"
+    "sd_mod"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];

system/dev/skydrive-lap/common/hardware-configuration.nix

@@ -1,14 +1,25 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
 
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" ];
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usbhid"
+  ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];

system/dev/skydrive-lap/default.nix

@@ -10,7 +10,8 @@ in
   systemConf = {
     inherit hostname username;
     domain = "net.dn";
-    # hyprland.enable = true;
+    enableHomeManager = true;
+    hyprland.enable = false;
     niri.enable = true;
     face = pkgs.fetchurl {
       url = "https://git.dnywe.com/dachxy/skydrive-avatar/raw/branch/main/skydrive.jpg";
@@ -26,6 +27,8 @@ in
     ./sops
     ./utility
     ./network
+    ./home
+    ../../modules/shells/noctalia
   ];
 
   users.users.root.openssh.authorizedKeys.keys = [