10 changed files with 92 additions and 293 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -1,61 +0,0 @@
 # CLAUDE.md
 This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
 ## What This Is
 Personal NixOS system configuration for host `cesium` — a QEMU/KVM-virtualized x86_64 desktop workstation. Uses NixOS with Home Manager (channel-based, no Flakes). NixOS version is locked to 25.11.
 ## Commands
 ```bash
 # Rebuild and apply configuration (aliased as 'rebuild')
 sudo nixos-rebuild switch
 # Rebuild with package upgrades (aliased as 'update')
 sudo nixos-rebuild switch --upgrade
 # Test configuration without persisting (loads into current session only)
 sudo nixos-rebuild test
 # Build without applying (useful to check for errors)
 sudo nixos-rebuild build
 # Optimize store and garbage collect (aliased as 'ngc')
 sudo nix-store --optimise && sudo nix-collect-garbage -d
 # After first install: setup SMB credentials
 sudo /etc/nixos/setup-smb-credentials.sh
 ```
 ## Architecture
 Entry point is `config/configuration.nix`, which imports all other modules:
 ```
 config/configuration.nix          # Top-level: imports all modules, enables Home Manager
 ├── hardware-configuration.nix    # Auto-generated (gitignored), QEMU guest hardware
 ├── common.nix                    # System-wide: bootloader, locale, GNOME, PipeWire, packages
 ├── mounts.nix                    # CIFS/SMB mounts to TrueNAS (automount with systemd)
 ├── services.nix                  # Docker (custom data root /home/docker), ddev
 ├── users/sebastian.nix           # User account, groups, SSH askpass
 │   └── imports home.nix          # Home Manager config for this user
 ├── home.nix                      # User environment: apps, shell, git, scripts, Flatpak
 ├── scripts.nix                   # Custom shell scripts (composer, lazydocker, gclb)
 ├── vm-guest.nix                  # Optional: SPICE agent for VM clipboard/file sharing
 └── vm-host.nix                   # Optional: KVM/QEMU host with libvirtd, virt-manager
 ```
 Key design patterns:
 - `common.nix` handles all system-level config (boot, locale, desktop, audio, auto-updates, garbage collection)
 - `home.nix` handles all user-level config via Home Manager (applications, shell aliases, git, vim, GTK theme, GNOME extensions, Flatpak activation scripts)
 - `scripts.nix` defines Docker-wrapped CLI tools (composer, lazydocker) and git helpers using `writeShellScriptBin`
 - `mounts.nix` uses systemd automount with 60s idle timeout for TrueNAS SMB shares
 - `vm-guest.nix` and `vm-host.nix` are optional modules (not imported by default in configuration.nix)
 ## Conventions
 - **Commit messages** use `[TASK]` prefix (e.g., `[TASK] Add filemounts`)
 - **Formatting**: 2-space indentation for `.nix` files, 4-space for everything else (see `.editorconfig`)
 - **Unfree packages** are allowed (`nixpkgs.config.allowUnfree = true`)
 - `hardware-configuration.nix` is gitignored — it's auto-generated per machine
--- a/README.md
+++ b/README.md
@ -7,7 +7,8 @@ sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils vir
 ```
 - Video: QXL
- If the HDD for the VM is too small: `qemu-img resize nixos.qcow2 +20G`
+- In `configuration.nix`: `services.spice-vdagentd.enable = true;`
 - Falls die HDD zu klein ist: `qemu-img resize nixos.qcow2 +20G`
 ## Manuelle Installation (UEFI)
@ -19,19 +20,13 @@ sudo -i
 # Use german keyboard layout
 loadkeys de
-# Short for all the stuff below !!! TAKE CARE OF THE USERDATA !!!
+# List block devices
-curl -L https://www.fischer.im/nixos/minimal-install --output install.sh
+lsbkl
 chmod 744 ./install.sh
 ./install.sh
 reboot
 ```
 If you don't use the installation script, you need to follow the steps 2-8
 ### 2. Partitionierung
-The following schema creates four partitions on `/dev/sda`:
+Das folgende Schema erstellt fuenf Partitionen auf `/dev/sda`:
 | Partition   | Typ            | Groesse           | Mountpoint |
 |-------------|----------------|-------------------|------------|
@ -40,26 +35,26 @@ The following schema creates four partitions on `/dev/sda`:
 | `/dev/sda3` | ext4 (Root)    | Rest minus Home   | `/`        |
 | `/dev/sda4` | ext4 (Home)    | 50% des Rests     | `/home`    |
-**HINT:** The sizes must be adapted to your hard drive. In the example it's assumed that a 100GB drive is in use.
+**Hinweis:** Die Groessen muessen an die eigene Festplatte angepasst werden. Im Beispiel wird eine 100 GB Festplatte verwendet.
 ```bash
-# GPT-partition table
+# GPT-Partitionstabelle erstellen
 parted /dev/sda -- mklabel gpt
-# EFI-partition (512 MB)
+# EFI-Partition (512 MB)
 parted /dev/sda -- mkpart esp fat32 1MB 512MB
 parted /dev/sda -- set 1 esp on
-# Swap-partition (8 GB)
+# Swap-Partition (8 GB)
 parted /dev/sda -- mkpart swap linux-swap 512MB 8626MB
-# Root-partition (ca. 45 GB)
+# Root-Partition (ca. 45 GB)
 parted /dev/sda -- mkpart root ext4 8636MB 40000MB
-# Home-partition (Rest)
+# Home-Partition (Rest)
 parted /dev/sda -- mkpart home ext4 40000MB 100%
-# Check result
+# Ergebnis pruefen
 parted /dev/sda -- print
 ```
@ -99,76 +94,60 @@ mount /dev/disk/by-label/home /mnt/home
 swapon /dev/disk/by-label/swap
 ```
-### 6. Generate configuration
+### 6. Konfiguration generieren
 ```bash
 nixos-generate-config --root /mnt
 ```
-This creates two files:
+Dies erzeugt zwei Dateien:
- `/mnt/etc/nixos/hardware-configuration.nix` — detected hardware and mountpoints
+- `/mnt/etc/nixos/hardware-configuration.nix` — erkannte Hardware und Mountpoints
- `/mnt/etc/nixos/configuration.nix` — Base configuration
+- `/mnt/etc/nixos/configuration.nix` — Grundkonfiguration
-### 7. Check the detected bootloader
+### 7. Bootloader konfigurieren
-Check in `/mnt/etc/nixos/configuration.nix`, that the bootloader is configured like this:
+In `/mnt/etc/nixos/configuration.nix` sicherstellen, dass der Bootloader korrekt eingerichtet ist:
 ```nix
-{
+boot.loader = {
    boot.loader = {
  systemd-boot.enable = true;
  efi.canTouchEfiVariables = true;
-    };
+};
 }
 ```
-### 8. Install system
+### 8. Home Manager Channel hinzufuegen
 ```bash
 nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
 nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
 nix-channel --update
 ```
 ### 9. System installieren
 ```bash
 nixos-install
 ```
-# After the installation the script sets your root password. (Test1)
+Nach der Installation wird ein Root-Passwort abgefragt. Danach:
 ```bash
 reboot
 ```
-### 9. After the first reboot
+### 10. Nach dem ersten Start
 ```bash
 curl --output release.tar.gz https://gitea.fischer.im/sebastian/nixos-cesium/archive/[0.0.2].tar.gz
 tar xzf release.tar.gz
 chmod 744 nixos-cesium/script/post-install.sh
 ./nixos-cesium/script/post-install.sh
 ```
 If you don't use the post-installation script, follow the next step
 ```bash
 cp -r ~/nixos-cesium/config/* /etc/nixos/
 # Remember to activate vm-guest.nix or vm-host.nix in configuration.nix
 nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
 nix-channel --update
 # Konfiguration anwenden
-nixos-rebuild switch --option experimental-features "nix-command flakes"
+sudo nixos-rebuild switch
-reboot
+# SMB-Zugangsdaten einrichten (falls Netzlaufwerke genutzt werden)
 ```
 ### 10. Post Installation
 Generate SMB-credentials (if network mounts are used)
 ```bash
 sudo /etc/nixos/setup-smb-credentials.sh
 ```
 ## Wartung
 Optimise Nix Store and remove old generations
 ```bash
 # Nix Store optimieren und alte Generationen entfernen
 sudo nix-store --optimise && sudo nix-collect-garbage -d
 ```
--- a/config/common.nix
+++ b/config/common.nix
@ -54,6 +54,9 @@
  programs.zsh.enable = true;
  programs.git.enable = true;
  # Flatpak Support
  services.flatpak.enable = true;
  # Sound
  services.pulseaudio.enable = false;
  services.pipewire = {
--- a/config/config/crest_iv_black-cut.jpg
+++ b/config/config/crest_iv_black-cut.jpg
--- a/config/configuration.nix
+++ b/config/configuration.nix
@ -1,8 +1,7 @@
 { config, pkgs, ... }:
 {
-  imports = [
+  imports = [ # Include the results of the hardware scan.
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    ./common.nix
    ./mounts.nix
@ -12,14 +11,13 @@
    <home-manager/nixos>
  ];
-  # Home Manager configuration
+  # Home Manager Konfiguration
  home-manager.useGlobalPkgs = true;
  home-manager.useUserPackages = true;
  home-manager.backupFileExtension = "backup";
-  # NixOS Version (don't change after first installation)
+  # NixOS Version (nicht ändern nach Erstinstallation)
  system.stateVersion = "25.11";
  nixpkgs.config.allowUnfree = true;
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
 }
--- a/config/flakes.nix
+++ b/config/flakes.nix
@ -1,5 +0,0 @@
 { system ? "x86_64-linux" }:
 {
  hytale-launcher = (builtins.getFlake "github:TNAZEP/HytaleLauncherFlake").packages.${system}.default;
 }
--- a/config/home.nix
+++ b/config/home.nix
@ -3,7 +3,6 @@
 let
  localScripts = import ./scripts.nix { inherit pkgs; };
  flakePackages = import ./flakes.nix {};
 in
 {
  home.stateVersion = "25.11";
@ -22,7 +21,6 @@ in
    hunspellDicts.de_DE
    darktable
    kdePackages.kdenlive
    # davinci-resolve-studio
    # Browser
@ -37,8 +35,6 @@ in
    # Gaming
    lutris
    steam
    prismlauncher
    flakePackages.hytale-launcher
    # Entwicklung
    jetbrains-toolbox
@ -70,6 +66,40 @@ in
    fi
  '';
  # Flatpak Apps installieren
  # HINWEIS: Diese werden beim ersten home-manager switch installiert
  # Dandanch werden sie von Flatpak selbst verwaltet
  home.activation.installFlatpakApps = config.lib.dag.entryAfter ["writeBoundary"] ''
    # Flathub Remote hinzufügen (falls noch nicht vorhanden)
    $DRY_RUN_CMD ${pkgs.flatpak}/bin/flatpak remote-add --if-not-exists --user \
      flathub https://dl.flathub.org/repo/flathub.flatpakrepo || true
    # Extension Manager
    if ! ${pkgs.flatpak}/bin/flatpak list --user | grep -q "com.mattjakeman.ExtensionManager"; then
      $DRY_RUN_CMD ${pkgs.flatpak}/bin/flatpak install --user -y flathub \
        com.mattjakeman.ExtensionManager || true
    fi
    # Kdenlive (Video-Bearbeitung)
    if ! ${pkgs.flatpak}/bin/flatpak list --user | grep -q "org.kde.kdenlive"; then
      $DRY_RUN_CMD ${pkgs.flatpak}/bin/flatpak install --user -y flathub \
        org.kde.kdenlive || true
    fi
    # PrismLauncher (Minecraft)
    if ! ${pkgs.flatpak}/bin/flatpak list --user | grep -q "org.prismlauncher.PrismLauncher"; then
      $DRY_RUN_CMD ${pkgs.flatpak}/bin/flatpak install --user -y flathub \
        org.prismlauncher.PrismLauncher || true
      mkdir -p /home/Programme/Minecraft/
      chmod 2775 /home/Programme/Minecraft/
      chgrp users /home/Programme/Minecraft/
      # Minecraft-Verzeichnis Zugriff gewähren
      $DRY_RUN_CMD ${pkgs.flatpak}/bin/flatpak override --user \
        org.prismlauncher.PrismLauncher --filesystem=/home/Programme/Minecraft/ || true
    fi
  '';
  # mkcert installieren (für lokale SSL-Zertifikate)
  home.activation.setupMkcert = config.lib.dag.entryAfter ["writeBoundary"] ''
    if [ ! -f "$HOME/.local/share/mkcert/rootCA.pem" ]; then
@ -92,10 +122,6 @@ in
 };
  dconf.settings = {
    "org/gnome/desktop/interface" = {
      color-scheme = "prefer-dark";
      accent-color = "green";
    };
    "org/gnome/desktop/wm/preferences" = {
      button-layout = "appmenu:minimize,maximize,close";
      focus-mode = "sloppy";
@ -109,19 +135,6 @@ in
        dash-to-dock.extensionUuid
      ];
    };
    "org/gnome/desktop/background" = {
      picture-uri = "file:///etc/nixos/config/crest_iv_black-cut.jpg";
      picture-uri-dark = "file:///etc/nixos/config/crest_iv_black-cut.jpg";
      picture-options = "centered";
      primary-color = "#000000";
    };
    "org/gnome/shell/extensions/dash-to-dock" = {
      show-mounts = false;
      show-trash = false;
    };
    "org/gnome/shell/keybindings" = {
      show-screenshot-ui = ["<Shift><Alt>5"];
    };
  };
  programs.git = {
@ -222,6 +235,7 @@ in
    ];
  };
  # Vim Konfiguration
  programs.vim = {
    enable = true;
    defaultEditor = true;
@ -242,6 +256,7 @@ in
    '';
  };
  # Zsh mit Oh-My-Zsh und Powerlevel10k
  programs.zsh = {
    enable = true;
    enableCompletion = true;
@ -269,9 +284,6 @@ in
    };
    initContent = ''
      # Bell deaktivieren
      unsetopt BEEP
      # Powerlevel10k Konfiguration laden (falls vorhanden)
      [[ -f ~/.p10k.zsh ]] && source ~/.p10k.zsh
    '';
--- a/config/vm-guest.nix
+++ b/config/vm-guest.nix
@ -1,24 +1,10 @@
-{ pkgs, lib, ... }:
+{ pkgs, ... }:
 let
  spice-vdagent-desktop = pkgs.makeDesktopItem {
    name = "spice-vdagent-custom";
    desktopName = "Spice vdagent Custom";
    comment = "Startet das Clipboard für QEMU/Spice";
    exec = "${pkgs.spice-vdagent}/bin/spice-vdagent";
    terminal = false;
    type = "Application";
    categories = [ "Network" ];
    extraConfig.StartupNotify = "false";
    extraConfig."X-GNOME-Autostart-enabled" = "true";
  };
 in
 {
  environment.systemPackages = with pkgs; [
    spice-vdagent
    phodav
    wl-clipboard
    spice-vdagent-desktop
  ];
  # List services that you want to enable:
@ -27,18 +13,20 @@ in
  services.gvfs.enable = true;
  services.qemuGuest.enable = true;
  networking.hostName = lib.mkForce "cesium-vm";
  # Open ports in the firewall.
  networking.firewall.allowedTCPPorts = [ 9843 22 ];
  # Enable the OpenSSH daemon.
  services.openssh.enable = true;
-  users.users.sebastian.openssh.authorizedKeys.keys = [
+  environment.etc."xdg/autostart/spice-vdagent-custom.desktop".text = ''
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL/i/b9o5LKRr+h7vwq1dLCQ+vz9DTf4EvaLeCRUxtIZ sebastian@cesium"
+    [Desktop Entry]
-  ];
+    Name=Spice vdagent Custom
-
+    Comment=Startet das Clipboard für QEMU/Spice
-  # Symlink für Autostart
+    Exec=${pkgs.spice-vdagent}/bin/spice-vdagent
-  environment.etc."xdg/autostart/spice-vdagent-custom.desktop".source =
+    Terminal=false
-    "${spice-vdagent-desktop}/share/applications/spice-vdagent-custom.desktop";
+    Type=Application
    Categories=Network;
    StartupNotify=false
    X-GNOME-Autostart-enabled=true
  '';
 }
--- a/scripts/minimal-install.sh
+++ b/scripts/minimal-install.sh
@ -1,82 +0,0 @@
 #!/usr/bin/env sh
 sudo -i
 loadkeys de
 lsblk
 # Disk selection
 DEFAULT_DISK="/dev/sda"
 read -p "Disk to install to [${DEFAULT_DISK}]: " DISK
 DISK="${DISK:-$DEFAULT_DISK}"
 if [ ! -b "${DISK}" ]; then
    echo "Error: ${DISK} is not a valid block device."
    exit 1
 fi
 echo "Using disk: ${DISK}"
 # Partitioning
 read -p "Create partitions table? DELETES ALL DATA! (j/N): " ANSWER
 if [ "${ANSWER}" = "j" ] || [ "${ANSWER}" = "J" ]; then
    # GPT-partition table
    parted "${DISK}" -- mklabel gpt
    # EFI-partition (512 MB)
    parted "${DISK}" -- mkpart esp fat32 1MB 512MB
    parted "${DISK}" -- set 1 esp on
    # Swap-partition (8 GB)
    parted "${DISK}" -- mkpart swap linux-swap 512MB 8626MB
    # Root-partition (ca. 45 GB)
    parted "${DISK}" -- mkpart root ext4 8636MB 40000MB
    # Home-partition (Rest)
    parted "${DISK}" -- mkpart home ext4 40000MB 100%
 fi
 # Check results
 parted "${DISK}" -- print
 mkfs.fat -F 32 -n boot ${DISK}1
 mkswap -L swap ${DISK}2
 mkfs.ext4 -L nixos ${DISK}3
 read -p "Format Home-partition? Deletes all userdata! (j/N): " ANSWER
 if [ "${ANSWER}" = "j" ] || [ "${ANSWER}" = "J" ]; then
    # Format home-partition
    mkfs.ext4 -L home ${DISK}4
 fi
 # Mount partitions
 mount /dev/disk/by-label/nixos /mnt
 mkdir /mnt/boot
 mount -o umask=077 /dev/disk/by-label/boot /mnt/boot
 # Activate swap
 swapon /dev/disk/by-label/swap
 mkdir -p /mnt/home
 mount /dev/disk/by-label/home /mnt/home
 echo "If you want to configure additional partitions, this is the right moment."
 echo "Switch to console with [Ctrl + Z] and return with [fg] continue after that."
 read -p "Continue?"
 nixos-generate-config --root /mnt
 nixos-install
 # If root password wasn't set because the installation needed to be restarted.
 read -p "Set Root-password with nixos-enter? (j/N): " ANSWER
 if [ "${ANSWER}" = "j" ] || [ "${ANSWER}" = "J" ]; then
    nixos-enter --root '/mnt'
    passwd
 fi
--- a/scripts/post-install.sh
+++ b/scripts/post-install.sh
@ -1,33 +0,0 @@
 #!/usr/bin/env sh
 sudo -i
 cp -r ~/nixos-cesium/config/* /etc/nixos/
 # VM module activation
 echo ""
 echo "Select what configuration to include?"
 echo " 1) vm-guest.nix  (VM runs inside a hypervisor)"
 echo " 2) vm-host.nix   (System runs VMs via libvirtd)"
 echo " n) None"
 read -p "Selection [n]: " VM_CHOICE
 VM_CHOICE="${VM_CHOICE:-n}"
 case "${VM_CHOICE}" in
    1)
        sed -i 's|# ./vm-guest.nix|./vm-guest.nix|' /etc/nixos/configuration.nix
        echo "vm-guest.nix activated."
        ;;
    2)
        sed -i 's|# ./vm-guest.nix|./vm-host.nix|' /etc/nixos/configuration.nix
        echo "vm-host.nix activated."
        ;;
    *)
        echo "No VM module activated."
        ;;
 esac
 nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz home-manager
 nix-channel --update
 nixos-rebuild switch --option experimental-features "nix-command flakes"