Unusably slow Plasma-Manager performance on MSI Aegis R2 rig

NixOS configuration file (scroll down to line 738 for where I presume the problem is):

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

let
  home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/master.tar.gz";
  plasma-manager = builtins.fetchTarball "https://github.com/nix-community/plasma-manager/archive/trunk.tar.gz";
in

{
  config,
  stdenv,
  fetchurl,
  lib,
  pkgs,
  ...
}:
{
  nixpkgs.overlays = [

    (final: prev: {

      # Always spoof user agent to fix the problem of curl having a hard time
      # downloading certain files
      final.fetchurl = prev.fetchurl.overrideAttrs(_: {
        curlOptsList = [
          "-HUser-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36"
          "-L"
          "-sSf"
        ];

        mirrors.gnu = [
          # This one used to redirect to a (supposedly) nearby
          # and (supposedly) up-to-date mirror but no longer does
#           "https://ftpmirror.gnu.org/"

          "https://ftp.nluug.nl/pub/gnu/"
          "https://mirrors.kernel.org/gnu/"
          "https://mirror.ibcp.fr/pub/gnu/"
          "https://mirror.dogado.de/gnu/"
          "https://mirror.tochlab.net/pub/gnu/"

          # This one is the master repository, and thus it's always up-to-date
          "https://ftp.gnu.org/pub/gnu/"

          "ftp://ftp.funet.fi/pub/mirrors/ftp.gnu.org/gnu/"
        ];
      });
    })
  ];

  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix

    # Needed for ensuring desktop layout reproducibility
    (import "${home-manager}/nixos")
  ];

  # Nix package manager settings
  nix.settings = {
    # Enable flakes permanently
    experimental-features = [ "nix-command" "flakes" ];

    # Some things just don't download if you don't push things
    download-attempts = 1000000;

    # Don't abort the entire system build because some obscure download failed
    keep-going = true;

    # Fetching from master Git branches is impossible otherwise
    require-sigs = false;
  };

  # Nvidia drivers
  hardware = {
    nvidia = {
      modesetting.enable = true;
      powerManagement.enable = false;
      powerManagement.finegrained = false;
      open = true;
      nvidiaSettings = true;
      package = config.boot.kernelPackages.nvidiaPackages.beta;
    };
    graphics = {
      enable = true;
      extraPackages = with pkgs; [
        cudaPackages.cudatoolkit
        vaapiVdpau
        nvidia-vaapi-driver
      ];
      # enable32bit = true; # Deprecated
    };
  };

  # Git configuration
  programs.git.config = {
    user = {
      name = "Kenny Strawn";
      email = "kstrawn0@saddleback.edu";
    };
    http = {
      postBuffer = 1048576000;
    };
    https = {
      postBuffer = 1048576000;
    };
  };

  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.timeout = 0;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.loader.efi.efiSysMountPoint = "/boot";

  # Clean /tmp on reboot
  boot.tmp = {
    cleanOnBoot = true;
    useTmpfs = true;
    tmpfsSize = "300%";
  };

  # Plymouth
  boot.consoleLogLevel = 0;
  boot.initrd = {
    verbose = false;
    availableKernelModules = [
      "nvidia"
      "nvme"
      "xhci_pci"
      "ahci"
      "usb_storage"
      "usbhid"
      "sd_mod"
      "kvm-intel"
    ];
  };
  boot.blacklistedKernelModules = [ "nouveau" ];
  boot.plymouth.enable = true;
  boot.kernelParams = [
    "quiet"
    "splash"
    "boot.shell_on_fail"
    "nvidia_drm.modeset=1"
    "nvidia_drm.fbdev=1"
    "loglevel=3"
    "rd.systemd.show_status=false"
    "rd.udev.log_level=3"
    "udev.log_priority=3"
    "sysrq_always_enabled=1"
    "usbcore.autosuspend=\"-1\""

    # Fix refresh rate
    "video=HDMI-A-1:3840x2160@60"
  ];

  boot.extraModulePackages = [ config.boot.kernelPackages.nvidiaPackages.beta ];

  # What to do in case of OOM condition
  systemd.oomd = {
    enableRootSlice = true;
    extraConfig = {
      DefaultMemoryPressureDurationSec = "2s";
    };
  };

  boot.supportedFilesystems = [
    "btrfs"
    "f2fs"
  ];

  networking.hostName = "kennystrawnmusic-pwnaegisr2";

  # NetworkManager already depends on wpa_supplicant, so no need to pull it in separately.
  networking.networkmanager.enable = true;

  # Set your time zone.
  time.timeZone = "America/Los_Angeles";

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";

  # Absolute newest kernel possible
  boot.kernelPackages = pkgs.linuxPackages_testing;

  i18n.extraLocaleSettings = {
    LC_ADDRESS = "en_US.UTF-8";
    LC_IDENTIFICATION = "en_US.UTF-8";
    LC_MEASUREMENT = "en_US.UTF-8";
    LC_MONETARY = "en_US.UTF-8";
    LC_NAME = "en_US.UTF-8";
    LC_NUMERIC = "en_US.UTF-8";
    LC_PAPER = "en_US.UTF-8";
    LC_TELEPHONE = "en_US.UTF-8";
    LC_TIME = "en_US.UTF-8";
  };

  # Enable the X11 windowing system.
  services.xserver.enable = true;

  # SDDM
  services.displayManager.sddm = {
    enable = true;
    wayland.enable = true;
    settings = {
      Autologin = {
        User = "htb-ac-1424625";
        Session = "plasma.desktop";
      };
    };
    autoLogin.relogin = true;
  };

  # KDE Plasma
  services.desktopManager.plasma6.enable = true;

  # Configure keymap in X11
  services.xserver.xkb = {
    layout = "us";
    variant = "";
  };

  # Enable CUPS to print documents.
  services.printing.enable = true;

  # SSH
  services.openssh = {
    enable = true;
    settings = {
      X11Forwarding = true;
      PasswordAuthentication = true;
    };
  };

  # Enable sound with pipewire.
#   sound.enable = true;
  hardware.pulseaudio.enable = lib.mkForce false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
    # If you want to use JACK applications, uncomment this
    jack.enable = true;
  };

  # Enable touchpad support (enabled default in most desktopManager).
  services.libinput.enable = true;

  # Use Docker to make it easy to combine multiple pentesting distros
  # This way, if something isn't available in nixpkgs but is absolutely needed,
  # no problem, just spin up a Parrot (or Kali) Docker container
  virtualisation.docker = {
    enable = true;
    # storageDriver = "btrfs";
  };

  # Annoying ads begone!
  services.adguardhome = {
    enable = true;
    allowDHCP = true;
    openFirewall = true;
    # Additional settings TBD
  };

  # Automatic login
  services.displayManager.autoLogin.enable = true;
  services.displayManager.autoLogin.user = "htb-ac-1424625";

  # Suppress annoying password prompts when running stuff that requires sudo
  security.sudo.extraRules = [
    {
      users = [ "htb-ac-1424625" ];
      commands = [
        {
          command = "ALL";
      	  options = [ "NOPASSWD" "SETENV" ];
        }
      ];
    }
  ];

  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

  environment.systemPackages = with pkgs; [
    # Essentials
    git
    gcc
    qemu
    file
    wget
    google-chrome

    # Force this package to not use the defunct ftpmirror.gnu.org download link
    (libunistring.overrideAttrs(_: rec {
      src = pkgs.fetchurl {
        url = "https://ftp.gnu.org/gnu/libunistring/libunistring-1.2.tar.gz";
        sha256 = "sha256-/W1WYvpwZIfEg0mnWLV7wUnOlOxsMGJOyf3Ec86rvI4=";
      };
    }))

    # KDE profile doesn't pull in Discover either
 #   discover # Build failure

    # https://github.com/kennystrawnmusic/cryptos
    rustup
    rust-analyzer
    (vscode-with-extensions.override {
      vscodeExtensions = with vscode-extensions; [
        rust-lang.rust-analyzer
        gruntfuggly.todo-tree
        github.copilot
        github.codespaces
        tamasfe.even-better-toml
        serayuzgur.crates
        bbenoist.nix
      ]
      ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
        {
          name = "remote-containers";
          publisher = "ms-vscode-remote";
          version = "0.327.0";
          sha256 = "sha256-nx4g73fYTm5L/1s/IHMkiYBlt3v1PobAv6/0VUrlWis=";
        }
        {
          name = "copilot-chat";
          publisher = "GitHub";
          version = "0.12.2024013003";
          sha256 = "sha256-4ArWVFko2T6ze/i+HTdXAioWC7euWCycDsQxFTrEtUw=";
        }
      ];
    })

    # System Administration
    pv
    kwallet-pam
    kate
    konsole
    gwenview
    okular
    ark
    khelpcenter

    # Copy/paste from terminal
    wl-clipboard

    # For getting NixOS and Arch to play nicely together and vice versa
    arch-install-scripts

    # Development
    eclipses.eclipse-cpp
    gnumake

    # Important personal stuff
    openssl
    nss.tools
    pciutils
    nvme-cli
    hw-probe
    usbutils
    spotify
    libreoffice-fresh

    # Surprisingly not pulled in by default
    kdePackages.plasma-browser-integration

    # Reproducibility
    nixos-install-tools

    # Pentesting, Part 1: General
    bat
    ranger
    discord-canary
    wordlists
    seclists

    # Pentesting, Part 2: Exploitation
    commix
    crackle
    exploitdb
    metasploit
    msfpc
#    routersploit Build failure
    social-engineer-toolkit
    yersinia

    # Pentesting, Part 3: Forensics
    bulk_extractor
    capstone
    dc3dd
    ddrescue
    ext4magic
    extundelete
    ghidra-bin
    git
    p0f
    pdf-parser
    regripper
    sleuthkit

    # Pentesting, Part 4: Hardware
    apktool

    # Pentesting, Part 5: Reconnaisance
    cloudbrute
    dnsenum
    adreaper
    openldap
    ldeep
    linux-exploit-suggester
    dnsrecon
    enum4linux
    hping
    masscan
    netcat
    nmap
    ntopng
    sn0int
    sslsplit
    theharvester
    wireshark
    smbmap

    # Pentesting, Part 6: Python
    (python3.withPackages(pypkgs: [
      pypkgs.binwalk-full
#       pypkgs.distorm3 # NixOS/nixpkgs#328346
      pypkgs.requests
      pypkgs.beautifulsoup4
      pypkgs.pygobject3
      pypkgs.scapy
      pypkgs.impacket
      pypkgs.xsser
    ]))

    # Pentesting, Part 7: Pivoting
    httptunnel
    pwnat
    ligolo-ng

    # Pentesting, Part 8: Brute Force
    brutespray
    cewl
    chntpw
#     crowbar # Build failure
    crunch
    hashcat
    hashcat-utils
    hash-identifier
    hcxtools
    john
    phrasendrescher
    thc-hydra
    netexec
    medusa
    kerbrute
    responder

    # Pentesting, Part 9: Disassemblers
    binutils
    elfutils
    bytecode-viewer
    patchelf
    radare2
    # cutter Build failure
    retdec
    snowman
    valgrind
    yara

    # Pentesting, Part 10: Packet Sniffers
    bettercap
    dsniff
    mitmproxy
    rshijack
    sipp
    sniffglue
    sslstrip

    # Pentesting, Part 11: Vulnerability Analyzers
    grype
    lynis
    sqlmap
    vulnix
    whatweb

    # Pentesting, Part 12: Web Attack Tools
    wafw00f
    dirb
    gobuster
    urlhunter
    python311Packages.wfuzz
    zap
    burpsuite
    ffuf
    whatweb
    wpscan
    nikto

    # Pentesting, Part 13: Wi-Fi
    aircrack-ng
    asleap
    bully
    cowpatty
    gqrx
    kalibrate-hackrf
    kalibrate-rtl
    killerbee
    kismet
    mfcuk
    mfoc
    multimon-ng
    redfang
    wifite2

    # Custom packages, Part 1: PwnXSS
    (pkgs.stdenv.mkDerivation rec {
      pname = "pwnxss";
      version = "0.5.0";

      format = "pyproject";

      src = builtins.fetchGit {
        url = "https://github.com/Pwn0Sec/PwnXSS";
        ref = "master";
      };

      propagatedBuildInputs = [
        (python311.withPackages(pypkgs: [
          pypkgs.wrapPython
          pypkgs.beautifulsoup4
          pypkgs.requests
        ]))
      ];

      buildInputs = propagatedBuildInputs;
      nativeBuildInputs = propagatedBuildInputs;

      pythonPath = with python3Packages; [ beautifulsoup4 requests ];

      pwnxssExecutable = placeholder "out" + "/bin/pwnxss";

      installPhase = ''
        # Base directories
        install -dm755 $out/share/pwnxss
        install -dm755 $out/bin

        # Copy files
        cp -a --no-preserve=ownership * "$out/share/pwnxss"

        # Use wrapper script to allow execution from anywhere
        cat > $out/bin/pwnxss << EOF
        #!${pkgs.bash}/bin/bash
        cd $out/share/pwnxss
        python pwnxss.py \$@
        EOF

        chmod a+x $out/bin/pwnxss
      '';
    })

    # Custom packages, Part 2: CUPP
    (pkgs.stdenv.mkDerivation rec {
      pname = "cupp";
      version = "3.2.0-alpha";

      src = builtins.fetchGit {
        url = "https://github.com/Mebus/cupp";
        ref = "master";
      };

      installPhase = ''
        # Base directories
        install -dm755 $out/share/cupp
        install -dm755 $out/bin

        # Copy files
        cp -a --no-preserve=ownership * "$out/share/cupp"

        # Use wrapper script to allow execution from anywhere
        cat > $out/bin/cupp << EOF
        #!${pkgs.bash}/bin/bash
        cd $out/share/cupp
        python cupp.py \$@
        EOF

        chmod a+x $out/bin/cupp
      '';
    })
  ];

  # PAM configuration
  security.pam = {
    # KWallet auto-unlock
    services.sddm.enableKwallet = true;
  };

  # Flatpak
  services.flatpak.enable = true;

  # Get as close to Arch as possible with rolling updates
  nix.nixPath = lib.mkOverride 0 [
    "nixpkgs=https://github.com/NixOS/nixpkgs/archive/master.tar.gz"
    "nixos=https://github.com/NixOS/nixpkgs/archive/master.tar.gz"
    "nixos-config=/etc/nixos/configuration.nix"
  ];

  # Keep system up-to-date without intervention
  system.autoUpgrade = {
    enable = true;
    channel = "nixos";
    dates = "03:00";
    rebootWindow.lower = "01:00";
    rebootWindow.upper = "05:00";
    persistent = true;
  };

  # Memory compression
  zramSwap = {
    enable = true;
    algorithm = "zstd";
    memoryPercent = 300;
  };

  # System-wide shell config
  environment.etc.bashrc.text = ''
    # Create /opt if it doesn't already exist and set proper permissions on it
    if [ ! -d /opt ]; then
      if [ $UID -eq 0 ]; then
        mkdir /opt
        chmod -R a+rw /opt
      else
        sudo mkdir /opt
        sudo chmod -R a+rw /opt
      fi
    fi

    # Ensure that Rust is installed in the correct (sysmtem-wide) location
    export CARGO_BUILD_JOBS=$(nproc)
    export RUSTUP_HOME=/opt/rust
    export CARGO_HOME=/opt/rust

    # Add Rust to $PATH if installed
    if [ -f /opt/rust/env ]; then
      source /opt/rust/env
    elif [ -d /opt/rust/bin ]; then
      export PATH=/opt/rust/bin:$PATH
    fi

    # Allow editing of files as root
    alias pkexec="pkexec env DISPLAY=$DISPLAY XAUTHORITY=$XAUTHORITY KDE_SESSION_VERSION=6 KDE_FULL_SESSION=true"

    #PwnBox-style shell prompt
    PS1="\[\033[1;32m\]\342\224\214\342\224\200\$([[ \$(/etc/htb/vpnbash.sh) == *\"10.\"* ]] && echo \"[\[\033[1;34m\]\$(/etc/htb/vpnserver.sh)\[\033[1;32m\]]\342\224\200[\[\033[1;37m\]\$(/etc/htb/vpnbash.sh)\[\033[1;32m\]]\342\224\200\")[\[\033[1;37m\]\u\[\033[01;32m\]@\[\033[01;34m\]\h\[\033[1;32m\]]\342\224\200[\[\033[1;37m\]\w\[\033[1;32m\]]\n\[\033[1;32m\]\342\224\224\342\224\200\342\224\200\342\225\274 [\[\e[01;33m\]★\[\e[01;32m\]]\\$ \[\e[0m\]"
  '';

  # VPN connection name
  environment.etc."htb/vpnserver.sh".text = ''
    #!${pkgs.bash}/bin/bash

    device=$(ip address | grep tun | grep 10.10 | sed 's/^[ \(\s|\t\)+ ]*//' | cut -d' ' -f5)
    nmcli d show $device | head -n6 | tail -n1 | sed 's/[ \(\s|\t\)+ ]*//g' | cut -d\: -f2
  '';

  # VPN IP address
  environment.etc."htb/vpnbash.sh".text = ''
    #!${pkgs.bash}/bin/bash
    htbip=$(ip addr | grep tun | grep inet | grep -E "(10\.10|10\.129)" | tr -s " " | cut -d " " -f 3 | cut -d "/" -f 1)

    if [[ $htbip == *"10."* ]]
    then
       echo "$htbip"
    else
       echo "No VPN"
    fi
  '';

  environment.etc."htb/vpnserver.sh".mode = "0755";
  environment.etc."htb/vpnbash.sh".mode = "0755";

  # Keep USB mice and keyboards awake at all times
  services.udev.extraRules = ''
    ACTION=="add", SUBSYSTEM=="usb", TEST=="power/control", ATTR{power/control}="on"
    ACTION=="add", SUBSYSTEM=="usb", TEST=="power/autosuspend", ATTR{power/autosuspend}="0"
    ACTION=="add", SUBSYSTEM=="usb", TEST=="power/autosuspend_delay_ms", ATTR{power/autosuspend_delay_ms}="0"
  '';

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  # programs.gnupg.agent = {
  #   enable = true;
  #   enableSSHSupport = true;
  # };

  # Open ports in the firewall.
  networking = {
    firewall = {
        enable = true;
        allowPing = false;
        allowedUDPPorts = [ 80 443 4822 57621 ];
        allowedTCPPorts = [ 22 80 443 4822 5353 ];
    };
    extraHosts = ''
      # Suspicious TLDs
      0.0.0.0 (^|\.)(cn|ir|zip|mov)$
    '';
    nftables.enable = true;
  };

  users = {
    # Personal user account
    users.htb-ac-1424625 = {
      isNormalUser = true;
      description = "Kenny Strawn";
      extraGroups = [ "networkmanager" "wheel" "docker" ];
      createHome = true;
    };
  };

  # User-level config
  home-manager = {

    backupFileExtension = "old";

    users.htb-ac-1424625 = { stdenv, fetchurl, lib, pkgs, ... }: {
      home.stateVersion = config.system.stateVersion;

      imports = [
        (import "${plasma-manager}/modules")
      ];

      services.home-manager.autoUpgrade.enable = config.system.autoUpgrade.enable;
      services.home-manager.autoUpgrade.frequency = config.system.autoUpgrade.dates;

      programs.plasma = {
        enable = true;

        #
        # Some high-level settings:
        #
        workspace = {
          lookAndFeel = "org.kde.breezedark.desktop";
          wallpaper = builtins.fetchurl "https://raw.githubusercontent.com/ParrotSec/parrot-wallpapers/refs/heads/master/backgrounds/hackthebox.jpg";
        };

        hotkeys.commands."launch-konsole" = {
          name = "Launch Konsole";
          key = "Ctrl+Alt+T";
          command = "konsole";
        };

        panels = [

          # Bottom panel: MacOS-like dock
          {
            location = "bottom";
            floating = true;
            alignment = "center";
            widgets = [
              #
              {
                iconTasks = {
                  launchers = [
                    "applications:org.kde.discover.desktop"
                    "applications:org.kde.dolphin.desktop"
                    "applications:org.kde.konsole.desktop"
                    # "applications:com.google.Chrome.desktop"
                    "applications:org.kde.kate.desktop"
                    # "applications:com.visualstudio.code.desktop"
                    # "applications:eclipse-cpp.desktop"
                    "applications:discord-canary.desktop"
                    "applications:burpsuite.desktop"
                    # TODO: ZAP
                  ];
                };
              }
            ];
            hiding = "none";
          }

          # Top panel: Kickoff, app name, global menu, system tray
          {
            location = "top";
            height = 32;
            widgets = [
              {
                name = "org.kde.plasma.kickoff";
                config = {
                  General = {
                    icon = builtins.fetchurl "https://gist.githubusercontent.com/kennystrawnmusic/42cef9444b40220482a62724c98618d2/raw/ecd569bea9f1598073d602b70d44007d18e9b232/start-here.svg";
                    alphaSort = true;
                  };
                };
              }
              {
                applicationTitleBar = {
                  behavior = {
                    activeTaskSource = "activeTask";
                  };
                  layout = {
                    elements = [ "windowTitle" ];
                    horizontalAlignment = "left";
                    showDisabledElements = "deactivated";
                    verticalAlignment = "center";
                  };
                  overrideForMaximized.enable = false;
                  titleReplacements = [
                    {
                      type = "regexp";
                      originalTitle = "^Brave Web Browser$";
                      newTitle = "Brave";
                    }
                    {
                      type = "regexp";
                      originalTitle = ''\\bDolphin\\b'';
                      newTitle = "File manager";
                    }
                  ];
                  windowTitle = {
                    font = {
                      bold = true;
                      fit = "fixedSize";
                      size = 12;
                    };
                    hideEmptyTitle = true;
                    margins = {
                      bottom = 0;
                      left = 10;
                      right = 5;
                      top = 0;
                    };
                    source = "appName";
                  };
                };
              }
              "org.kde.plasma.appmenu"
              "org.kde.plasma.panelspacer"
              {
                digitalClock = {
                  date.enable = true;
                  calendar.firstDayOfWeek = "sunday";
                  time = {
                    format = "24h";
                    showSeconds = "always";
                  };
                };
              }
              "org.kde.plasma.panelspacer"
              {
                systemTray.items = {
                  shown = [
                    "org.kde.plasma.battery"
                    "org.kde.plasma.bluetooth"
                    "org.kde.plasma.networkmanagement"
                    "org.kde.plasma.volume"
                  ];
                };
              }
            ];
          }
        ];

        powerdevil = {
          AC = {
            powerButtonAction = "shutDown";
            autoSuspend = {
              action = "nothing";
              idleTimeout = null;
            };
            turnOffDisplay = {
              idleTimeout = "never";
            };
          };

          battery = {
            powerButtonAction = "sleep";
            whenSleepingEnter = "standbyThenHibernate";
          };
          lowBattery = {
            whenLaptopLidClosed = "hibernate";
          };
        };

        kscreenlocker = {
          autoLock = false;
          lockOnResume = false;
          lockOnStartup = false;
          timeout = null;
        };

        #
        # Some mid-level settings:
        #
        shortcuts = {
          ksmserver = {
            "Lock Session" = [
              "Screensaver"
              "Meta+Ctrl+Alt+L"
            ];
          };

          kwin = {
            "Expose" = "Meta+,";
            "Switch Window Down" = "Meta+J";
            "Switch Window Left" = "Meta+H";
            "Switch Window Right" = "Meta+L";
            "Switch Window Up" = "Meta+K";
          };
        };

#        configfile = {
#          baloofilerc."basic settings"."indexing-enabled" = false;
#          kwinrc."org.kde.kdecoration2".buttonsonleft = "sf";
#          kwinrc.desktops.number = {
#            value = 8;
#            # forces kde to not change this value (even through the settings app).
#            immutable = true;
#          };
#          kscreenlockerrc = {
#            greeter.wallpaperplugin = "org.kde.potd";
#            # to use nested groups use / as a separator. in the below example,
#            # provider will be added to [greeter][wallpaper][org.kde.potd][general].
#            "greeter/wallpaper/org.kde.potd/general".provider = "bing";
#          };
#        };
      };
    };
  };

  system.stateVersion = "24.11";
}

This is doing everything right, including replicating a custom desktop layout and properly fetching wallpapers from remote sources, except performing usably. New windows, including terminal windows, take 10-30 seconds to open, there’s a 10-second delay between when I move the mouse and when the cursor moves, and when I open top, kwin is using up an off-the-charts percentage of CPU and RAM. All this despite the fact that I’m running on hardware this powerful, which I had to probe on a non-NixOS SSD (the one running Parrot HTB edition, namely) due to this performance issue. Why?

Here’s the Home-Manager section for good measure:

# SNIP
# User-level config
  home-manager = {

    backupFileExtension = "old";

    users.htb-ac-1424625 = { stdenv, fetchurl, lib, pkgs, ... }: {
      home.stateVersion = config.system.stateVersion;

      imports = [
        (import "${plasma-manager}/modules")
      ];

      services.home-manager.autoUpgrade.enable = config.system.autoUpgrade.enable;
      services.home-manager.autoUpgrade.frequency = config.system.autoUpgrade.dates;

      programs.plasma = {
        enable = true;

        #
        # Some high-level settings:
        #
        workspace = {
          lookAndFeel = "org.kde.breezedark.desktop";
          wallpaper = builtins.fetchurl "https://raw.githubusercontent.com/ParrotSec/parrot-wallpapers/refs/heads/master/backgrounds/hackthebox.jpg";
        };

        hotkeys.commands."launch-konsole" = {
          name = "Launch Konsole";
          key = "Ctrl+Alt+T";
          command = "konsole";
        };

        panels = [

          # Bottom panel: MacOS-like dock
          {
            location = "bottom";
            floating = true;
            alignment = "center";
            widgets = [
              #
              {
                iconTasks = {
                  launchers = [
                    "applications:org.kde.discover.desktop"
                    "applications:org.kde.dolphin.desktop"
                    "applications:org.kde.konsole.desktop"
                    # "applications:com.google.Chrome.desktop"
                    "applications:org.kde.kate.desktop"
                    # "applications:com.visualstudio.code.desktop"
                    # "applications:eclipse-cpp.desktop"
                    "applications:discord-canary.desktop"
                    "applications:burpsuite.desktop"
                    # TODO: ZAP
                  ];
                };
              }
            ];
            hiding = "none";
          }

          # Top panel: Kickoff, app name, global menu, system tray
          {
            location = "top";
            height = 32;
            widgets = [
              {
                name = "org.kde.plasma.kickoff";
                config = {
                  General = {
                    icon = builtins.fetchurl "https://gist.githubusercontent.com/kennystrawnmusic/42cef9444b40220482a62724c98618d2/raw/ecd569bea9f1598073d602b70d44007d18e9b232/start-here.svg";
                    alphaSort = true;
                  };
                };
              }
              {
                applicationTitleBar = {
                  behavior = {
                    activeTaskSource = "activeTask";
                  };
                  layout = {
                    elements = [ "windowTitle" ];
                    horizontalAlignment = "left";
                    showDisabledElements = "deactivated";
                    verticalAlignment = "center";
                  };
                  overrideForMaximized.enable = false;
                  titleReplacements = [
                    {
                      type = "regexp";
                      originalTitle = "^Brave Web Browser$";
                      newTitle = "Brave";
                    }
                    {
                      type = "regexp";
                      originalTitle = ''\\bDolphin\\b'';
                      newTitle = "File manager";
                    }
                  ];
                  windowTitle = {
                    font = {
                      bold = true;
                      fit = "fixedSize";
                      size = 12;
                    };
                    hideEmptyTitle = true;
                    margins = {
                      bottom = 0;
                      left = 10;
                      right = 5;
                      top = 0;
                    };
                    source = "appName";
                  };
                };
              }
              "org.kde.plasma.appmenu"
              "org.kde.plasma.panelspacer"
              {
                digitalClock = {
                  date.enable = true;
                  calendar.firstDayOfWeek = "sunday";
                  time = {
                    format = "24h";
                    showSeconds = "always";
                  };
                };
              }
              "org.kde.plasma.panelspacer"
              {
                systemTray.items = {
                  shown = [
                    "org.kde.plasma.battery"
                    "org.kde.plasma.bluetooth"
                    "org.kde.plasma.networkmanagement"
                    "org.kde.plasma.volume"
                  ];
                };
              }
            ];
          }
        ];

        powerdevil = {
          AC = {
            powerButtonAction = "shutDown";
            autoSuspend = {
              action = "nothing";
              idleTimeout = null;
            };
            turnOffDisplay = {
              idleTimeout = "never";
            };
          };

          battery = {
            powerButtonAction = "sleep";
            whenSleepingEnter = "standbyThenHibernate";
          };
          lowBattery = {
            whenLaptopLidClosed = "hibernate";
          };
        };

        kscreenlocker = {
          autoLock = false;
          lockOnResume = false;
          lockOnStartup = false;
          timeout = null;
        };

        #
        # Some mid-level settings:
        #
        shortcuts = {
          ksmserver = {
            "Lock Session" = [
              "Screensaver"
              "Meta+Ctrl+Alt+L"
            ];
          };

          kwin = {
            "Expose" = "Meta+,";
            "Switch Window Down" = "Meta+J";
            "Switch Window Left" = "Meta+H";
            "Switch Window Right" = "Meta+L";
            "Switch Window Up" = "Meta+K";
          };
        };

#        configfile = {
#          baloofilerc."basic settings"."indexing-enabled" = false;
#          kwinrc."org.kde.kdecoration2".buttonsonleft = "sf";
#          kwinrc.desktops.number = {
#            value = 8;
#            # forces kde to not change this value (even through the settings app).
#            immutable = true;
#          };
#          kscreenlockerrc = {
#            greeter.wallpaperplugin = "org.kde.potd";
#            # to use nested groups use / as a separator. in the below example,
#            # provider will be added to [greeter][wallpaper][org.kde.potd][general].
#            "greeter/wallpaper/org.kde.potd/general".provider = "bing";
#          };
#        };
      };
    };
  };
# SNIP

Nothing about this should be this unusably slow, so why is it?

For further context, what I’m trying to do with this configuration is nixos-install it from the Parrot system, which I previously installed the Nix package manager along with nix-env -iA nixpkgs.nixos-install-tools on. The two systems are on two entirely separate devices ― Parrot is on /dev/nvme0n1 while the device I’m trying to install NixOS to is /dev/nvme1n1 ― so there’s no risk at all of one OS corrupting the other. Yet, for whatever reason, Home Manager + Plasma Manager is making for a painfully slow experience after the attempted installation is complete, and I need someone ASAP to explain why this might be happening.

Opened Issue nix-community/plasma-manager#425 due to the lack of timely responses to this

Update: turns out the problem had nothing to do with plasma-manager and everything to do with services.xserver.videoDrivers not being set. Problem was fixed when I did that.