added math the jeeves

Flake lock file updates:

• Updated input 'firefox-addons':
    'gitlab:rycee/nur-expressions/369dccacc0a8214600773b3bbbf68d98a19b74e8?dir=pkgs/firefox-addons&narHash=sha256-TVWYBcNpeQ3fEloryVP9N2yJnC3vuPpoZF1RqFFWFt0%3D' (2025-07-18)
  → 'gitlab:rycee/nur-expressions/553afee4efb5a7dea03cf654deafacd8fa1004f9?dir=pkgs/firefox-addons&narHash=sha256-45s1L4h/6t3M%2B/ppqow1OFUgfk9jZHsR4jxNgxIWWmM%3D' (2025-07-25)
• Updated input 'home-manager':
    'github:nix-community/home-manager/d0300c8808e41da81d6edfc202f3d3833c157daf?narHash=sha256-irfg7lnfEpJY%2B3Cffkluzp2MTVw1Uq9QGxFp6qadcXI%3D' (2025-07-18)
  → 'github:nix-community/home-manager/a1817d1c0e5eabe7dfdfe4caa46c94d9d8f3fdb6?narHash=sha256-hOUWU5L62G9sm8NxdiLWlLIJZz9H52VuFiDllHdwmVA%3D' (2025-07-25)
• Updated input 'nixos-hardware':
    'github:nixos/nixos-hardware/d1bfa8f6ccfb5c383e1eba609c1eb67ca24ed153?narHash=sha256-P8J72psdc/rWliIvp8jUpoQ6qRDlVzgSDDlgkaXQ0Fw%3D' (2025-07-16)
  → 'github:nixos/nixos-hardware/cc66fddc6cb04ab479a1bb062f4d4da27c936a22?narHash=sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM%3D' (2025-07-21)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/6e987485eb2c77e5dcc5af4e3c70843711ef9251?narHash=sha256-RKwfXA4OZROjBTQAl9WOZQFm7L8Bo93FQwSJpAiSRvo%3D' (2025-07-16)
  → 'github:nixos/nixpkgs/fc02ee70efb805d3b2865908a13ddd4474557ecf?narHash=sha256-i%2BCQV2rPmP8wHxj0aq4siYyohHwVlsh40kV89f3nw1s%3D' (2025-07-23)
• Updated input 'nixpkgs-master':
    'github:nixos/nixpkgs/cda03d762aa4d6930f41c2a60b946e0f8a743630?narHash=sha256-ppPL0jXpeeFtyP9I01o807u3iVADQ3YkqpN2lUZk4LY%3D' (2025-07-19)
  → 'github:nixos/nixpkgs/ce6b0611ca70423d97fab2a3f53f61f1fa4ff0a4?narHash=sha256-Iy/9c6DaxCY9ECCLgpoo%2BuwY1K5YTmJLU7fSg7JeALk%3D' (2025-07-26)

.github/workflows/build_systems.yml

@@ -1,7 +1,6 @@
 name: build_systems
 on:
   workflow_dispatch:
-  merge_group:
   pull_request:
   push:
     branches: [main]

.github/workflows/treefmt.yml

@@ -1,7 +1,6 @@
 name: treefmt
 on:
   workflow_dispatch:
-  merge_group:
   pull_request:
   push:
     branches: [main]

flake.lock

@@ -8,11 +8,11 @@
       },
       "locked": {
         "dir": "pkgs/firefox-addons",
-        "lastModified": 1752811437,
-        "narHash": "sha256-TVWYBcNpeQ3fEloryVP9N2yJnC3vuPpoZF1RqFFWFt0=",
+        "lastModified": 1753761817,
+        "narHash": "sha256-FE908x/ihUlr5yn1f+PTMyOjcwotGUodzn7Ej6zZf5U=",
         "owner": "rycee",
         "repo": "nur-expressions",
-        "rev": "369dccacc0a8214600773b3bbbf68d98a19b74e8",
+        "rev": "b657cfddb78408e9b53b4a8aaeaac71fc7ea182e",
         "type": "gitlab"
       },
       "original": {
@@ -29,11 +29,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1752814804,
-        "narHash": "sha256-irfg7lnfEpJY+3Cffkluzp2MTVw1Uq9QGxFp6qadcXI=",
+        "lastModified": 1754085240,
+        "narHash": "sha256-kVHCrTWEe8B1thAhFag1bk4QPY0ZP45V9vPbrwPHoNo=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "d0300c8808e41da81d6edfc202f3d3833c157daf",
+        "rev": "e102920c1becb114645c6f92fe14edc0b05cc229",
         "type": "github"
       },
       "original": {
@@ -44,11 +44,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1752666637,
-        "narHash": "sha256-P8J72psdc/rWliIvp8jUpoQ6qRDlVzgSDDlgkaXQ0Fw=",
+        "lastModified": 1753122741,
+        "narHash": "sha256-nFxE8lk9JvGelxClCmwuJYftbHqwnc01dRN4DVLUroM=",
         "owner": "nixos",
         "repo": "nixos-hardware",
-        "rev": "d1bfa8f6ccfb5c383e1eba609c1eb67ca24ed153",
+        "rev": "cc66fddc6cb04ab479a1bb062f4d4da27c936a22",
         "type": "github"
       },
       "original": {
@@ -60,11 +60,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1752687322,
-        "narHash": "sha256-RKwfXA4OZROjBTQAl9WOZQFm7L8Bo93FQwSJpAiSRvo=",
+        "lastModified": 1753939845,
+        "narHash": "sha256-K2ViRJfdVGE8tpJejs8Qpvvejks1+A4GQej/lBk5y7I=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "6e987485eb2c77e5dcc5af4e3c70843711ef9251",
+        "rev": "94def634a20494ee057c76998843c015909d6311",
         "type": "github"
       },
       "original": {
@@ -76,11 +76,11 @@
     },
     "nixpkgs-master": {
       "locked": {
-        "lastModified": 1752884127,
-        "narHash": "sha256-ppPL0jXpeeFtyP9I01o807u3iVADQ3YkqpN2lUZk4LY=",
+        "lastModified": 1754089779,
+        "narHash": "sha256-bklCdnAaAerEacvmy+HkltNR9QE/M4Ygy+m0L2C6LJI=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "cda03d762aa4d6930f41c2a60b946e0f8a743630",
+        "rev": "3683d033f7994c92834f45f166275738dcdd959d",
         "type": "github"
       },
       "original": {
@@ -199,11 +199,11 @@
         "uv2nix": "uv2nix"
       },
       "locked": {
-        "lastModified": 1747501237,
-        "narHash": "sha256-woyaUwmZurfNTXBEFM6M7ueSd/Udixs+4DUInhL835c=",
+        "lastModified": 1753716864,
+        "narHash": "sha256-5G32jskzdJ3u87vnW02kJxUaudvbGN4CeBz751J4+JE=",
         "owner": "RichieCahill",
         "repo": "system_tools",
-        "rev": "68ab5d1c17ac3fe2487f73dbbb4848bd2291139e",
+        "rev": "86e4b9ca02db37612d1e8a381c14045de39c7ca9",
         "type": "github"
       },
       "original": {

systems/jeeves/default.nix

@@ -1,6 +1,7 @@
 {
   imports = [
     ../../users/richie
+    ../../users/math
     ../../common/global
     ../../common/optional/docker.nix
     ../../common/optional/ssh_decrypt.nix

systems/jeeves/services/nix_serve.nix

@@ -1,8 +1,10 @@
+{ pkgs, ... }:
 let
   vars = import ../vars.nix;
 in
 {
   services.nix-serve = {
+    package = pkgs.nix-serve-ng;
     enable = true;
     secretKeyFile = "${vars.secrets}/services/nix-cache/cache-priv-key.pem";
     openFirewall = true;

systems/jeeves/syncthing.nix

@@ -23,7 +23,10 @@ in
           path = vars.notes;
           devices = [
             "rhapsody-in-green"
-            "davids-server"
+            {
+              name = "davids-server";
+              encryptionPasswordFile = "${vars.secrets}/services/syncthing/davids-server";
+            }
           ];
           fsWatcherEnabled = true;
         };
@@ -67,14 +70,20 @@ in
           path = "/home/richie/vault";
           devices = [
             "rhapsody-in-green"
-            "davids-server"
+            {
+              name = "davids-server";
+              encryptionPasswordFile = "${vars.secrets}/services/syncthing/davids-server";
+            }
           ];
           fsWatcherEnabled = true;
         };
         "backup" = {
           path = "${vars.syncthing}/backup";
           devices = [
-            "davids-server"
+            {
+              name = "davids-server";
+              encryptionPasswordFile = "${vars.secrets}/services/syncthing/davids-server";
+            }
           ];
           fsWatcherEnabled = true;
         };

users/math/default.nix

@@ -0,0 +1,52 @@
+{
+  pkgs,
+  config,
+  ...
+}:
+let
+  ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
+in
+{
+
+  sops.secrets.math_password = {
+    sopsFile = ../secrets.yaml;
+    neededForUsers = true;
+  };
+
+  users = {
+    users.math = {
+      isNormalUser = true;
+
+      hashedPasswordFile = "${config.sops.secrets.math_password.path}";
+
+      shell = pkgs.zsh;
+      group = "math";
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEa0Jjp5qEvrYXQbN2EV+1+9ZwtXQfIpjklsceZRZJdl matthew.michal11@gmail.com" # cspell:disable-line
+      ];
+      extraGroups = [
+        "audio"
+        "video"
+        "wheel"
+        "users"
+      ]
+      ++ ifTheyExist [
+        "dialout"
+        "docker"
+        "hass"
+        "libvirtd"
+        "networkmanager"
+        "plugdev"
+        "scanner"
+        "transmission"
+        "uaccess"
+        "wireshark"
+      ];
+      uid = 1003;
+    };
+
+    groups.math.gid = 1003;
+  };
+
+  home-manager.users.math = import ./systems/${config.networking.hostName}.nix;
+}

users/math/home/cli/default.nix

@@ -0,0 +1,9 @@
+{
+  imports = [
+    ./direnv.nix
+    ./git.nix
+    ./zsh.nix
+  ];
+
+  programs.starship.enable = true;
+}

users/math/home/cli/direnv.nix

@@ -0,0 +1,8 @@
+{
+
+  programs.direnv = {
+    enable = true;
+    enableZshIntegration = true;
+    nix-direnv.enable = true;
+  };
+}

users/math/home/cli/git.nix

@@ -0,0 +1,12 @@
+{
+  programs.git = {
+    enable = true;
+    userEmail = "Richie@tmmworkshop.com";
+    userName = "Richie Cahill";
+    extraConfig = {
+      pull.rebase = true;
+      color.ui = true;
+    };
+    lfs.enable = true;
+  };
+}

users/math/home/cli/zsh.nix

@@ -0,0 +1,28 @@
+{
+  programs.zsh = {
+    enable = true;
+    syntaxHighlighting.enable = true;
+    history.size = 10000;
+    oh-my-zsh = {
+      enable = true;
+      plugins = [
+        "git"
+        "docker"
+        "docker-compose"
+        "colored-man-pages"
+        "rust"
+        "systemd"
+        "tmux"
+        "ufw"
+        "z"
+      ];
+    };
+    shellAliases = {
+      "lrt" = "eza --icons -lsnew";
+      "ls" = "eza";
+      "ll" = "eza --long --group";
+      "la" = "eza --all";
+
+    };
+  };
+}

users/math/home/global.nix

@@ -0,0 +1,22 @@
+{ config, ... }:
+{
+  imports = [
+    ./cli
+    ./programs.nix
+    ./ssh_config.nix
+  ];
+
+  programs = {
+    home-manager.enable = true;
+    git.enable = true;
+  };
+
+  home = {
+    username = "math";
+    homeDirectory = "/home/${config.home.username}";
+    stateVersion = "24.05";
+    sessionVariables = {
+      FLAKE = "$HOME/dotfiles";
+    };
+  };
+}

users/math/home/programs.nix

@@ -0,0 +1,59 @@
+{ pkgs, ... }:
+{
+  home.packages = with pkgs; [
+    # cli
+    bat
+    btop
+    eza
+    fd
+    ffmpegthumbnailer
+    fzf
+    git
+    gnupg
+    imagemagick
+    jq
+    ncdu
+    neofetch
+    ouch
+    p7zip
+    poppler
+    rar
+    ripgrep
+    starship
+    tmux
+    unzip
+    yazi
+    zoxide
+    # system info
+    hwloc
+    lynis
+    pciutils
+    smartmontools
+    usbutils
+    # networking
+    iperf3
+    nmap
+    wget
+    # python
+    poetry
+    python313
+    ruff
+    uv
+    # nodejs
+    nodejs
+    # Rust packages
+    trunk
+    wasm-pack
+    cargo-watch
+    cargo-generate
+    cargo-audit
+    cargo-update
+    # nix
+    nix-init
+    nix-output-monitor
+    nix-prefetch
+    nix-tree
+    nixfmt-rfc-style
+    treefmt
+  ];
+}

users/math/home/ssh_config.nix

@@ -0,0 +1,5 @@
+{
+  programs.ssh = {
+    enable = true;
+  };
+}

users/math/systems/jeeves.nix

@@ -0,0 +1,5 @@
+{
+  imports = [
+    ../home/global.nix
+  ];
+}

users/richie/default.nix

@@ -24,25 +24,24 @@ in
       openssh.authorizedKeys.keys = [
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYZFsc9CSH03ZUP7y81AHwSyjLwFmcshVFCyxDcYhBT rhapsody-in-green" # cspell:disable-line
       ];
-      extraGroups =
-        [
-          "audio"
-          "video"
-          "wheel"
-          "users"
-        ]
-        ++ ifTheyExist [
-          "dialout"
-          "docker"
-          "hass"
-          "libvirtd"
-          "networkmanager"
-          "plugdev"
-          "scanner"
-          "transmission"
-          "uaccess"
-          "wireshark"
-        ];
+      extraGroups = [
+        "audio"
+        "video"
+        "wheel"
+        "users"
+      ]
+      ++ ifTheyExist [
+        "dialout"
+        "docker"
+        "hass"
+        "libvirtd"
+        "networkmanager"
+        "plugdev"
+        "scanner"
+        "transmission"
+        "uaccess"
+        "wireshark"
+      ];
       uid = 1000;
     };
 

users/richie/home/gui/default.nix

@@ -13,7 +13,6 @@
     gimp
     gparted
     jetbrains.datagrip
-    ladybird
     mediainfo
     nemo
     nemo-fileroller
@@ -27,5 +26,9 @@
     util-linux
     vlc
     zoom-us
+    # games
+    dwarf-fortress
+    tower-pixel-dungeon
+    endless-sky
   ];
 }

users/richie/home/gui/vscode/settings.json

@@ -53,6 +53,7 @@
   "[nix]": { "editor.defaultFormatter": "jnoortheen.nix-ide" },
   "[python]": { "editor.defaultFormatter": "charliermarsh.ruff" },
   "[yaml]": { "editor.defaultFormatter": "redhat.vscode-yaml" },
+  "[javascriptreact]": { "editor.defaultFormatter": "esbenp.prettier-vscode" },
 
   // spell check
   "cSpell.enabled": true,

users/richie/home/programs.nix

@@ -39,6 +39,8 @@
     python313
     ruff
     uv
+    # nodejs
+    nodejs
     # Rust packages
     trunk
     wasm-pack

users/secrets.yaml

@@ -2,6 +2,7 @@ richie_password: ENC[AES256_GCM,data:DMi3M8aqrQ60APIofr8wJMh+VZ14hLRxz6jWZgzswr0
 gaming_password: ENC[AES256_GCM,data:i692UsQaCOjE4V1y9d8yYDlK+TRMIprCHJkhl1UBZRMqe9a2LTUtmbbn/xlCYQd2tADJvn+dkx1jLfV4CqaqWOj5YSUFfpgsEw==,iv:3Y7hXQcmpzNN7hF+BDvO52uFB4o5D0dHvxemJ0ZoSIM=,tag:zzLGNDVAMCs2GPMqXp2BtQ==,type:str]
 megan_password: ENC[AES256_GCM,data:Udrs9OWFI2TDM1yxRwfy7uiONh1G3Mr9HabwpmRykp1Xw9KK+q245nxN7QQbR0AiTCyyyivhn6GB2+DvBBY/6UrN5iGs+LaXgg==,iv:n02HzE8jvWM5xDfaPB9BHxtfoAZQ/Tk80XuySY2NyoU=,tag:L9wPVy7zt6mp09qWhzdLpg==,type:str]
 gcw_password: ENC[AES256_GCM,data:T5CliWyyw4igunGRokOW7dNTOQ7DbOhM4gLa8YN4gbVLEVU7n3jxAVF9Uy9zM7LBBqdLvyXnqGzC1HBSBmE+pKBV7YIN3aQkng==,iv:SLq4aeLHdwfq0+A4N6UO4Dz7oBoC0ZDKBr74hheHQFw=,tag:4a71PZcyzoWjOmYEPx07ag==,type:str]
+math_password: ENC[AES256_GCM,data:ykiSr3iBHrShJarEQSJ/zuXbCPcbW2oUpaAjblu1V15ufFKVSMZM94LlpMiCYtN9cYBLs98hcMeajJbvgbwT5emPHthy9+TJDw==,iv:1TJEUo0ishqFAZiUE1473yR3RT6Gbtqt4zM+C1a1KEk=,tag:pR6jyIj+bu3XaSx5yIHSmA==,type:str]
 sops:
     age:
         - recipient: age1u8zj599elqqvcmhxn8zuwrufsz8w8w366d3ayrljjejljt2q45kq8mxw9c
@@ -49,7 +50,7 @@ sops:
             UzQzWEFtSDJwR201cmZoeXh5T0RmSk0KWLOpw5cWbtnfVP/ISa7n1vZchoD+nxmn
             7yr7igpEIro0Sd238KinOQYswVaT0NHB9p1dSW/mN+aGQliSNLzkDQ==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-06-05T00:52:15Z"
-    mac: ENC[AES256_GCM,data:FVj9SmI6uq5ujIX3NwFSLcappRIX0K1U/GXks4Wj0gJH//Tqo5Ur07+WdE5JNmHdS1gXW34RhzFmEbQ9KR2OoP8cfTG+a7qCftzEQbV5aBBEMxstsl48TLtRTwRuSrEnVOHh/0EfFOkXTUO/rVS4jDmd57eAB6OBJQePQk+P+0Q=,iv:P1aeFC+6xG4Koph0Dynwek/861OsH1asui3qtpu1JUI=,tag:1RYayU758c+yAULOgQuWgw==,type:str]
+    lastmodified: "2025-08-07T01:48:02Z"
+    mac: ENC[AES256_GCM,data:AyOAAIk07NArsiU9JaZPdLPXfWg43ajRe0iIvZQnu2AnznZ8DSgpPfznH4wT8HbxLMNDCJ7t3JGXVu7foxBwDF5GOuNq7o0X5NM4752CxyjdGP8zPDcw9TSiQ4MAn9FEjpRxFv34MDhmNdlBKelhIL2NLrGgdNhhKwayzWOReVM=,iv:5BrpLcpk8Mh3hmVeXksfHzkpNFGUTzPQIcb8A7GGAJY=,tag:3J/JJfYntUhkwIdwVpzUug==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2