diff --git a/hosts/fw/configuration.nix b/hosts/fw/configuration.nix index b9e4a9a..fc86cd6 100644 --- a/hosts/fw/configuration.nix +++ b/hosts/fw/configuration.nix @@ -48,7 +48,6 @@ ./modules/ha-customers ./modules/firefox-sync.nix - ./modules/fivefilters.nix # home assistant ./modules/home-assistant diff --git a/hosts/fw/modules/dnsmasq.nix b/hosts/fw/modules/dnsmasq.nix index 0903894..a855244 100644 --- a/hosts/fw/modules/dnsmasq.nix +++ b/hosts/fw/modules/dnsmasq.nix @@ -91,7 +91,6 @@ "/omada.cloonar.com/${config.networkPrefix}.97.2" "/web-02.cloonar.com/${config.networkPrefix}.97.5" "/pla.cloonar.com/${config.networkPrefix}.97.5" - "/fivefilters.cloonar.com/${config.networkPrefix}.97.5" "/home-assistant.cloonar.com/${config.networkPrefix}.97.20" "/mopidy.cloonar.com/${config.networkPrefix}.97.21" "/snapcast.cloonar.com/${config.networkPrefix}.97.21" diff --git a/hosts/fw/modules/fivefilters.nix b/hosts/fw/modules/fivefilters.nix deleted file mode 100644 index cc46f3b..0000000 --- a/hosts/fw/modules/fivefilters.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ config, pkgs, ... }: { - users.users.fivefilters = { - isSystemUser = true; - group = "omada"; - home = "/var/lib/fivefilters"; - createHome = true; - }; - users.groups.fivefilters = { }; - - systemd.tmpfiles.rules = [ - # parent is created by createHome already, but harmless to repeat - "d /var/lib/fivefilters 0755 fivefilters fivefilters - -" - "d /var/lib/fivefilters/cache 0755 fivefilters fivefilters - -" - ]; - - # TODO: check if we can run docker service as other user than root - virtualisation = { - oci-containers.containers = { - fivefilters = { - autoStart = true; - image = "heussd/fivefilters-full-text-rss:3.8.1"; - volumes = [ - "/var/lib/fivefilters/cache:/var/www/html/cache" - ]; - extraOptions = [ - "--network=server" - "--ip=${config.networkPrefix}.97.10" - ]; - }; - }; - }; -} diff --git a/hosts/fw/modules/web/proxies.nix b/hosts/fw/modules/web/proxies.nix index 87878cd..44f1b99 100644 --- a/hosts/fw/modules/web/proxies.nix +++ b/hosts/fw/modules/web/proxies.nix @@ -25,12 +25,4 @@ recommendedProxySettings = true; }; }; - services.nginx.virtualHosts."fivefilters.cloonar.com" = { - forceSSL = true; - enableACME = true; - acmeRoot = null; - locations."/" = { - proxyPass = "http://${config.networkPrefix}.97.10"; - }; - }; } diff --git a/hosts/nb/modules/desktop/flatpak-packages.nix b/hosts/nb/modules/desktop/flatpak-packages.nix index 199a4be..8b657ea 100644 --- a/hosts/nb/modules/desktop/flatpak-packages.nix +++ b/hosts/nb/modules/desktop/flatpak-packages.nix @@ -13,11 +13,7 @@ wantedBy = [ "multi-user.target" ]; path = [ pkgs.flatpak ]; script = '' - set -eu - flatpak install --system -y --noninteractive --or-update flathub io.github.yuki_iptv.yuki-iptv - - flatpak install --system -y --noninteractive --or-update flathub com.google.AndroidStudio - flatpak run --command=bash com.google.AndroidStudio -c 'curl -fsSL https://claude.ai/install.sh | bash' + flatpak install -y https://dl.flathub.org/repo/appstream/io.github.yuki_iptv.yuki-iptv.flatpakref ''; }; @@ -29,12 +25,5 @@ exec = "${pkgs.flatpak}/bin/flatpak run io.github.yuki_iptv.yuki-iptv"; terminal = false; }) - (pkgs.makeDesktopItem { - name = "android-studio"; - desktopName = "Android Studio"; - genericName = "Android Studio"; - exec = "${pkgs.flatpak}/bin/flatpak run com.google.AndroidStudio"; - terminal = false; - }) ]; } diff --git a/hosts/nb/modules/development/claude-code.nix b/hosts/nb/modules/development/claude-code.nix index cb53767..12cdd5c 100644 --- a/hosts/nb/modules/development/claude-code.nix +++ b/hosts/nb/modules/development/claude-code.nix @@ -25,7 +25,7 @@ in { # Browser must be running with remote debugging on 127.0.0.1:9222. if ${config.home.homeDirectory}/.nix-profile/bin/claude mcp add --help >/dev/null 2>&1; then ${config.home.homeDirectory}/.nix-profile/bin/claude mcp add --scope user chrome-devtools \ - -- npx -y chrome-devtools-mcp --executablePath=${pkgs.ungoogled-chromium}/bin/chromium --isolated=true --headless=true --chromeArg=--ozone-platform=wayland --chromeArg=--enable-features=UseOzonePlatform --chromeArg=--force-device-scale-factor=1 || true + -- npx -y chrome-devtools-mcp --browserUrl=http://127.0.0.1:9222 || true fi ''; }; diff --git a/hosts/nb/modules/development/coding.nix b/hosts/nb/modules/development/coding.nix index 32185f0..c45ac94 100644 --- a/hosts/nb/modules/development/coding.nix +++ b/hosts/nb/modules/development/coding.nix @@ -8,14 +8,5 @@ in { unstable.claude-code unstable.code-cursor unstable.vscode - # android-studio-full - # android-tools ]; - - nixpkgs.config.android_sdk.accept_license = true; - - programs.adb.enable = true; # sets up udev + adb group - services.udev.packages = [ pkgs.android-udev-rules ]; - - users.users.dominik.extraGroups = [ "adbusers" ]; } diff --git a/hosts/nb/modules/development/mcp-chromium.nix b/hosts/nb/modules/development/mcp-chromium.nix index 0ab6c52..d4dd9f4 100644 --- a/hosts/nb/modules/development/mcp-chromium.nix +++ b/hosts/nb/modules/development/mcp-chromium.nix @@ -46,24 +46,7 @@ in environment.etc."codex/config.toml".text = '' [mcp_servers.chrome-devtools] command = "npx" - args = [ - # "-y", "chrome-devtools-mcp@latest", "--browserUrl=http://127.0.0.1:9222" - "-y", "chrome-devtools-mcp@latest", - - # Tell MCP exactly which Chromium to launch (Nix store path) - "--executablePath=${pkgs.ungoogled-chromium}/bin/chromium", - - # Make every run use a temporary profile (no shared state) - "--isolated=true", - - # Headful by default on Wayland - "--headless=true", - - # Pass Chromium flags for Wayland + scale - "--chromeArg=--ozone-platform=wayland", - "--chromeArg=--enable-features=UseOzonePlatform", - "--chromeArg=--force-device-scale-factor=1" - ] + args = ["-y", "chrome-devtools-mcp@latest", "--browserUrl=http://127.0.0.1:9222"] startup_timeout_sec = 30 tool_timeout_sec = 120 ''; diff --git a/hosts/nb/users/dominik.nix b/hosts/nb/users/dominik.nix index 5a5e322..5aa7337 100644 --- a/hosts/nb/users/dominik.nix +++ b/hosts/nb/users/dominik.nix @@ -234,49 +234,75 @@ in "--force-dark-mode" "--enable-features=UseOzonePlatform" "--ozone-platform=wayland" - "--default-search-provider-search-url=\"https://www.perplexity.ai/search/?q=%s\"" + "--default-search-provider-search-url=\"https://www.perplexity.ai/search/?q={searchTerms}\"" ]; dictionaries = [ pkgs.hunspellDictsChromium.en_US pkgs.hunspellDictsChromium.de_DE ]; - extensions = [ - { - # ublock - id = "epcnnfbjfcgphgdmggkamkmgojdagdnn"; - } - { - # dark reader - id = "eimadpbcbfnmbkopoojfekhnkhdbieeh"; - } - { - # privacy badger - id = "pkehgijcmpdhfbdbbnkijodmdjhbjlgp"; - } - { - # Bitwarden - id = "nngceckbapebfimnlniiiahkandclblb"; - } - { - # Dracula Theme - id = "jiaeinnfkmnkpkicpaihogiomcgikcde"; - } - { - # Vimium - id = "dbepggeogbaibhgnhhndojpepiihcmeb"; - } - { - # BrainTool - id = "fialfmcgpibjgdoeodaondepigiiddio"; - } - { - # Chathub - id = "iaakpnchhognanibcahlpcplchdfmgma"; - } - ]; + extensions = + let + createChromiumExtensionFor = browserVersion: { id, sha256, version }: + { + inherit id; + crxPath = builtins.fetchurl { + url = "https://clients2.google.com/service/update2/crx?response=redirect&acceptformat=crx2,crx3&prodversion=${browserVersion}&x=id%3D${id}%26installsource%3Dondemand%26uc"; + name = "${id}.crx"; + inherit sha256; + }; + inherit version; + }; + createChromiumExtension = createChromiumExtensionFor (lib.versions.major pkgs.ungoogled-chromium.version); + in + [ + (createChromiumExtension { + # ublock origin + id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; + sha256 = "sha256:054kqrai2kd89bzc5c3x17rjfdil2zzxrxrg65vaywmvm77y7kmn"; + version = "1.61.0"; + }) + (createChromiumExtension { + # dark reader + id = "eimadpbcbfnmbkopoojfekhnkhdbieeh"; + sha256 = "sha256:1i8rs6bcblx4d85rh41pmky3hhlpzn5977lpz5zmhwri7sb77yzk"; + version = "4.9.96"; + }) + (createChromiumExtension { + # privacy badger + id = "pkehgijcmpdhfbdbbnkijodmdjhbjlgp"; + sha256 = "sha256:19vpk8h8q0xgi40hgv1bd24n3napbgbzg12najc3mkapqcvfcmhc"; + version = "2024.7.17"; + }) + (createChromiumExtension { + # Bitwarden + id = "nngceckbapebfimnlniiiahkandclblb"; + sha256 = "sha256:02cscadjqbfx3a5bky1zc38pxymzgndb9h3wing3pb0fwm30yrzd"; + version = "2024.10.1"; + }) + (createChromiumExtension { + # Dracula Theme + id = "jiaeinnfkmnkpkicpaihogiomcgikcde"; + sha256 = "sha256:01nm7p0v3lcvx8bkinq2rr0divvqgf5d2a757lg8m21ccmznqkpc"; + version = "1.0"; + }) + (createChromiumExtension { + # Vimium + id = "dbepggeogbaibhgnhhndojpepiihcmeb"; + sha256 = "sha256:0z6c04kjp13g4ix5kpv2m8q27i8pwz2c0rdi78wcnxqmqnik4ifx"; + version = "2.1.2"; + }) + (createChromiumExtension { + # BrainTool + id = "fialfmcgpibjgdoeodaondepigiiddio"; + sha256 = "sha256:0i8aga8h7jgjgsy1xx453gryzvf6y6wm9fd2i6cnzafjpf2fk51b"; + version = "1.0.3"; + }) + ]; + }; programs.git = { + enable = true; lfs.enable = true; package = pkgs.gitAndTools.gitFull; diff --git a/todos.md b/todos.md index f2d6bf2..f8d3483 100644 --- a/todos.md +++ b/todos.md @@ -1,7 +1,9 @@ +move modules for hosts into respecting hosts directory so not every host gets rebuilded when one module changes +change sddm theme +add yubikey +change playmouth theme look into secure boot -switch from gitea to forgejo - ## chache server https://github.com/zhaofengli/attic