nix/configurations/vanadium/home/xmobar/xmobar.hs

@@ -77,7 +77,6 @@ config =
               , "--target", "2025-10-13=no teef"
               , "--target", "2025-10-31=dragon book"
               , "--target", "2025-11-29=à deux"
-              , "--target", "2025-12-16=dragon book²"
               , "--target", "2025-12-30=seule"
               ]
               ""

nix/configurations/vanadium/nixos/connectivity.nix

@@ -38,134 +38,98 @@
       secretsFile = config.age.secrets.wpa_password.path;
       scanOnLowSignal = false;
       networks = let
-        # wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`.
+        properties = lib.flip lib.pipe;
-        escapePwdKey = lib.replaceStrings ["="] ["_"];
+        networks = lib.flip lib.genAttrs (_: {});
 
-        privatePriority = 10;
+        # The higher the more preferred
-        limitedPriority = -10;
+        setPrio = i: lib.mapAttrs (_: conf: conf // {priority = i;});
+        private = setPrio 10;
+        limited = setPrio (-10);
 
-        fromList = ns: let
+        extraConfig = value: conf: conf // {extraConfig = conf.extraConfig or "" + value;};
-          go = networkArgs @ {
+        randomizeMac = lib.mapAttrs (_: extraConfig "mac_addr=1\n");
-            ssid,
+        roaming = lib.mapAttrs (_: extraConfig "bgscan=\"simple:30:-70:3600\"\n");
-            # Custom fields wrapping nixpkgs module options
+
-            hasPassword ? false,
+        hasPsk = let
-            scanOnLowSignal ? false,
+          # wpa_supplicant uses `strchr` to seek to the first `=`, so the only forbidden character is `=`.
-            randomizeMac ? false,
+          escapePwdKey = lib.replaceStrings ["="] ["_"];
-            ...
-          }: {
-            ${ssid} = lib.mkMerge [
-              (builtins.removeAttrs networkArgs ["ssid" "hasPassword" "scanOnLowSignal" "randomizeMac"])
-              (lib.optionalAttrs hasPassword {
-                pskRaw = "ext:${escapePwdKey ssid}";
-              })
-              (lib.optionalAttrs scanOnLowSignal {
-                extraConfig = ''
-                  bgscan="simple:30:-70:3600"
-                '';
-              })
-              (lib.optionalAttrs randomizeMac {
-                extraConfig = ''
-                  mac_addr=1
-                '';
-              })
-            ];
-          };
         in
-          lib.mkMerge (map go ns);
+          lib.mapAttrs (name: conf: conf // {pskRaw = "ext:${escapePwdKey conf.ssid or name}";});
       in
-        fromList [
+        lib.mkMerge [
-          {
+          (properties [private hasPsk]
-            ssid = "~";
+            (networks [
-            priority = privatePriority;
+              "~"
-            hasPassword = true;
+              "Pei’s Wifi"
-          }
+              "girlypop-net"
-          {
+            ]))
-            ssid = "Pei’s Wifi";
+          (properties [private roaming hasPsk]
-            priority = privatePriority;
+            (networks [
-            hasPassword = true;
+              "annapurna"
-          }
+              "5526-1"
-          {
+            ]))
-            ssid = "girlypop-net";
-            priority = privatePriority;
-            hasPassword = true;
-          }
 
-          {
+          #
-            ssid = "annapurna";
+          # School
-            priority = privatePriority;
+          #
-            hasPassword = true;
+          (properties [private roaming]
-            scanOnLowSignal = true;
+            {
-          }
+              eduroam = {
-          {
+                authProtocols = ["WPA-EAP"];
-            ssid = "5526-1"; # TODO: set bssid preference ?
+                auth = ''
-            priority = privatePriority;
+                  pairwise=CCMP
-            hasPassword = true;
+                  group=CCMP TKIP
-            scanOnLowSignal = true;
+                  eap=PEAP
-          }
+                  ca_cert="${./certs/universite_de_rennes.pem}"
+                  identity="ychiang@etudiant.univ-rennes.fr"
+                  altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr"
+                  phase2="auth=MSCHAPV2"
+                  password=ext:EDUROAM
+                  anonymous_identity="anonymous@univ-rennes.fr"
+                '';
+              };
+            })
 
-          {
+          #
-            ssid = "eduroam";
+          # Cafés
-            priority = privatePriority;
+          #
-            scanOnLowSignal = true;
+          (properties [private randomizeMac hasPsk]
+            (networks [
+              "A-WAY"
+              "CAT.jpgcafe"
+              "LOUISA" # 區公所
+              "LouisaCoffee" # 七張
+              "MetroTaipei x Louisa" # 大安
+            ]))
 
-            authProtocols = ["WPA-EAP"];
+          #
-            auth = ''
+          # Open networks
-              pairwise=CCMP
+          #
-              group=CCMP TKIP
+          #
-              eap=PEAP
+          # Use this link to do portal login
-              ca_cert="${./certs/universite_de_rennes.pem}"
+          # http://detectportal.firefox.com/canonical.html
-              identity="ychiang@etudiant.univ-rennes.fr"
+          (properties [randomizeMac]
-              altsubject_match="DNS:radius.univ-rennes1.fr;DNS:radius1.univ-rennes1.fr;DNS:radius2.univ-rennes1.fr;DNS:vmradius-psf1.univ-rennes1.fr;DNS:vmradius-psf2.univ-rennes1.fr"
+            (networks [
-              phase2="auth=MSCHAPV2"
+              # Transport
-              password=ext:EDUROAM
+              "_SNCF_WIFI_INOUI"
-              anonymous_identity="anonymous@univ-rennes.fr"
+              "_WIFI_LYRIA"
-            '';
+              "EurostarTrainsWiFi"
-          }
+              "SBB-FREE"
+              "AOT Airport Free Wi-Fi by NT"
 
-          {
+              # Library
-            ssid = "A-WAY";
+              "NewTaipei"
-            priority = privatePriority;
-            hasPassword = true;
-            randomizeMac = true;
-          }
-          {
-            ssid = "CAT.jpgcafe";
-            priority = privatePriority;
-            hasPassword = true;
-            randomizeMac = true;
-          }
-          {
-            ssid = "LOUISA"; # 區公所
-            priority = privatePriority;
-            hasPassword = true;
-            randomizeMac = true;
-          }
-          {
-            ssid = "LouisaCoffee"; # 七張
-            priority = privatePriority;
-            hasPassword = true;
-            randomizeMac = true;
-          }
-          {
-            ssid = "MetroTaipei x Louisa"; # 大安
-            priority = privatePriority;
-            hasPassword = true;
-            randomizeMac = true;
-          }
 
-          {ssid = "_SNCF_WIFI_INOUI";}
+              "Fami-WiFi"
-          {ssid = "_WIFI_LYRIA";}
+            ]))
-          {ssid = "EurostarTrainsWiFi";}
-          {ssid = "SBB-FREE";}
-          {ssid = "AOT Airport Free Wi-Fi by NT";}
-          {ssid = "NewTaipei";}
-          {ssid = "Fami-WiFi";}
 
-          {
+          #
-            ssid = "iPhone de Léana 江";
+          # Phones
-            priority = limitedPriority;
+          #
-            hasPassword = true;
+          (properties [limited hasPsk]
-          }
+            (networks [
+              "iPhone de Léana 江"
+            ]))
         ];
     };
   };
@@ -201,25 +165,6 @@
       lb_strategy = "p2";
       lb_estimator = true;
 
-      # Prevent building up reliance on chatbots
-      # Gotta preserve that thinking ability of my smoof bwain
-      blocked_names = {
-        blocked_names_file = let
-          sources = import ../../../../npins;
-          ai-blocklist = sources.ai-blocklist + "/noai_hosts.txt";
-
-          # Blocklists are made of one pattern per line.
-          # https://github.com/DNSCrypt/dnscrypt-proxy/blob/fa59f990431a49b6485f63f96601bc7e64017bf8/dnscrypt-proxy/example-dnscrypt-proxy.toml#L583C4-L583C75
-          blocked_names = lib.pipe (builtins.readFile ai-blocklist) [
-            (lib.replaceStrings ["\r\n"] ["\n"]) # convert to unix ending just in case
-            (lib.splitString "\n")
-            (builtins.filter (x: ! (x == "" || lib.hasPrefix "#" x)))
-            (builtins.map (x: builtins.elemAt (lib.splitString " " x) 1)) # remove 0.0.0.0
-          ];
-        in
-          pkgs.writeText "no-ai-blocklist" (builtins.concatStringsSep "\n" blocked_names);
-      };
-
       # Add this to test if dnscrypt-proxy is actually used to resolve DNS requests
       # query_log.file = "/var/log/dnscrypt-proxy/query.log";
       sources.public-resolvers = {

nix/configurations/vanadium/nixos/display.nix

@@ -29,8 +29,8 @@
   services.autorandr = {
     enable = true;
     hooks.postswitch = {
-      "10_xmobar" = "${lib.getExe' pkgs.toybox "pkill"} xmobar"; # make sure there are no duplicated xmobar
+      "10_xmobar" = "pkill xmobar"; # make sure there are no duplicated xmobar
-      "20_xmonad" = "${lib.getExe pkgs.haskellPackages.xmonad} --restart"; # make sure feh keeps up
+      "20_xmonad" = "xmonad --restart"; # make sure feh keeps up
     };
 
     profiles = let

nix/nixosModules/common/xscreensaver.nix

@@ -34,7 +34,6 @@ in {
             cfg.hooks;
         in ''
           xscreensaver-command -watch | while read event rest; do
-            echo "The handler script got \"$event\""
             case $event in
               ${handlers}
             esac

npins/sources.json

@@ -16,20 +16,6 @@
       "url": "https://api.github.com/repos/ryantm/agenix/tarball/0.15.0",
       "hash": "01dhrghwa7zw93cybvx4gnrskqk97b004nfxgsys0736823956la"
     },
-    "ai-blocklist": {
-      "type": "Git",
-      "repository": {
-        "type": "GitHub",
-        "owner": "laylavish",
-        "repo": "uBlockOrigin-HUGE-AI-Blocklist"
-      },
-      "branch": "main",
-      "submodules": false,
-      "revision": "9bb188e2701138e03f73bacebd6b19b181ca0012",
-      "url": "https://github.com/laylavish/uBlockOrigin-HUGE-AI-Blocklist/archive/9bb188e2701138e03f73bacebd6b19b181ca0012.tar.gz",
-      "hash": "0h318ckx8l89bff1fv4xg6mmhkvpfhyhvzbr0iyaa7q3dx3iyz57",
-      "frozen": true
-    },
     "disko": {
       "type": "GitRelease",
       "repository": {
@@ -221,9 +207,9 @@
       },
       "branch": "master",
       "submodules": false,
-      "revision": "d6645c340ef7d821602fd2cd199e8d1eed10afbc",
+      "revision": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903",
-      "url": "https://github.com/NixOS/nixos-hardware/archive/d6645c340ef7d821602fd2cd199e8d1eed10afbc.tar.gz",
+      "url": "https://github.com/NixOS/nixos-hardware/archive/9ed85f8afebf2b7478f25db0a98d0e782c0ed903.tar.gz",
-      "hash": "0m84zxwanfq34j568w4xkvip5hwpwbhsk46xjvnl063y77i54vfs"
+      "hash": "19cld3jnzxjw92b91hra3qxx41yhxwl635478rqp0k4nl9ak2snq"
     },
     "nixpkgs": {
       "type": "Git",
@@ -234,9 +220,9 @@
       },
       "branch": "nixos-25.05-small",
       "submodules": false,
-      "revision": "4d9bd66e3ea558621ae800445e9302a2aa1bb687",
+      "revision": "f2ee78c4eb601be36a277e1779a7a87655419dad",
-      "url": "https://github.com/NixOS/nixpkgs/archive/4d9bd66e3ea558621ae800445e9302a2aa1bb687.tar.gz",
+      "url": "https://github.com/NixOS/nixpkgs/archive/f2ee78c4eb601be36a277e1779a7a87655419dad.tar.gz",
-      "hash": "0dzq4bp8qamilabyy014qsjivr2ga7348da5fjiqbkp7y7fhbdk0"
+      "hash": "0g5m7bhqw01a950xga0w246al2cy11pqd0dq763whw5sbqfadr59"
     },
     "nur": {
       "type": "Git",
@@ -247,9 +233,9 @@
       },
       "branch": "main",
       "submodules": false,
-      "revision": "e68fcda79871132cb42777c15a2c4a3ea563cad6",
+      "revision": "68f4e0f40dfafa9bc9ae50b18685befac76ebcd4",
-      "url": "https://github.com/nix-community/nur/archive/e68fcda79871132cb42777c15a2c4a3ea563cad6.tar.gz",
+      "url": "https://github.com/nix-community/nur/archive/68f4e0f40dfafa9bc9ae50b18685befac76ebcd4.tar.gz",
-      "hash": "0qng617rx1b5vifnigrhshlsb7rviwaii2czbpgbi8ljyivw10v0"
+      "hash": "04p7vqixrbyjnr9nnm3p4k37137f5nm6daly2q2yfci1p1a35qjc"
     },
     "pin-emacs28": {
       "type": "Git",