@@ -0,0 +1,97 @@
+{ config, pkgs, inputs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+      ./modules/packages.nix
+      ./modules/wireguard.nix
+    ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  networking.hostName = "minnie";
+
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/Berlin";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_DE.UTF-8";
+    LC_IDENTIFICATION = "de_DE.UTF-8";
+    LC_MEASUREMENT = "de_DE.UTF-8";
+    LC_MONETARY = "de_DE.UTF-8";
+    LC_NAME = "de_DE.UTF-8";
+    LC_NUMERIC = "de_DE.UTF-8";
+    LC_PAPER = "de_DE.UTF-8";
+    LC_TELEPHONE = "de_DE.UTF-8";
+    LC_TIME = "de_DE.UTF-8";
+  };
+
+  services.xserver.xkb = {
+    layout = "de";
+  };
+
+  console.keyMap = "de";
+
+  users.users.roboag = {
+    isNormalUser = true;
+    initialPassword = "roboag";
+    extraGroups = [ "networkmanager" ];
+    packages = with pkgs; [];
+  };
+
+  users.extraUsers.roboag = {
+    shell = pkgs.fish;
+  };
+
+  programs.hyprland = {
+    enable = true;
+    xwayland.enable = true;
+  };
+
+  services.desktopManager.plasma6.enable = true;
+  #services.xserver.enable = true;
+
+  programs.fish.enable = true;
+
+  nix.settings.experimental-features = ["nix-command" "flakes"];
+  nixpkgs.config.allowUnsupportedSystem = true;
+
+   programs.gnupg.agent = {
+     enable = true;
+     enableSSHSupport = true;
+   };
+
+  services.openssh = {
+    enable = true;
+    settings.PermitRootLogin = "yes";
+  };
+
+  services.greetd = {
+    enable = true;
+    settings = {
+      default_session = {
+        user = "roboag";
+	command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd start-hyprland";
+      };
+    };
+  };
+
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    pulse.enable = true;
+  };
+
+  networking.firewall.allowedTCPPorts = [ 22 ];
+  networking.firewall.enable = true;
+
+  system.stateVersion = "25.11";
+
+}

@@ -0,0 +1,123 @@
+{
+  "nodes": {
+    "agenix": {
+      "inputs": {
+        "darwin": "darwin",
+        "home-manager": "home-manager",
+        "nixpkgs": "nixpkgs",
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1770165109,
+        "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
+    "darwin": {
+      "inputs": {
+        "nixpkgs": [
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1744478979,
+        "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
+        "owner": "lnl7",
+        "repo": "nix-darwin",
+        "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "lnl7",
+        "ref": "master",
+        "repo": "nix-darwin",
+        "type": "github"
+      }
+    },
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1745494811,
+        "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1754028485,
+        "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "59e69648d345d6e8fef86158c555730fa12af9de",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-25.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1776169885,
+        "narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "agenix": "agenix",
+        "nixpkgs": "nixpkgs_2"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

@@ -0,0 +1,16 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+    agenix.url = "github:ryantm/agenix";
+  }; 
+  outputs = { self, ... } @inputs: {
+    nixosConfigurations.minnie = inputs.nixpkgs.lib.nixosSystem {
+      specialArgs = {inherit inputs;};
+      system = "x86_64-linux";
+      modules = [
+        inputs.agenix.nixosModules.default
+        ./configuration.nix
+      ];
+    };
+  };
+}

@@ -0,0 +1,33 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/782af151-3782-471b-b087-164f23d6c52c";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/86E8-54B7";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/5f73a79d-e088-48b3-ae14-a30c7c818bfe"; }
+    ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

@@ -0,0 +1,133 @@
+# graphics.nix - NVIDIA RTX 4060 Max-Q + AMD Radeon 780M hybrid graphics configuration
+# Import this in your configuration.nix with: imports = [ ./graphics.nix ];
+
+{ config, lib, pkgs, ... }:
+
+{
+  # Enable OpenGL/graphics support
+  hardware.graphics = {
+    enable = true;
+    enable32Bit = true; # For 32-bit applications and games
+  };
+
+  # NVIDIA driver configuration
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  hardware.nvidia = {
+    # Use the latest production driver (or specify version if needed)
+    # package = config.boot.kernelPackages.nvidiaPackages.stable;
+    # For your current version (590.48.01), you can use:
+    package = config.boot.kernelPackages.nvidiaPackages.beta;
+
+    # Modesetting is required for Wayland compositors
+    modesetting.enable = true;
+
+    # Power management (important for laptops)
+    # Enable this if you want the GPU to power down when not in use
+    powerManagement.enable = true;
+    
+    # Fine-grained power management (experimental)
+    # This can help with battery life but may cause issues
+    # Disable if you experience problems
+    powerManagement.finegrained = false;
+
+    # Enable the NVIDIA settings menu accessible via `nvidia-settings`
+    nvidiaSettings = true;
+
+    # NVIDIA Prime configuration for hybrid graphics
+    prime = {
+      # Choose your sync mode - pick ONE of the following options:
+      
+      # Option 1: offload mode (RECOMMENDED for laptops)
+      # AMD GPU is used by default, NVIDIA only when explicitly requested
+      # Best for battery life
+      offload = {
+        enable = true;
+        enableOffloadCmd = true; # Enables `nvidia-offload` command
+      };
+      
+      # Option 2: sync mode (uncomment if you want both GPUs active)
+      # Both GPUs are always active, displays can use either
+      # Better performance but worse battery life
+      #sync.enable = true;
+      
+      # Option 3: reverse-sync mode (uncomment if needed)
+      # NVIDIA is primary, can render to AMD outputs
+      # reversesync.enable = true;
+
+      # Bus IDs - find yours with: lspci | grep -E 'VGA|3D'
+      # Format is "PCI:X:Y:Z" where X:Y.Z is from lspci output
+      # Example: "01:00.0" becomes "PCI:1:0:0"
+      
+      # NVIDIA GPU Bus ID (01:00.0)
+      nvidiaBusId = "PCI:1:0:0";
+    };
+
+    # Open source kernel module (experimental, not recommended for gaming)
+    # Set to false to use proprietary drivers (recommended)
+    open = false;
+  };
+
+  # Wayland-specific NVIDIA environment variables for Hyprland
+  environment.sessionVariables = {
+    # Enable Wayland support
+    NIXOS_OZONE_WL = "1";
+    
+    # NVIDIA-specific Wayland variables
+    WLR_NO_HARDWARE_CURSORS = "1";  # Fixes cursor issues on NVIDIA
+    
+    # Force GBM backend (recommended for NVIDIA on Wayland)
+    #GBM_BACKEND = "nvidia-drm";
+    #__GLX_VENDOR_LIBRARY_NAME = "nvidia";
+    
+    # NVIDIA direct rendering
+    #LIBVA_DRIVER_NAME = "nvidia";
+    
+    # Disable hardware cursor for NVIDIA
+    #WLR_RENDERER_ALLOW_SOFTWARE = "1";
+
+    WLR_DRM_DEVICES = "/dev/dri/card1";
+
+    ELECTRON_OZONE_PLATFORM_HINT = "auto";
+  };
+
+  # Kernel parameters for NVIDIA
+  boot.kernelParams = [
+    "nvidia-drm.modeset=1"  # Enable modesetting
+    "nvidia-drm.fbdev=0"    # Enable fbdev
+    #"module_blacklist=amdgpu"
+  ];
+
+  # Early loading of NVIDIA modules
+  boot.initrd.kernelModules = [
+    "nvidia"
+    "nvidia_modeset"
+    "nvidia_uvm"
+    "nvidia_drm"
+  ];
+
+  # Additional packages for graphics tools
+  environment.systemPackages = with pkgs; [
+    # NVIDIA tools
+    nvtopPackages.nvidia  # GPU monitoring
+    
+    # Vulkan tools
+    vulkan-tools
+    vulkan-loader
+    vulkan-validation-layers
+    
+    # AMD GPU tools (for your integrated GPU)
+    radeontop
+  ];
+
+  # Optional: Create nvidia-offload command for launching apps on NVIDIA GPU
+  # Usage: nvidia-offload <application>
+  # This is only needed if using offload mode
+  environment.shellAliases = {
+    nvidia-offload = "env __NV_PRIME_RENDER_OFFLOAD=1 __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 __GLX_VENDOR_LIBRARY_NAME=nvidia __VK_LAYER_NV_optimus=NVIDIA_only";
+  };
+
+  # Optional: Blacklist nouveau (open-source NVIDIA driver)
+  # Uncomment if you have issues with nouveau conflicting
+  # boot.blacklistedKernelModules = [ "nouveau" ];
+}

@@ -0,0 +1,40 @@
+{pkgs, ...}: {
+
+  environment.systemPackages = with pkgs; [
+    kitty
+    yazi
+    firefox
+    wl-clipboard
+    fastfetch
+    hyprlock
+
+    rofi
+    awww
+    waybar
+
+    /*Code*/
+    gcc
+    gnumake
+    cmake
+    neovim
+    vim
+    git
+    mesa
+    rustup
+    binutils
+    arduino-ide
+    avrdude
+    #avrlibc
+
+    unzip
+    inxi
+    btop
+    powertop
+
+    kicad
+    ghex
+    doxygen
+    kdePackages.okular
+
+  ];
+}

@@ -0,0 +1,22 @@
+{ config, pkgs, ...}:
+{
+
+  age.secrets.wg2-key = {
+    file = ../secrets/wg2-key.age;
+  };
+
+  networking.wg-quick.interfaces = {
+    wg2 = {
+      address = ["10.2.0.3/32"];
+      privateKeyFile = config.age.secrets.wg2-key.path;
+      peers = [
+        {
+          endpoint = "202.61.203.128:51822";
+          publicKey = "AlEu31P8Gxq15RQicZsPmn6s2lXVvf/gHNhneKlmsH8=";
+          allowedIPs = [ "10.2.0.1/32" "10.2.0.2/32" "10.2.0.4/32" "10.2.0.5/32" ];
+	  persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+}

@@ -0,0 +1,8 @@
+let
+  user1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINrjtXaEAIFxyYGOB1DTQn8Z+NMQ0rG/+LIN2sWfNYCz root@nixos
+";
+  users = [ user1 ];
+in
+{
+  "secrets/wg2-key.age".publicKeys = users;
+}

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 a32y6g +xcRRIJFnPPW1PZ4H6NaTdusS3VvBKOhNQeqyj5dJno
+bDcmM8fXyJBvC70lzUZl9e7Jxot1kWM7GmEcSFjRUP0
+--- meGuHXAp4d2t5Iv2NBdjWLoeVXvHfRAsEXnTUMbcOW8
+¡Ö·¸ˆ0Qe£®¬¬Hc?òEF¶Æ‚(CÂWz'­]‚*°*Õ<PŸ¡ä®UékW^fÿŸUÑoc1SÖÜÛ¥¸ê,V8HÕoßîU)W,