about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2023-10-25 01:57:50 +0300
committerAzat Bahawi <azat@bahawi.net>2023-10-25 01:57:50 +0300
commit0741650f125d2877d0ab0d9da15d6d3d229f837d (patch)
tree499f32a421e5d5d035fd22908ec2b73fe62f8e71
parent2023-10-21 (diff)
2023-10-25
Diffstat (limited to '')
-rw-r--r--.typos.toml6
-rw-r--r--flake.lock60
-rw-r--r--flake.nix1
-rw-r--r--lib/my.nix1
-rw-r--r--modules/common/common/nix/default.nix1
-rw-r--r--modules/nixos/firefox/default.nix18
-rw-r--r--modules/nixos/firefox/userContent.css3
-rw-r--r--modules/nixos/ipfs.nix2
-rw-r--r--modules/nixos/nginx.nix4
-rw-r--r--modules/nixos/unbound.nix20
-rw-r--r--nixosConfigurations/manwe/webserver.nix9
-rw-r--r--packages/hiccup.nix35
12 files changed, 114 insertions, 46 deletions
diff --git a/.typos.toml b/.typos.toml
index 783ecda..7779150 100644
--- a/.typos.toml
+++ b/.typos.toml
@@ -5,4 +5,8 @@ openpgp4fpr= "openpgp4fpr"
 referer = "referer"
 
 [files]
-extend-exclude = ["nixosConfigurations/eonwe/work.nix", "secrets/*"]
+extend-exclude = [
+    "darwinConfigurations/*/hidden.nix",
+    "nixosConfigurations/*/hidden.nix",
+    "secrets/*",
+]
diff --git a/flake.lock b/flake.lock
index e615a2f..bcd1690 100644
--- a/flake.lock
+++ b/flake.lock
@@ -70,11 +70,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1696858737,
-        "narHash": "sha256-xSWYkFEL8uToA1fye7nLPpHdi1H6dUFKD+2dZbniEBA=",
+        "lastModified": 1698052066,
+        "narHash": "sha256-KnSOyt4Ro66kNf2UIVfIy5Qj5idR9+3QrxJmbo3kzrQ=",
         "owner": "dwarfmaster",
         "repo": "arkenfox-nixos",
-        "rev": "6bbb7377ea4c68a9b414f6dfabefef398fbfd5f5",
+        "rev": "f787d60c3308f067d5f68abbe85083f8a169d72c",
         "type": "github"
       },
       "original": {
@@ -287,11 +287,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1697688028,
-        "narHash": "sha256-d9CAOd9W2iTrgB31a8Dvyp6Vgn/gxASCNrD4Z9yzUOY=",
+        "lastModified": 1698128422,
+        "narHash": "sha256-Qf39ATHrj6wfeC+K6uwD/FnI7RKrdEiN3uWaciUi0rM=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "c5c1ea85181d2bb44e46e8a944a8a3f56ad88f19",
+        "rev": "6045b68ee725167ed0487f0fb88123202ba61923",
         "type": "github"
       },
       "original": {
@@ -330,11 +330,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1697678187,
-        "narHash": "sha256-osGkweX7G9jJQ2nCgR+kOuhSAhJY2dk/KAjx7G/THW8=",
+        "lastModified": 1698161642,
+        "narHash": "sha256-4Mp9Rgg1+E8op8O1oTlAS54z7M/BbeQo4Y2QxxZlVUw=",
         "owner": "Infinidoge",
         "repo": "nix-minecraft",
-        "rev": "60eb15eb92342e4cf88b6652a83a1c4781333bf0",
+        "rev": "f1c70ba2a191d8928d2fe6ac8ef3fa82e505d2f0",
         "type": "github"
       },
       "original": {
@@ -357,11 +357,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1697678467,
-        "narHash": "sha256-Q8nK9KJspQIgMKDr1dzl3fljubngTOahRWTameHYVAc=",
+        "lastModified": 1698110344,
+        "narHash": "sha256-YGixbIoBA8OrW5ZSzNJ/hNz3uVTWk5A0/GmH2rxpI+E=",
         "owner": "nix-community",
         "repo": "nix-vscode-extensions",
-        "rev": "23e2065c532cab6a24beb00e8545551642a7af28",
+        "rev": "9b37cc71f2d9fdbd6ab1796133fea747fa2c9ed2",
         "type": "github"
       },
       "original": {
@@ -373,11 +373,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1697748412,
-        "narHash": "sha256-5VSB63UE/O191cuZiGHbCJ9ipc7cGKB8cHp0cfusuyo=",
+        "lastModified": 1698053470,
+        "narHash": "sha256-sP8D/41UiwC2qn0X40oi+DfuVzNHMROqIWdSdCI/AYA=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "72d53d51704295f1645d20384cd13aecc182f624",
+        "rev": "80d98a7d55c6e27954a166cb583a41325e9512d7",
         "type": "github"
       },
       "original": {
@@ -389,11 +389,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1697688401,
-        "narHash": "sha256-61QlajY7R9PbK25uFl55zh968CVNspwXX1zzimic4Uo=",
+        "lastModified": 1697915759,
+        "narHash": "sha256-WyMj5jGcecD+KC8gEs+wFth1J1wjisZf8kVZH13f1Zo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "458ef9126aa380996d77d44f53f886c2d8485f53",
+        "rev": "51d906d2341c9e866e48c2efcaac0f2d70bfd43e",
         "type": "github"
       },
       "original": {
@@ -405,11 +405,11 @@
     },
     "nixpkgs-master": {
       "locked": {
-        "lastModified": 1697750666,
-        "narHash": "sha256-j1jBgTizTneR80ykZcG/282d2J4XY0gBZpLi4iXhYhE=",
+        "lastModified": 1698178197,
+        "narHash": "sha256-1/X3YW444tGIKyTXGYPaRwYDxZrU/KuRbYgIKJSUt+o=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "083d89547d1d1204e314b06d19451c6e840ecfe4",
+        "rev": "955525b515f43c1f356ebaab40b0b794c67e0e48",
         "type": "github"
       },
       "original": {
@@ -421,11 +421,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1697734951,
-        "narHash": "sha256-LLRWbosbP8X/m65aZXUcb2gPjaxPNK89u7Ax3MJMyic=",
+        "lastModified": 1698160471,
+        "narHash": "sha256-lH7ZEItqQOWi21St9JyE6t3yyFNYGoQqSEcS90WMnBY=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "f4cf0233c58eeb549531a1d096711909f3b0a546",
+        "rev": "04f431fe64a5ba8ff129cbbbfec489cfe903982c",
         "type": "github"
       },
       "original": {
@@ -449,11 +449,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1697646003,
-        "narHash": "sha256-RNg0aTTxpEH+tO5Cxj3DuihfiZBo8veZAttCW1FscO4=",
+        "lastModified": 1698063089,
+        "narHash": "sha256-fJRcsO+KHf0K04fRHIS6HETJRWMakTNbUaWx8WeYHX4=",
         "owner": "nix-community",
         "repo": "nixvim",
-        "rev": "d560fc6183b4c6bf68f0846e6b1ef906f2c78929",
+        "rev": "0c5dcb56d105addedd001f043e6a32ab9f1abe92",
         "type": "github"
       },
       "original": {
@@ -499,11 +499,11 @@
     },
     "nur": {
       "locked": {
-        "lastModified": 1697751683,
-        "narHash": "sha256-QA3mZdILLte7fvfyai+eX3jdU91/zgLRmaompUluB8Q=",
+        "lastModified": 1698176069,
+        "narHash": "sha256-rjncD+8c3znRZDOB6hugRwMingBHvIz2jtTFCSiMkSk=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "a2212d436f621baef2c42f2e5832a7595e935b82",
+        "rev": "c4231705e51c32a83297ebb7bc88da0e87fe4ba5",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index e1d5b8e..ed64cd7 100644
--- a/flake.nix
+++ b/flake.nix
@@ -348,6 +348,7 @@
 
         overlays.default = final: prev: {
           bruh = prev.callPackage ./packages/bruh.nix {};
+          hiccup = prev.callPackage ./packages/hiccup.nix {};
           mpv-autosub = prev.callPackage ./packages/mpv-autosub.nix {};
           myip = prev.callPackage ./packages/myip.nix {};
           nixfiles = prev.callPackage ./packages/nixfiles.nix {};
diff --git a/lib/my.nix b/lib/my.nix
index 55eff4f..1044211 100644
--- a/lib/my.nix
+++ b/lib/my.nix
@@ -168,6 +168,7 @@ with lib;
                 "prometheus.${shire}"
                 "radicale.${shire}"
                 "rss-bridge.${shire}"
+                "start.local"
                 "vaultwarden.${shire}"
                 azahi
                 rohan
diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix
index 03918d7..ab29039 100644
--- a/modules/common/common/nix/default.nix
+++ b/modules/common/common/nix/default.nix
@@ -4,7 +4,6 @@
   lib,
   localUsername ? lib.my.username,
   pkgs,
-  pkgsPr,
   this,
   ...
 }:
diff --git a/modules/nixos/firefox/default.nix b/modules/nixos/firefox/default.nix
index 11375a6..2e24f23 100644
--- a/modules/nixos/firefox/default.nix
+++ b/modules/nixos/firefox/default.nix
@@ -409,6 +409,23 @@ in {
             };
           };
 
+          # NOTE Kinda breaks explicit bookmarking...
+          # bookmarks = [
+          #   {
+          #     name = "Local";
+          #     bookmarks = with config.nixfiles.modules; [
+          #       (mkIf syncthing.enable {
+          #         name = "Syncthing";
+          #         url = "http://${config.services.syncthing.guiAddress}";
+          #       })
+          #       (mkIf ipfs.enable {
+          #         name = "IPFS";
+          #         url = "http://127.0.0.1:${toString ipfs.apiPort}/webui";
+          #       })
+          #     ];
+          #   }
+          # ];
+
           # https://github.com/arkenfox/user.js/blob/master/user.js
           arkenfox = {
             enable = true;
@@ -479,7 +496,6 @@ in {
               };
             };
             "1200".enable = true;
-            "1400".enable = false;
             "1600".enable = true;
             "1700".enable = false;
             "2000".enable = true;
diff --git a/modules/nixos/firefox/userContent.css b/modules/nixos/firefox/userContent.css
index e95c733..f5497ab 100644
--- a/modules/nixos/firefox/userContent.css
+++ b/modules/nixos/firefox/userContent.css
@@ -72,8 +72,7 @@
     a[href^="/topics"],
     a[href^="/trending"],
     details[id^="funding-links-modal"],
-    footer
-    {
+    footer {
         display: none !important;
     }
 
diff --git a/modules/nixos/ipfs.nix b/modules/nixos/ipfs.nix
index 16e986c..43ddb70 100644
--- a/modules/nixos/ipfs.nix
+++ b/modules/nixos/ipfs.nix
@@ -86,7 +86,7 @@ in {
                   "/ip6/fc00::/ipcidr/7"
                 ];
             in {
-              Addresses = with config.services.ipfs; {
+              Addresses = {
                 API = "/ip4/127.0.0.1/tcp/${toString cfg.apiPort}";
                 Gateway = "/ip4/127.0.0.1/tcp/${toString cfg.gatewayPort}";
                 Swarm = let
diff --git a/modules/nixos/nginx.nix b/modules/nixos/nginx.nix
index 411bb0d..9ca6936 100644
--- a/modules/nixos/nginx.nix
+++ b/modules/nixos/nginx.nix
@@ -71,8 +71,8 @@ in {
             mkMerge [
               attr
               (mkIf config.nixfiles.modules.acme.enable {
-                enableACME = true;
-                forceSSL = true;
+                enableACME = mkDefault true;
+                forceSSL = mkDefault true;
               })
             ])
           cfg.virtualHosts));
diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix
index bbf91ac..4d21fd2 100644
--- a/modules/nixos/unbound.nix
+++ b/modules/nixos/unbound.nix
@@ -94,6 +94,15 @@ in {
                   attr.domains)))
               my.configurations);
 
+              private-domain = map (domain: "${domain}.") [
+                cfg.domain
+                "local"
+              ];
+              private-address = with config.nixfiles.modules.wireguard; [
+                ipv4.subnet
+                ipv6.subnet
+              ];
+
               access-control = with config.nixfiles.modules.wireguard; [
                 "0.0.0.0/0 refuse"
                 "::/0 refuse"
@@ -103,12 +112,6 @@ in {
                 "${ipv6.subnet} allow"
               ];
 
-              private-domain = "${cfg.domain}.";
-              private-address = with config.nixfiles.modules.wireguard; [
-                ipv4.subnet
-                ipv6.subnet
-              ];
-
               cache-min-ttl = 0;
 
               serve-expired = true;
@@ -174,7 +177,7 @@ in {
                     name = "unbound-adblock-update";
                     runtimeInputs = [curl package];
                     text = ''
-                      curl \
+                      curl -s \
                         "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=unbound&showintro=0&mimetype=plaintext" \
                         >${adblock-conf}
 
@@ -191,7 +194,8 @@ in {
         timers.unbound-adblock-update = {
           requires = ["network-online.target"];
           timerConfig = {
-            OnUnitActiveSec = "1d";
+            OnCalendar = "daily";
+            Persistent = true;
             Unit = "unbound-adblock-update.service";
           };
           wantedBy = ["timers.target"];
diff --git a/nixosConfigurations/manwe/webserver.nix b/nixosConfigurations/manwe/webserver.nix
index 9e19474..6f8e088 100644
--- a/nixosConfigurations/manwe/webserver.nix
+++ b/nixosConfigurations/manwe/webserver.nix
@@ -1,6 +1,7 @@
 {
   inputs,
   lib,
+  pkgs,
   ...
 }:
 with lib; {
@@ -8,6 +9,14 @@ with lib; {
     enable = true;
     virtualHosts = with my.domain;
       {
+        # TODO Use a Self-signed certificate.
+        # TODO Allow overriding config.json, possibly via NGINX itself.
+        "start.local" = {
+          root = pkgs.hiccup;
+          locations."/".tryFiles = "$uri $uri/ /index.html";
+          enableACME = false;
+          forceSSL = false;
+        };
         ${shire}.locations."/".return = "301 https://www.youtube.com/watch?v=dQw4w9WgXcQ";
         "git.${shire}".locations."/".return = "301 https://git.${azahi}";
         "bitwarden.${shire}".locations."/".return = "301 https://vaultwarden.${shire}";
diff --git a/packages/hiccup.nix b/packages/hiccup.nix
new file mode 100644
index 0000000..152a5e9
--- /dev/null
+++ b/packages/hiccup.nix
@@ -0,0 +1,35 @@
+{
+  buildNpmPackage,
+  fetchFromGitHub,
+  lib,
+}:
+buildNpmPackage rec {
+  pname = "hiccup";
+  version = "0.4.3";
+
+  src = fetchFromGitHub {
+    owner = "ashwin-pc";
+    repo = pname;
+    rev = "v${version}";
+    hash = "sha256-JLuXQ4jZHI9wF1fgnnBPH/TaTHJL/zGCSuKc9hy4e28=";
+  };
+
+  npmDepsHash = "sha256-YPj7tzMUh56rJfxOVhye4cK6VS0azA/LiE9DMweGLuw=";
+
+  installPhase = ''
+    runHook preInstall
+
+    mv build $out
+
+    runHook postInstall
+  '';
+
+  CYPRESS_INSTALL_BINARY = "0";
+
+  meta = with lib; {
+    description = "A static start page to get to your most important links";
+    inherit (finalAttrs.src.meta) homepage;
+    license = licenses.mit;
+    maintainers = with maintainers; [azahi];
+  };
+}

Consider giving Nix/NixOS a try! <3