feat: update MCP configuration to include additional permissions for nixos and puppeteer modules

hosts/nb/modules/mcp-global.nix

@@ -3,14 +3,14 @@
 let
   # Fetch MCP servers library
   mcpServersNix = import (builtins.fetchTarball {
-    url = "https://github.com/dpolakovics/mcp-servers-nix/archive/e068d6aa5d9972987aa8aed198b7bb763b1af161.tar.gz";
+    url = "https://github.com/dpolakovics/mcp-servers-nix/archive/916979f7692e25cb3510d68201886b18c381da06.tar.gz";
-    sha256 = "sha256-yWFrZG9UryIf3EW8BoYNqRU61hL5iyqYrEOX0wXWuhk=";
+    sha256 = "sha256-S/AzJI1OvWCmSOZ02H4aRUCZVAE6dpH99vZcz43W2Nw=";
   }) { inherit pkgs; };
 
   # Build MCP configuration
   mcpJsonConfig = mcpServersNix.lib.mkConfig pkgs {
     programs = {
-      fetch.enable            = true;
+      # fetch.enable            = true;
       brave-search = {
         enable  = true;
         envFile = config.sops.secrets.mcp-brave-env.path;
@@ -19,11 +19,46 @@ let
       puppeteer.enable        = true;
       # memory.enable           = true;
       sequential-thinking.enable = true;
+      context7.enable = true;
     };
     settings = {
-      mcpServers.nixos = {
+      mcpServers = {
+        brave-search = {
+          alwaysAllow = [ "brave_web_search" "brave_local_search"];
+        };
+        context7 = {
+          alwaysAllow = [ "resolve-library-id" "get-library-docs" ];
+        };
+        nixos = {
           command = "nix";
           args    = [ "run" "github:utensils/mcp-nixos" "--" ];
+          alwaysAllow = [
+            "nixos_search"
+            "nixos_info"
+            "nixos_channels"
+            "home_manager_search"
+            "home_manager_info"
+            "home_manager_stats"
+            "home_manager_list_options"
+            "home_manager_options_by_prefix"
+            "nixhub_package_versions"
+            "nixhub_find_version"
+          ];
+        };
+        puppeteer = {
+          alwaysAllow = [
+            "puppeteer_navigate"
+            "puppeteer_screenshot"
+            "puppeteer_click"
+            "puppeteer_fill"
+            "puppeteer_select"
+            "puppeteer_hover"
+            "puppeteer_evaluate"
+          ];
+        };
+        sequential-thinking = {
+          alwaysAllow = [ "sequentialthinking" ];
+        };
       };
     };
   };