clean <host>/default.nix (part 3)

hosts/myputer/default.nix

@@ -7,7 +7,7 @@
 }: let
   home-manager = builtins.fetchTarball {
     url = "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz";
-    sha256 = "1kk5qzfb87mkgy6vzm7x8z8akxr3k8k7839yjdy48z034pvidhsr";
+    sha256 = "026rvynmzmpigax9f8gy9z67lsl6dhzv2p6s8wz4w06v3gjvspm1";
   };
 in {
   imports = [
@@ -21,6 +21,11 @@ in {
     ../modules/chameleonultragui.nix
   ];
 
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+
   nixpkgs.config.allowUnfreePredicate = let
     whitelist = map lib.getName [
       pkgs.obsidian
@@ -48,7 +53,8 @@ in {
       enable = true;
       theme = "whitesur"; # stylish, vimix, or whitesur
       footer = true;
-      customResolution = "1920x1080";
+      # TODO: switch my cables to switch default grub display
+      customResolution = "3840x2160";
     };
   };
 
@@ -121,21 +127,19 @@ in {
   };
   security.rtkit.enable = true; # I *think* this is for pipewire
 
-  # allow wheel group to use passwordless sudo
+  # ------- USERS -------
   security.sudo.wheelNeedsPassword = false;
   users = {
-    # using fish as the login shell tends
-    # to go very poorly because it isn't
-    # POSIX compliant, so we'll just use
-    # simple Bash then :)
+    # Using fish as the login shell tends to go very poorly because it isn't
+    # POSIX compliant, so we default the login shell to Bash instead :)
     defaultUserShell = pkgs.bash;
 
     users = {
       # just me fr (personal account)
       me = {
         isNormalUser = true;
-        extraGroups = ["wheel" "docker"];
-        shell = pkgs.bash; #pkgs.fish
+        extraGroups = ["wheel" "netdev" "docker"];
+        shell = pkgs.bash;
         packages = let
           # TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax
           #       instead to use colmena's flake.nix by specifying a rev hash in the flake input?
@@ -164,9 +168,7 @@ in {
       ae = {
         isNormalUser = true;
         extraGroups = ["wheel"];
-        shell = pkgs.bash; #pkgs.fish
-        packages = with pkgs; [
-        ];
+        shell = pkgs.bash;
       };
     };
   };
@@ -178,7 +180,7 @@ in {
     ];
   };
 
-  # set environment variables
+  # ---- ENVIRONMENT VARIABLES ----
   environment.sessionVariables = {
     # folder names with capitalisation look awful!
     XDG_DOWNLOAD_DIR = "$HOME/downloads";
@@ -198,60 +200,97 @@ in {
     bluetui
     wl-clipboard # clipboard for wayland
     hyprpicker
+    qbittorrent
+    signal-desktop
 
-    #(callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners
+    (callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners
     # dependencies for my sddm theme:
     pkgs.libsForQt5.qt5.qtgraphicaleffects
 
-    python311 # I use 3.11 since it's in a pretty stable state now
-    poetry # python dependency management and packaging
-
-    nixd # lsp for nix
-
-    neofetch # TODO: remove (installed to debug something)
-
-    # fish plugins
+    # Shell
+    bash
+    zsh
+    fish
+    shellcheck
     grc # colorise command outputs
 
+    # Make
+    gnumake
+    # C Family
+    gcc
+    clang
+    # Rust
+    cargo
+    rustc
+    # Nim
+    nim
+    # Go
+    go
+
+    # Python
+    python312 # I use 3.12 since it's in a pretty stable state now
+    python314 # also 3.14 for latest features
+    poetry
+    # Sage
+    sageWithDoc # SageMath + HTML Documentation
+
+    openvpn
+    inetutils
+
+    # security tools
+    rustscan
+    nmap
+    dig
+    gobuster
+    nth
+    zap
+
     httpie
     curlie
     zoxide
     doggo
     tldr
-    viddy
+    # btop
+    eza
+    yazi
+    lazygit
+    ripgrep
+    viddy # modern `watch` command
+    thefuck
 
     tesseract # for my work with Agribit
 
-    # TODO: remove this and host my nix flake on github instead
-    #wishlist
+    # TODO: once upgraded past Nix-24.07 this line won't be necessary (I think)
+    #       helix will support nixd by default
+    # SOURCE: https://github.com/nix-community/nixd/blob/main/nixd/docs/editor-setup.md#Helix
+    # nixd # lsp for nix # DEBUG
 
     # Pretty necessary
     git
     git-filter-repo
+    nix-prefetch-git
     brightnessctl
     acpi
     vim
-    nix-prefetch-git
-    gcc
-    gnumake
+    powertop
+    imagemagick
 
-    # Unix Commands
+    # "Standard" Unix Commands
     file
     wget
     tree
     unzip
-    # Man Pages
+    unrar-free
     man-pages
     man-pages-posix
 
     # Cryptography
+    gnupg
     openssl
     libargon2
 
     # Games
-    mindustry-wayland
-    dwarf-fortress
-    nethack
+    prismlauncher # minecraft
   ];
 
   # DEBUG: configuring xdg portal here instead?
@@ -270,7 +309,6 @@ in {
   #  ];
   #};
 
-  # Enable the use of certain programs
   programs = {
     hyprland = {
       enable = true;
@@ -281,6 +319,8 @@ in {
     zsh.enable = true;
     fish.enable = true;
 
+    nix-ld.enable = true;
+
     neovim = {
       enable = true;
       defaultEditor = true;
@@ -360,29 +400,17 @@ in {
     };
   };
 
-  # Enable the new CLI commands and the flakes as experimental features
-  nix.settings.experimental-features = [
-    "nix-command"
-    "flakes"
-  ];
-
   virtualisation.docker.enable = true;
 
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  #programs.gnupg.agent = {
-  #  enable = true;
-  #  enableSSHSupport = true;
-  #};
-
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
-
-  # Enable OpenGL
   hardware = {
     graphics.enable = true;
 
+    # opengl = {
+    #   enable = true;
+    #   driSupport = true;
+    #   driSupport32Bit = true;
+    # }
+
     bluetooth = {
       enable = true;
       powerOnBoot = true;