From 0741650f125d2877d0ab0d9da15d6d3d229f837d Mon Sep 17 00:00:00 2001
From: Azat Bahawi <azat@bahawi.net>
Date: Wed, 25 Oct 2023 01:57:50 +0300
Subject: 2023-10-25

---
 modules/common/common/nix/default.nix |  1 -
 modules/nixos/firefox/default.nix     | 18 +++++++++++++++++-
 modules/nixos/firefox/userContent.css |  3 +--
 modules/nixos/ipfs.nix                |  2 +-
 modules/nixos/nginx.nix               |  4 ++--
 modules/nixos/unbound.nix             | 20 ++++++++++++--------
 6 files changed, 33 insertions(+), 15 deletions(-)

(limited to 'modules')

diff --git a/modules/common/common/nix/default.nix b/modules/common/common/nix/default.nix
index 03918d7..ab29039 100644
--- a/modules/common/common/nix/default.nix
+++ b/modules/common/common/nix/default.nix
@@ -4,7 +4,6 @@
   lib,
   localUsername ? lib.my.username,
   pkgs,
-  pkgsPr,
   this,
   ...
 }:
diff --git a/modules/nixos/firefox/default.nix b/modules/nixos/firefox/default.nix
index 11375a6..2e24f23 100644
--- a/modules/nixos/firefox/default.nix
+++ b/modules/nixos/firefox/default.nix
@@ -409,6 +409,23 @@ in {
             };
           };
 
+          # NOTE Kinda breaks explicit bookmarking...
+          # bookmarks = [
+          #   {
+          #     name = "Local";
+          #     bookmarks = with config.nixfiles.modules; [
+          #       (mkIf syncthing.enable {
+          #         name = "Syncthing";
+          #         url = "http://${config.services.syncthing.guiAddress}";
+          #       })
+          #       (mkIf ipfs.enable {
+          #         name = "IPFS";
+          #         url = "http://127.0.0.1:${toString ipfs.apiPort}/webui";
+          #       })
+          #     ];
+          #   }
+          # ];
+
           # https://github.com/arkenfox/user.js/blob/master/user.js
           arkenfox = {
             enable = true;
@@ -479,7 +496,6 @@ in {
               };
             };
             "1200".enable = true;
-            "1400".enable = false;
             "1600".enable = true;
             "1700".enable = false;
             "2000".enable = true;
diff --git a/modules/nixos/firefox/userContent.css b/modules/nixos/firefox/userContent.css
index e95c733..f5497ab 100644
--- a/modules/nixos/firefox/userContent.css
+++ b/modules/nixos/firefox/userContent.css
@@ -72,8 +72,7 @@
     a[href^="/topics"],
     a[href^="/trending"],
     details[id^="funding-links-modal"],
-    footer
-    {
+    footer {
         display: none !important;
     }
 
diff --git a/modules/nixos/ipfs.nix b/modules/nixos/ipfs.nix
index 16e986c..43ddb70 100644
--- a/modules/nixos/ipfs.nix
+++ b/modules/nixos/ipfs.nix
@@ -86,7 +86,7 @@ in {
                   "/ip6/fc00::/ipcidr/7"
                 ];
             in {
-              Addresses = with config.services.ipfs; {
+              Addresses = {
                 API = "/ip4/127.0.0.1/tcp/${toString cfg.apiPort}";
                 Gateway = "/ip4/127.0.0.1/tcp/${toString cfg.gatewayPort}";
                 Swarm = let
diff --git a/modules/nixos/nginx.nix b/modules/nixos/nginx.nix
index 411bb0d..9ca6936 100644
--- a/modules/nixos/nginx.nix
+++ b/modules/nixos/nginx.nix
@@ -71,8 +71,8 @@ in {
             mkMerge [
               attr
               (mkIf config.nixfiles.modules.acme.enable {
-                enableACME = true;
-                forceSSL = true;
+                enableACME = mkDefault true;
+                forceSSL = mkDefault true;
               })
             ])
           cfg.virtualHosts));
diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix
index bbf91ac..4d21fd2 100644
--- a/modules/nixos/unbound.nix
+++ b/modules/nixos/unbound.nix
@@ -94,6 +94,15 @@ in {
                   attr.domains)))
               my.configurations);
 
+              private-domain = map (domain: "${domain}.") [
+                cfg.domain
+                "local"
+              ];
+              private-address = with config.nixfiles.modules.wireguard; [
+                ipv4.subnet
+                ipv6.subnet
+              ];
+
               access-control = with config.nixfiles.modules.wireguard; [
                 "0.0.0.0/0 refuse"
                 "::/0 refuse"
@@ -103,12 +112,6 @@ in {
                 "${ipv6.subnet} allow"
               ];
 
-              private-domain = "${cfg.domain}.";
-              private-address = with config.nixfiles.modules.wireguard; [
-                ipv4.subnet
-                ipv6.subnet
-              ];
-
               cache-min-ttl = 0;
 
               serve-expired = true;
@@ -174,7 +177,7 @@ in {
                     name = "unbound-adblock-update";
                     runtimeInputs = [curl package];
                     text = ''
-                      curl \
+                      curl -s \
                         "https://pgl.yoyo.org/adservers/serverlist.php?hostformat=unbound&showintro=0&mimetype=plaintext" \
                         >${adblock-conf}
 
@@ -191,7 +194,8 @@ in {
         timers.unbound-adblock-update = {
           requires = ["network-online.target"];
           timerConfig = {
-            OnUnitActiveSec = "1d";
+            OnCalendar = "daily";
+            Persistent = true;
             Unit = "unbound-adblock-update.service";
           };
           wantedBy = ["timers.target"];
-- 
cgit v1.2.3