diff options
author | Azat Bahawi <azat@bahawi.net> | 2023-10-25 01:57:50 +0300 |
---|---|---|
committer | Azat Bahawi <azat@bahawi.net> | 2023-10-25 01:57:50 +0300 |
commit | 0741650f125d2877d0ab0d9da15d6d3d229f837d (patch) | |
tree | 499f32a421e5d5d035fd22908ec2b73fe62f8e71 | |
parent | 2023-10-21 (diff) |
2023-10-25
Diffstat (limited to '')
-rw-r--r-- | .typos.toml | 6 | ||||
-rw-r--r-- | flake.lock | 60 | ||||
-rw-r--r-- | flake.nix | 1 | ||||
-rw-r--r-- | lib/my.nix | 1 | ||||
-rw-r--r-- | modules/common/common/nix/default.nix | 1 | ||||
-rw-r--r-- | modules/nixos/firefox/default.nix | 18 | ||||
-rw-r--r-- | modules/nixos/firefox/userContent.css | 3 | ||||
-rw-r--r-- | modules/nixos/ipfs.nix | 2 | ||||
-rw-r--r-- | modules/nixos/nginx.nix | 4 | ||||
-rw-r--r-- | modules/nixos/unbound.nix | 20 | ||||
-rw-r--r-- | nixosConfigurations/manwe/webserver.nix | 9 | ||||
-rw-r--r-- | packages/hiccup.nix | 35 |
12 files changed, 114 insertions, 46 deletions
diff --git a/.typos.toml b/.typos.toml index 783ecda..7779150 100644 --- a/.typos.toml +++ b/.typos.toml @@ -5,4 +5,8 @@ openpgp4fpr= "openpgp4fpr" referer = "referer" [files] -extend-exclude = ["nixosConfigurations/eonwe/work.nix", "secrets/*"] +extend-exclude = [ + "darwinConfigurations/*/hidden.nix", + "nixosConfigurations/*/hidden.nix", + "secrets/*", +] diff --git a/flake.lock b/flake.lock index e615a2f..bcd1690 100644 --- a/flake.lock +++ b/flake.lock @@ -70,11 +70,11 @@ ] }, "locked": { - "lastModified": 1696858737, - "narHash": "sha256-xSWYkFEL8uToA1fye7nLPpHdi1H6dUFKD+2dZbniEBA=", + "lastModified": 1698052066, + "narHash": "sha256-KnSOyt4Ro66kNf2UIVfIy5Qj5idR9+3QrxJmbo3kzrQ=", "owner": "dwarfmaster", "repo": "arkenfox-nixos", - "rev": "6bbb7377ea4c68a9b414f6dfabefef398fbfd5f5", + "rev": "f787d60c3308f067d5f68abbe85083f8a169d72c", "type": "github" }, "original": { @@ -287,11 +287,11 @@ ] }, "locked": { - "lastModified": 1697688028, - "narHash": "sha256-d9CAOd9W2iTrgB31a8Dvyp6Vgn/gxASCNrD4Z9yzUOY=", + "lastModified": 1698128422, + "narHash": "sha256-Qf39ATHrj6wfeC+K6uwD/FnI7RKrdEiN3uWaciUi0rM=", "owner": "nix-community", "repo": "home-manager", - "rev": "c5c1ea85181d2bb44e46e8a944a8a3f56ad88f19", + "rev": "6045b68ee725167ed0487f0fb88123202ba61923", "type": "github" }, "original": { @@ -330,11 +330,11 @@ ] }, "locked": { - "lastModified": 1697678187, - "narHash": "sha256-osGkweX7G9jJQ2nCgR+kOuhSAhJY2dk/KAjx7G/THW8=", + "lastModified": 1698161642, + "narHash": "sha256-4Mp9Rgg1+E8op8O1oTlAS54z7M/BbeQo4Y2QxxZlVUw=", "owner": "Infinidoge", "repo": "nix-minecraft", - "rev": "60eb15eb92342e4cf88b6652a83a1c4781333bf0", + "rev": "f1c70ba2a191d8928d2fe6ac8ef3fa82e505d2f0", "type": "github" }, "original": { @@ -357,11 +357,11 @@ ] }, "locked": { - "lastModified": 1697678467, - "narHash": "sha256-Q8nK9KJspQIgMKDr1dzl3fljubngTOahRWTameHYVAc=", + "lastModified": 1698110344, + "narHash": "sha256-YGixbIoBA8OrW5ZSzNJ/hNz3uVTWk5A0/GmH2rxpI+E=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "23e2065c532cab6a24beb00e8545551642a7af28", + "rev": "9b37cc71f2d9fdbd6ab1796133fea747fa2c9ed2", "type": "github" }, "original": { @@ -373,11 +373,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1697748412, - "narHash": "sha256-5VSB63UE/O191cuZiGHbCJ9ipc7cGKB8cHp0cfusuyo=", + "lastModified": 1698053470, + "narHash": "sha256-sP8D/41UiwC2qn0X40oi+DfuVzNHMROqIWdSdCI/AYA=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "72d53d51704295f1645d20384cd13aecc182f624", + "rev": "80d98a7d55c6e27954a166cb583a41325e9512d7", "type": "github" }, "original": { @@ -389,11 +389,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1697688401, - "narHash": "sha256-61QlajY7R9PbK25uFl55zh968CVNspwXX1zzimic4Uo=", + "lastModified": 1697915759, + "narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "458ef9126aa380996d77d44f53f886c2d8485f53", + "rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e", "type": "github" }, "original": { @@ -405,11 +405,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1697750666, - "narHash": "sha256-j1jBgTizTneR80ykZcG/282d2J4XY0gBZpLi4iXhYhE=", + "lastModified": 1698178197, + "narHash": "sha256-1/X3YW444tGIKyTXGYPaRwYDxZrU/KuRbYgIKJSUt+o=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "083d89547d1d1204e314b06d19451c6e840ecfe4", + "rev": "955525b515f43c1f356ebaab40b0b794c67e0e48", "type": "github" }, "original": { @@ -421,11 +421,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1697734951, - "narHash": "sha256-LLRWbosbP8X/m65aZXUcb2gPjaxPNK89u7Ax3MJMyic=", + "lastModified": 1698160471, + "narHash": "sha256-lH7ZEItqQOWi21St9JyE6t3yyFNYGoQqSEcS90WMnBY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f4cf0233c58eeb549531a1d096711909f3b0a546", + "rev": "04f431fe64a5ba8ff129cbbbfec489cfe903982c", "type": "github" }, "original": { @@ -449,11 +449,11 @@ ] }, "locked": { - "lastModified": 1697646003, - "narHash": "sha256-RNg0aTTxpEH+tO5Cxj3DuihfiZBo8veZAttCW1FscO4=", + "lastModified": 1698063089, + "narHash": "sha256-fJRcsO+KHf0K04fRHIS6HETJRWMakTNbUaWx8WeYHX4=", "owner": "nix-community", "repo": "nixvim", - "rev": "d560fc6183b4c6bf68f0846e6b1ef906f2c78929", + "rev": "0c5dcb56d105addedd001f043e6a32ab9f1abe92", "type": "github" }, "original": { @@ -499,11 +499,11 @@ }, "nur": { "locked": { - "lastModified": 1697751683, - "narHash": "sha256-QA3mZdILLte7fvfyai+eX3jdU91/zgLRmaompUluB8Q=", + "lastModified": 1698176069, + "narHash": "sha256-rjncD+8c3znRZDOB6hugRwMingBHvIz2jtTFCSiMkSk=", "owner": "nix-community", "repo": "NUR", - "rev": "a2212d436f621baef2c42f2e5832a7595e935b82", + "rev": "c4231705e51c32a83297ebb7bc88da0e87fe4ba5", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e1d5b8e..ed64cd7 100644 --- a/flake.nix +++ b/flake.nix @@ -348,6 +348,7 @@ overlays.default = final: prev: { bruh = prev.callPackage ./packages/bruh.nix {}; + hiccup = prev.callPackage ./packages/hiccup.nix {}; mpv-autosub = prev.callPackage ./packages/mpv-autosub.nix {}; myip = prev.callPackage ./packages/myip.nix {}; nixfiles = prev.callPackage ./packages/nixfiles.nix {}; diff --git a/lib/my.nix b/lib/my.nix index 55eff4f..1044211 100644 --- a/lib/my.nix +++ b/lib/my.nix @@ -168,6 +168,7 @@ with lib; "prometheus.${shire}" "radicale.${shire}" "rss-bridge.${shire}" + "start.local" "vaultwarden.${shire}" azahi rohan diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix index 03918d7..ab29039 100644 --- a/modules/common/common/nix/default.nix +++ b/modules/common/common/nix/default.nix @@ -4,7 +4,6 @@ lib, localUsername ? lib.my.username, pkgs, - pkgsPr, this, ... }: diff --git a/modules/nixos/firefox/default.nix b/modules/nixos/firefox/default.nix index 11375a6..2e24f23 100644 --- a/modules/nixos/firefox/default.nix +++ b/modules/nixos/firefox/default.nix @@ -409,6 +409,23 @@ in { }; }; + # NOTE Kinda breaks explicit bookmarking... + # bookmarks = [ + # { + # name = "Local"; + # bookmarks = with config.nixfiles.modules; [ + # (mkIf syncthing.enable { + # name = "Syncthing"; + # url = "http://${config.services.syncthing.guiAddress}"; + # }) + # (mkIf ipfs.enable { + # name = "IPFS"; + # url = "http://127.0.0.1:${toString ipfs.apiPort}/webui"; + # }) + # ]; + # } + # ]; + # https://github.com/arkenfox/user.js/blob/master/user.js arkenfox = { enable = true; @@ -479,7 +496,6 @@ in { }; }; "1200".enable = true; - "1400".enable = false; "1600".enable = true; "1700".enable = false; "2000".enable = true; diff --git a/modules/nixos/firefox/userContent.css b/modules/nixos/firefox/userContent.css index e95c733..f5497ab 100644 --- a/modules/nixos/firefox/userContent.css +++ b/modules/nixos/firefox/userContent.css @@ -72,8 +72,7 @@ a[href^="/topics"], a[href^="/trending"], details[id^="funding-links-modal"], - footer - { + footer { display: none !important; } diff --git a/modules/nixos/ipfs.nix b/modules/nixos/ipfs.nix index 16e986c..43ddb70 100644 --- a/modules/nixos/ipfs.nix +++ b/modules/nixos/ipfs.nix @@ -86,7 +86,7 @@ in { "/ip6/fc00::/ipcidr/7" ]; in { - Addresses = with config.services.ipfs; { + Addresses = { API = "/ip4/127.0.0.1/tcp/${toString cfg.apiPort}"; Gateway = "/ip4/127.0.0.1/tcp/${toString cfg.gatewayPort}"; Swarm = let diff --git a/modules/nixos/nginx.nix b/modules/nixos/nginx.nix index 411bb0d..9ca6936 100644 --- a/modules/nixos/nginx.nix +++ b/modules/nixos/nginx.nix @@ -71,8 +71,8 @@ in { mkMerge [ attr (mkIf config.nixfiles.modules.acme.enable { - enableACME = true; - forceSSL = true; + enableACME = mkDefault true; + forceSSL = mkDefault true; }) ]) cfg.virtualHosts)); diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix index bbf91ac..4d21fd2 100644 --- a/modules/nixos/unbound.nix +++ b/modules/nixos/unbound.nix @@ -94,6 +94,15 @@ in { attr.domains))) my.configurations); + private-domain = map (domain: "${domain}.") [ + cfg.domain + "local" + ]; + private-address = with config.nixfiles.modules.wireguard; [ + ipv4.subnet + ipv6.subnet + ]; + access-control = with config.nixfiles.modules.wireguard; [ "0.0.0.0/0 refuse" "::/0 refuse" @@ -103,12 +112,6 @@ in { "${ipv6.subnet} allow" ]; - private-domain = "${cfg.domain}."; - private-address = with config.nixfiles.modules.wireguard; [ - ipv4.subnet - ipv6.subnet - ]; - cache-min-ttl = 0; serve-expired = true; @@ -174,7 +177,7 @@ in { name = "unbound-adblock-update"; runtimeInputs = [curl package]; text = '' - curl \ + curl -s \ "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=unbound&showintro=0&mimetype=plaintext" \ >${adblock-conf} @@ -191,7 +194,8 @@ in { timers.unbound-adblock-update = { requires = ["network-online.target"]; timerConfig = { - OnUnitActiveSec = "1d"; + OnCalendar = "daily"; + Persistent = true; Unit = "unbound-adblock-update.service"; }; wantedBy = ["timers.target"]; diff --git a/nixosConfigurations/manwe/webserver.nix b/nixosConfigurations/manwe/webserver.nix index 9e19474..6f8e088 100644 --- a/nixosConfigurations/manwe/webserver.nix +++ b/nixosConfigurations/manwe/webserver.nix @@ -1,6 +1,7 @@ { inputs, lib, + pkgs, ... }: with lib; { @@ -8,6 +9,14 @@ with lib; { enable = true; virtualHosts = with my.domain; { + # TODO Use a Self-signed certificate. + # TODO Allow overriding config.json, possibly via NGINX itself. + "start.local" = { + root = pkgs.hiccup; + locations."/".tryFiles = "$uri $uri/ /index.html"; + enableACME = false; + forceSSL = false; + }; ${shire}.locations."/".return = "301 https://www.youtube.com/watch?v=dQw4w9WgXcQ"; "git.${shire}".locations."/".return = "301 https://git.${azahi}"; "bitwarden.${shire}".locations."/".return = "301 https://vaultwarden.${shire}"; diff --git a/packages/hiccup.nix b/packages/hiccup.nix new file mode 100644 index 0000000..152a5e9 --- /dev/null +++ b/packages/hiccup.nix @@ -0,0 +1,35 @@ +{ + buildNpmPackage, + fetchFromGitHub, + lib, +}: +buildNpmPackage rec { + pname = "hiccup"; + version = "0.4.3"; + + src = fetchFromGitHub { + owner = "ashwin-pc"; + repo = pname; + rev = "v${version}"; + hash = "sha256-JLuXQ4jZHI9wF1fgnnBPH/TaTHJL/zGCSuKc9hy4e28="; + }; + + npmDepsHash = "sha256-YPj7tzMUh56rJfxOVhye4cK6VS0azA/LiE9DMweGLuw="; + + installPhase = '' + runHook preInstall + + mv build $out + + runHook postInstall + ''; + + CYPRESS_INSTALL_BINARY = "0"; + + meta = with lib; { + description = "A static start page to get to your most important links"; + inherit (finalAttrs.src.meta) homepage; + license = licenses.mit; + maintainers = with maintainers; [azahi]; + }; +} |