diff --git a/nix/configurations/vanadium/home/xmobar/xmobar.hs b/nix/configurations/vanadium/home/xmobar/xmobar.hs index 1117d7cd..88837948 100644 --- a/nix/configurations/vanadium/home/xmobar/xmobar.hs +++ b/nix/configurations/vanadium/home/xmobar/xmobar.hs @@ -77,7 +77,6 @@ config = , "--target", "2025-10-13=no teef" , "--target", "2025-10-31=dragon book" , "--target", "2025-11-29=à deux" - , "--target", "2025-12-16=dragon book²" , "--target", "2025-12-30=seule" ] "" diff --git a/nix/configurations/vanadium/nixos/connectivity.nix b/nix/configurations/vanadium/nixos/connectivity.nix index 3564f3f1..add16508 100644 --- a/nix/configurations/vanadium/nixos/connectivity.nix +++ b/nix/configurations/vanadium/nixos/connectivity.nix @@ -38,134 +38,98 @@ secretsFile = config.age.secrets.wpa_password.path; scanOnLowSignal = false; networks = let - # wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`. - escapePwdKey = lib.replaceStrings ["="] ["_"]; + properties = lib.flip lib.pipe; + networks = lib.flip lib.genAttrs (_: {}); - privatePriority = 10; - limitedPriority = -10; + # The higher the more preferred + setPrio = i: lib.mapAttrs (_: conf: conf // {priority = i;}); + private = setPrio 10; + limited = setPrio (-10); - fromList = ns: let - go = networkArgs @ { - ssid, - # Custom fields wrapping nixpkgs module options - hasPassword ? false, - scanOnLowSignal ? false, - randomizeMac ? false, - ... - }: { - ${ssid} = lib.mkMerge [ - (builtins.removeAttrs networkArgs ["ssid" "hasPassword" "scanOnLowSignal" "randomizeMac"]) - (lib.optionalAttrs hasPassword { - pskRaw = "ext:${escapePwdKey ssid}"; - }) - (lib.optionalAttrs scanOnLowSignal { - extraConfig = '' - bgscan="simple:30:-70:3600" - ''; - }) - (lib.optionalAttrs randomizeMac { - extraConfig = '' - mac_addr=1 - ''; - }) - ]; - }; + extraConfig = value: conf: conf // {extraConfig = conf.extraConfig or "" + value;}; + randomizeMac = lib.mapAttrs (_: extraConfig "mac_addr=1\n"); + roaming = lib.mapAttrs (_: extraConfig "bgscan=\"simple:30:-70:3600\"\n"); + + hasPsk = let + # wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`. + escapePwdKey = lib.replaceStrings ["="] ["_"]; in - lib.mkMerge (map go ns); + lib.mapAttrs (name: conf: conf // {pskRaw = "ext:${escapePwdKey conf.ssid or name}";}); in - fromList [ - { - ssid = "~"; - priority = privatePriority; - hasPassword = true; - } - { - ssid = "Pei’s Wifi"; - priority = privatePriority; - hasPassword = true; - } - { - ssid = "girlypop-net"; - priority = privatePriority; - hasPassword = true; - } + lib.mkMerge [ + (properties [private hasPsk] + (networks [ + "~" + "Pei’s Wifi" + "girlypop-net" + ])) + (properties [private roaming hasPsk] + (networks [ + "annapurna" + "5526-1" + ])) - { - ssid = "annapurna"; - priority = privatePriority; - hasPassword = true; - scanOnLowSignal = true; - } - { - ssid = "5526-1"; # TODO: set bssid preference ? - priority = privatePriority; - hasPassword = true; - scanOnLowSignal = true; - } + # + # School + # + (properties [private roaming] + { + eduroam = { + authProtocols = ["WPA-EAP"]; + auth = '' + pairwise=CCMP + group=CCMP TKIP + eap=PEAP + ca_cert="${./certs/universite_de_rennes.pem}" + identity="ychiang@etudiant.univ-rennes.fr" + altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr" + phase2="auth=MSCHAPV2" + password=ext:EDUROAM + anonymous_identity="anonymous@univ-rennes.fr" + ''; + }; + }) - { - ssid = "eduroam"; - priority = privatePriority; - scanOnLowSignal = true; + # + # Cafés + # + (properties [private randomizeMac hasPsk] + (networks [ + "A-WAY" + "CAT.jpgcafe" + "LOUISA" # 區公所 + "LouisaCoffee" # 七張 + "MetroTaipei x Louisa" # 大安 + ])) - authProtocols = ["WPA-EAP"]; - auth = '' - pairwise=CCMP - group=CCMP TKIP - eap=PEAP - ca_cert="${./certs/universite_de_rennes.pem}" - identity="ychiang@etudiant.univ-rennes.fr" - altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr" - phase2="auth=MSCHAPV2" - password=ext:EDUROAM - anonymous_identity="anonymous@univ-rennes.fr" - ''; - } + # + # Open networks + # + # + # Use this link to do portal login + # http://detectportal.firefox.com/canonical.html + (properties [randomizeMac] + (networks [ + # Transport + "_SNCF_WIFI_INOUI" + "_WIFI_LYRIA" + "EurostarTrainsWiFi" + "SBB-FREE" + "AOT Airport Free Wi-Fi by NT" - { - ssid = "A-WAY"; - priority = privatePriority; - hasPassword = true; - randomizeMac = true; - } - { - ssid = "CAT.jpgcafe"; - priority = privatePriority; - hasPassword = true; - randomizeMac = true; - } - { - ssid = "LOUISA"; # 區公所 - priority = privatePriority; - hasPassword = true; - randomizeMac = true; - } - { - ssid = "LouisaCoffee"; # 七張 - priority = privatePriority; - hasPassword = true; - randomizeMac = true; - } - { - ssid = "MetroTaipei x Louisa"; # 大安 - priority = privatePriority; - hasPassword = true; - randomizeMac = true; - } + # Library + "NewTaipei" - {ssid = "_SNCF_WIFI_INOUI";} - {ssid = "_WIFI_LYRIA";} - {ssid = "EurostarTrainsWiFi";} - {ssid = "SBB-FREE";} - {ssid = "AOT Airport Free Wi-Fi by NT";} - {ssid = "NewTaipei";} - {ssid = "Fami-WiFi";} + "Fami-WiFi" + ])) - { - ssid = "iPhone de Léana 江"; - priority = limitedPriority; - hasPassword = true; - } + # + # Phones + # + (properties [limited hasPsk] + (networks [ + "iPhone de Léana 江" + ])) ]; }; }; @@ -201,25 +165,6 @@ lb_strategy = "p2"; lb_estimator = true; - # Prevent building up reliance on chatbots - # Gotta preserve that thinking ability of my smoof bwain - blocked_names = { - blocked_names_file = let - sources = import ../../../../npins; - ai-blocklist = sources.ai-blocklist + "/noai_hosts.txt"; - - # Blocklists are made of one pattern per line. - # https://github.com/DNSCrypt/dnscrypt-proxy/blob/fa59f990431a49b6485f63f96601bc7e64017bf8/dnscrypt-proxy/example-dnscrypt-proxy.toml#L583C4-L583C75 - blocked_names = lib.pipe (builtins.readFile ai-blocklist) [ - (lib.replaceStrings ["\r\n"] ["\n"]) # convert to unix ending just in case - (lib.splitString "\n") - (builtins.filter (x: ! (x == "" || lib.hasPrefix "#" x))) - (builtins.map (x: builtins.elemAt (lib.splitString " " x) 1)) # remove 0.0.0.0 - ]; - in - pkgs.writeText "no-ai-blocklist" (builtins.concatStringsSep "\n" blocked_names); - }; - # Add this to test if dnscrypt-proxy is actually used to resolve DNS requests # query_log.file = "/var/log/dnscrypt-proxy/query.log"; sources.public-resolvers = { diff --git a/nix/configurations/vanadium/nixos/display.nix b/nix/configurations/vanadium/nixos/display.nix index 94d31e1c..fbc65165 100644 --- a/nix/configurations/vanadium/nixos/display.nix +++ b/nix/configurations/vanadium/nixos/display.nix @@ -29,8 +29,8 @@ services.autorandr = { enable = true; hooks.postswitch = { - "10_xmobar" = "${lib.getExe' pkgs.toybox "pkill"} xmobar"; # make sure there are no duplicated xmobar - "20_xmonad" = "${lib.getExe pkgs.haskellPackages.xmonad} --restart"; # make sure feh keeps up + "10_xmobar" = "pkill xmobar"; # make sure there are no duplicated xmobar + "20_xmonad" = "xmonad --restart"; # make sure feh keeps up }; profiles = let diff --git a/nix/nixosModules/common/xscreensaver.nix b/nix/nixosModules/common/xscreensaver.nix index 2d18a6a1..2359f830 100644 --- a/nix/nixosModules/common/xscreensaver.nix +++ b/nix/nixosModules/common/xscreensaver.nix @@ -34,7 +34,6 @@ in { cfg.hooks; in '' xscreensaver-command -watch | while read event rest; do - echo "The handler script got \"$event\"" case $event in ${handlers} esac diff --git a/npins/sources.json b/npins/sources.json index c81b44a7..e8245080 100644 --- a/npins/sources.json +++ b/npins/sources.json @@ -16,20 +16,6 @@ "url": "https://api.github.com/repos/ryantm/agenix/tarball/0.15.0", "hash": "01dhrghwa7zw93cybvx4gnrskqk97b004nfxgsys0736823956la" }, - "ai-blocklist": { - "type": "Git", - "repository": { - "type": "GitHub", - "owner": "laylavish", - "repo": "uBlockOrigin-HUGE-AI-Blocklist" - }, - "branch": "main", - "submodules": false, - "revision": "9bb188e2701138e03f73bacebd6b19b181ca0012", - "url": "https://github.com/laylavish/uBlockOrigin-HUGE-AI-Blocklist/archive/9bb188e2701138e03f73bacebd6b19b181ca0012.tar.gz", - "hash": "0h318ckx8l89bff1fv4xg6mmhkvpfhyhvzbr0iyaa7q3dx3iyz57", - "frozen": true - }, "disko": { "type": "GitRelease", "repository": { @@ -221,9 +207,9 @@ }, "branch": "master", "submodules": false, - "revision": "d6645c340ef7d821602fd2cd199e8d1eed10afbc", - "url": "https://github.com/NixOS/nixos-hardware/archive/d6645c340ef7d821602fd2cd199e8d1eed10afbc.tar.gz", - "hash": "0m84zxwanfq34j568w4xkvip5hwpwbhsk46xjvnl063y77i54vfs" + "revision": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903", + "url": "https://github.com/NixOS/nixos-hardware/archive/9ed85f8afebf2b7478f25db0a98d0e782c0ed903.tar.gz", + "hash": "19cld3jnzxjw92b91hra3qxx41yhxwl635478rqp0k4nl9ak2snq" }, "nixpkgs": { "type": "Git", @@ -234,9 +220,9 @@ }, "branch": "nixos-25.05-small", "submodules": false, - "revision": "4d9bd66e3ea558621ae800445e9302a2aa1bb687", - "url": "https://github.com/NixOS/nixpkgs/archive/4d9bd66e3ea558621ae800445e9302a2aa1bb687.tar.gz", - "hash": "0dzq4bp8qamilabyy014qsjivr2ga7348da5fjiqbkp7y7fhbdk0" + "revision": "f2ee78c4eb601be36a277e1779a7a87655419dad", + "url": "https://github.com/NixOS/nixpkgs/archive/f2ee78c4eb601be36a277e1779a7a87655419dad.tar.gz", + "hash": "0g5m7bhqw01a950xga0w246al2cy11pqd0dq763whw5sbqfadr59" }, "nur": { "type": "Git", @@ -247,9 +233,9 @@ }, "branch": "main", "submodules": false, - "revision": "e68fcda79871132cb42777c15a2c4a3ea563cad6", - "url": "https://github.com/nix-community/nur/archive/e68fcda79871132cb42777c15a2c4a3ea563cad6.tar.gz", - "hash": "0qng617rx1b5vifnigrhshlsb7rviwaii2czbpgbi8ljyivw10v0" + "revision": "68f4e0f40dfafa9bc9ae50b18685befac76ebcd4", + "url": "https://github.com/nix-community/nur/archive/68f4e0f40dfafa9bc9ae50b18685befac76ebcd4.tar.gz", + "hash": "04p7vqixrbyjnr9nnm3p4k37137f5nm6daly2q2yfci1p1a35qjc" }, "pin-emacs28": { "type": "Git",