Commit graph

1418 commits

Author SHA1 Message Date
cc4216117a stylix: phase 1 — add input and target waybar/fuzzel/mako/hyprlock/hyprland
Adds nix-community/stylix on its release-25.11 branch (master references
options that don't exist in 25.11's nixpkgs). autoEnable=false so
matugen keeps owning every app it currently themes; we only opt in to
the five targets matugen doesn't cover.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 13:32:18 +01:00
56e6041670 hyprland: theme fuzzel, bind Super+L to hyprlock
Moves fuzzel from system package to home-manager so we can give it a
dark/translucent look matching the waybar. Frees Super+L (was a
redundant movefocus-right that arrow keys already cover) and points it
at hyprlock for screen locking.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 12:50:51 +01:00
772073454d hyprland: start waybar via systemd user unit, not exec-once
exec-once raced Wayland session init — waybar tried to connect before
the display was ready and exited silently. Enable HM's
programs.waybar.systemd.enable so the unit waits on
graphical-session.target.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 12:46:53 +01:00
4940a6f44a hyprland: fix 0.55.0 option/dispatcher renames
Confirmed against the live 0.55.0 binary:
- misc:vfr → debug:vfr (release notes were right; my earlier probe was
  on the still-running 0.52.1 process, which is why I thought debug:vfr
  didn't exist)
- togglesplit isn't a top-level dispatcher anymore; it's a dwindle
  layoutmsg argument

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 12:40:52 +01:00
f88c7a19e0 hyprland: prefer native Wayland backends in client apps
Adds the standard env-var set so Electron, Mozilla, Qt, SDL and Java
apps use Wayland directly instead of XWayland. Improves Vesktop,
VSCodium, Zen, and anything Qt; doesn't touch Hearthstone (not in any
of these families).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 12:33:47 +01:00
333577331a hyprland: keep misc:vfr — 0.55.0 didn't actually move it
Release notes claimed misc:vfr moved to debug:vfr but the live compositor
returns "no such option" for debug:vfr and still exposes misc:vfr. Move
it back.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 12:26:30 +01:00
5a2b5954fa hyprland: drop duplicate portal from extraPortals
programs.hyprland.portalPackage already registers the hyprland portal's
systemd user unit. Listing the same portal in xdg.portal.extraPortals
made nixos-rebuild fail at user-units symlink creation. Keep the gtk
portal there since that one isn't otherwise registered.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 12:25:00 +01:00
7859ac8589 hyprland: use the Adwaita cursor to match the GNOME session
Sets XCURSOR_* and HYPRCURSOR_* in Hyprland's env list so apps inherit
the same Adwaita cursor the GNOME session uses, and calls
`hyprctl setcursor` at exec-once to apply it compositor-side too.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 11:51:45 +01:00
92de9cc76b hyprland: adapt to 0.55.0 breaking changes
0.55.0 keeps traditional config syntax — Lua is added, not required —
but two of our settings broke:
- misc:vfr moved to debug:vfr
- dwindle:pseudotile removed (it was a no-op anyway)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 11:49:55 +01:00
968f7d8be5 hyprland: pin to upstream flake for 0.55.0 (includes resize-lag fix)
nixos-25.11 ships 0.52.1; the fix for XWayland resize lag landed in
0.52.2, and upstream is already on 0.55.0 by now. Add hyprwm/Hyprland
as a flake input and route programs.hyprland and the HM wayland module
through it. Doesn't `follows` our nixpkgs — upstream Hyprland needs
newer stdenv than 25.11 provides.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 11:48:36 +01:00
9dda5b6371 hyprland: force zero-scaling for XWayland surfaces
Long-shot attempt at the Hearthstone-after-resize lag. Tells Hyprland
not to scale XWayland windows compositor-side, which is the
better-tested path for Wine games and sometimes makes resize-state
recovery less broken.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 11:26:55 +01:00
75c3674b77 hyprland: stop windows yanking the cursor on focus changes
Two pairings:
- misc.focus_on_activate = false so apps demanding attention show as
  urgent instead of stealing focus
- cursor.no_warps = true so Hyprland never teleports the cursor onto a
  newly-focused window

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 11:17:03 +01:00
deaa4b8d9c hyprland: replace bundled waybar config with a minimal Hyprland one
The bundled waybar config assumes sway and pulls in modules that don't
apply here (battery, backlight, sway/*), tries to read /dev/input/* the
user can't open, and crashes the media module — which surfaced as
"media stopped unexpectedly" and an unrendered bar.

Switch to programs.waybar with our own settings: hyprland/workspaces,
clock, pulseaudio, network, tray. No IP, no CPU/RAM, no temp, no power
profile. Style is a thin transparent bar, white-on-grey workspace
numbers, FiraMono Nerd Font for the volume/network glyphs.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:53:59 +01:00
4754c5ceb0 hyprland: drop cursor flips that didn't move the needle
no_hardware_cursors and enable_hyprcursor were chased while debugging
input latency; neither made a perceptible difference. Falling back to
defaults keeps the config honest about what's load-bearing. vrr=2 and
render.direct_scanout stay — direct_scanout is a real fullscreen win
and vrr=2 is a harmless no-op until a driver update lets it engage.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:46:48 +01:00
3c9678ea74 hyprland: swap wofi for fuzzel, drop animations to 0.1s
wofi reparses .desktop entries on every launch, which is sluggish on a
fat NixOS package set. fuzzel caches its index and opens in ~30 ms.
Also tightens animation speeds from 0.2 s to 0.1 s for a more
instant-feeling desktop.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:45:42 +01:00
e7674db317 hyprland: switch to 180 Hz EDID mode so FreeSync engages
The OC'd 190 Hz mode doesn't advertise FreeSync, which kept VRR pinned
off and may have been contributing to perceived frame-pacing weirdness
even at the higher raw refresh. Drop to EDID-native 180 Hz so VRR can
actually engage; +10 Hz isn't worth losing adaptive sync.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:40:46 +01:00
d1b86e428e hyprland: force software cursors to dodge AMD HW cursor stutter
The AMD HW cursor plane needs an atomic KMS commit per move, which on
some setups micro-stutters. Software cursors get drawn every compositor
frame at 190 Hz and frequently feel smoother — well-attested workaround
for the "cursor still floaty on Hyprland" complaint.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:36:40 +01:00
77e785e8a3 hyprland: disable hyprcursor to test legacy cursor path
Long-shot tweak — hyprcursor adds a theme/scaling layer that some AMD
setups report feels slightly laggier than the legacy XCursor path.
Worth a try while chasing the last bit of cursor smoothness gap vs
GNOME/mutter.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:27:57 +01:00
d8341ea106 hyprland: pin compositor to dGPU on FredOS-Gaming
This box has both a Ryzen iGPU (card0, 1002:164E) and a Navi 22 dGPU
(card1, 1002:73DF). The monitor is on the dGPU, but aquamarine's
auto-selection wasn't sticking — client buffers were getting allocated
on the iGPU and PRIME-copied across every frame, surfacing as cursor
lag and Zen rendering at a visibly lower effective refresh.

Forces AQ_DRM_DEVICES, WLR_DRM_DEVICES and DRI_PRIME at the Hyprland
session so the compositor and GL/Vulkan clients all live on card1.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:24:42 +01:00
5802e0dbef hyprland: clean up frame pacing for smoother cursor
allow_tearing was causing visible tearing during window drags, and
misc.vrr=2 was set but never actually engaging — the G34WQCP doesn't
advertise FreeSync on the 190 Hz OC mode. Both were feeding Hyprland's
pacing logic bad signals.

Drops allow_tearing + the matching immediate windowrules, sets vrr=0
explicitly, and pins cursor.no_hardware_cursors=0 to make sure the HW
cursor plane is in use.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:18:49 +01:00
ddcc76efeb hyprland: drop hyprspace, cut compositor latency
Removes the Hyprspace plugin entirely — blank-window snapshots from the
0.52.0/0.52.1 ABI skew aren't worth the patch-pin work right now. With
the overview gone, also rebalances the desktop for input latency:

- decoration.blur disabled (two passes at 3440x1440 were the biggest
  per-frame GPU cost)
- render.direct_scanout = true so fullscreen apps bypass the compositor
- misc.vrr = 2 (always on) instead of fullscreen-only

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:14:49 +01:00
64a3051b82 hyprland: revert to plugins list so the compositor boots
Native `plugin = ...` crashes Hyprland during config parse because the
nixpkgs hyprspace is built against 0.52.0 and the compositor is 0.52.1.
The runtime `hyprctl plugin load` path tolerates the skew, so route the
plugin back through HM's plugins option. Super+Space won't fire on every
boot until we land a more robust load mechanism, but the session is
usable again.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:10:00 +01:00
a42993d4fd hyprland: load hyprspace inline instead of via exec-once
home-manager's `plugins` option emits `exec-once = hyprctl plugin load`,
which races IPC socket readiness on startup and silently no-ops — `hyprctl
plugin list` showed nothing even though the .so existed and loaded fine
when invoked manually. Switch to Hyprland's native `plugin = /path`
directive in extraConfig so the load happens synchronously during config
parse, before any binds referencing its dispatchers.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:06:03 +01:00
db71e15904 hyprland: move overview to Super+Space, drop bindr trick
Bare-Super tap detection didn't actually trigger Hyprspace, and the
SUPER_L release-bind was firing on every combo release anyway. A plain
combo bind sidesteps both problems; Super+Space is free since the
launcher moved to Super+R.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:03:20 +01:00
4c15eeea45 hyprland: defer overview:toggle through hyprctl dispatch
Home-manager loads plugins via exec-once, so dispatchers registered by
Hyprspace don't exist when the config is first parsed — the bindr was
silently dropped with "invalid dispatcher". Route it through `exec,
hyprctl dispatch` instead so the lookup happens at keypress, after the
plugin is up.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 10:01:13 +01:00
0c49b5547d hyprland: cut input latency and speed up animations
Enables VRR for fullscreen, disables compositor VFR, and gates tearing
behind allow_tearing + immediate windowrules for Steam and gamescope.
Animations drop to 0.2s via a snappier bezier.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 09:58:29 +01:00
a215b31b8b hyprland: pin DP-2 to 3440x1440@190 on FredOS-Gaming
The default `,preferred,auto,1` line was selecting 60 Hz on the
G34WQCP. Pin the OC'd 190 Hz mode explicitly.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 09:54:54 +01:00
2494c4c785 hyprland: add hyprspace overview, rebind launcher to Super+R
Loads hyprlandPlugins.hyprspace via the home-manager plugins list and
binds overview:toggle to release-of-Super. Frees Super+Space and moves
wofi to Super+R to match the new gesture.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-11 09:49:09 +01:00
forgejo-actions[bot]
c96e532e4f flake: update inputs 2026-05-11 04:01:28 +00:00
61981995ec hyprland: scaffold tiling-first session on FredOS-Gaming
Adds settings/hyprland.nix as a sibling to the GNOME module, gated to
the Gaming host. GDM picks up the new session entry automatically; GNOME
remains the default and can be reselected at login.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-10 20:03:43 +01:00
forgejo-actions[bot]
6536141f9b flake: update inputs 2026-05-10 04:01:25 +00:00
611ed162c3 ports: forward UDP/2603 to fix DR XP reports
DR_Server binds UDP/2603 in addition to TCP/2603 — that's where the
DSOUND.dll mod's NAT-punched XP-report socket sends client kill XP
back to the server (see ChatCommandHandler.cs / [DLL XP REPORT] path
in the source). The original forward was tcp-only, so every WAN
client's UDP XP packet was dropped at the router. Symptom: every
character stuck at lvl 1/xp 0 regardless of how the client launched.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-09 19:29:11 +01:00
forgejo-actions[bot]
d24b2db6f5 flake: update inputs 2026-05-09 04:01:27 +00:00
forgejo-actions[bot]
de68d2a5dc flake: update inputs 2026-05-08 04:01:25 +00:00
32f2a4df2b crowdsec: prune hub items the bundled binary can't parse
The crowdsec hub tracks upstream master, but nixpkgs stable's crowdsec
binary is a few versions behind and doesn't know newer expr functions
(LookupFile in particular). When crowdsec-setup re-pulls the hub on
each rebuild, it lands /etc/crowdsec/scenarios/http-technology-probing.yaml
which then crashes the agent at load time with "unknown name LookupFile".

Adds a tiny oneshot ordered between crowdsec-setup and crowdsec that
removes the offending file. RequiredBy crowdsec.service so the hook
always fires even if someone restarts the agent manually. Drop this
unit (and revert the bundled-package fix) once nixpkgs catches up.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 14:54:11 +01:00
0c1b23337f Revert "libvirtd: KVM stack on FredOS-Gaming for Win11 guest"
This reverts db69615. Not pursuing the Windows-VM workaround for the DR
client mod after all. The server-side AdminCommandHandler exposes a
LevelSelf channel that bypasses the DLL flow entirely, which is a
better path than running a whole guest OS for one game.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 14:27:35 +01:00
db69615506 libvirtd: KVM stack on FredOS-Gaming for Win11 guest
Adds libvirtd + virt-manager + OVMFFull (UEFI w/ Secure Boot) + swtpm
(software TPM 2.0) so a Windows 11 VM can install. Brings in virtio-win
ISO for guest drivers and virt-viewer for SPICE console. Adds fred to
the libvirtd group.

Reason: the Dungeon Runners client-side mod (DSOUND.dll inline-hook
trampolines + memory scanner) crashes wine with a guard-page violation
on init regardless of Proton vintage; the only realistic path for
character progression is to run the client on real Windows.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 12:00:22 +01:00
0230592137 ports: forward dr-server auth/game/queue + UDP aux from WAN
Pairs the LAN-side firewall openings already done in services/dr-server.nix
so the public can actually reach the Mediaserver. TCP for the listening
sockets we observed (2110/2603/2606), UDP for the 2604-2605 pair the
client setup expects per Play_DungeonRunners.bat.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 10:06:55 +01:00
91670f0d28 dr-server: wrap wine64 in xvfb-run for headless Unity
Unity's Win64 build still creates a 1x1 hidden window via Win32 even
under -batchmode -nographics. Wine needs an X display to honor that;
without one, startup fails with "Failed to create batch mode window:
Success." after Mono initializes and PhysX comes up. xvfb-run -a gives
it a virtual display with no real X server cost.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 09:47:55 +01:00
8b83cf9bfb dr-server: run Dungeon Runners Reborn headless under Wine
New service module on FredOS-Mediaserver that launches the friend's
Windows-only Unity server (DR_Server.exe -batchmode -nographics) in a
Win64 wine prefix. wineboot initializes the prefix on first start.
Opens auth/game/queue ports 2110, 2603-2606 (TCP+UDP).

Build files staged separately at ~/dr-server-build on the server;
sudo-move into /var/lib/dr-server/Build after the rebuild.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-07 09:40:42 +01:00
forgejo-actions[bot]
38e2275b0b flake: update inputs 2026-05-07 04:01:26 +00:00
7e36f95056 7dtd: disable storms (StormFreq=0) on both servers 2026-05-06 21:09:38 +01:00
cee4f88e9c 2026-05-06 15:56:09 +01:00
0e672afa68 common: add dnsutils for ad-hoc DNS debugging
Same rationale as jq — useful when poking at the AdGuard / DNS path
during incidents, no package on the system currently provides dig/host.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-06 13:16:16 +01:00
7a96927221 crowdsec: whitelist LAN + loopback to prevent self-bans
Adds a stage s02-enrich parser whitelist so events originating from
10.0.0.0/24 (and 127.0.0.1/::1) are dropped before scoring. Without it,
Authelia 401s from a stale browser tab on a LAN client can trip
http-bf / ssh-bf scenarios and the firewall bouncer cuts the LAN host
off from the server — happened today with the gaming desktop.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-06 13:05:14 +01:00
forgejo-actions[bot]
e7896f02d3 flake: update inputs 2026-05-06 04:01:20 +00:00
f1eb467fd4 common: drop redundant build step from update alias
`nixos-rebuild switch` already builds — the prior `build && switch`
chain made nix evaluate the flake twice and pushed a second
empty-tree nom render to the terminal. With one switch, the nom
output stays clean: single dependency graph, then activation, then nvd.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 16:20:06 +01:00
forgejo-actions[bot]
2d4f723b8e flake: update inputs 2026-05-05 04:01:20 +00:00
2ea40eb22c common: install jq globally
Useful for ad-hoc shell scripts (e.g. downloads-cleanup.sh) — already a
build-time dep of arr-interconnect, just wasn't on the user PATH.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-04 20:08:15 +01:00
287053b909 common: wire nix-output-monitor into the update alias
Adds nix-output-monitor to systemPackages and pipes nixos-rebuild's
internal-json log stream through `nom --json` for both the build and
switch steps. set -o pipefail at the top so a failed rebuild aborts the
chain (otherwise && only sees nom's exit code, which is always 0).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-04 19:58:49 +01:00