upd idk ayuogram

derivations/nu_plugin_dns.nix

@@ -0,0 +1,23 @@
+{ lib, fetchFromGitHub, rustPlatform }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "nu_plugin_dns";
+  version = "v1.0.5";
+  doCheck = false;
+
+  src = fetchFromGitHub {
+    owner = "dead10ck";
+    repo = pname;
+    rev = version;
+    sha256 = "sha256-Qnj0oe+OnxlGoah7kr1ni50iKC0xCQ5fFC2GQ8iHqDc=";
+  };
+
+  cargoSha256 = "sha256-JEZ7Ng+woHEkCDzcUUqrQvl9cM7kiUtdLmZUidC3Vxs=";
+
+  meta = with lib; {
+    description = "DNS utility for nushell";
+    homepage = "https://github.com/dead10ck/nu_plugin_dns";
+    license = licenses.mpl20;
+    maintainers = [ ];
+  };
+}

home/home.nix

@@ -49,11 +49,14 @@
     wl-clipboard-x11
     (callPackage ../derivations/audiorelay.nix { })
     (callPackage ../derivations/spotify.nix { })
+    (callPackage ../derivations/nu_plugin_dns.nix { })
     xorg.xwininfo
     jq
   ]) ++ (with unstable; [
     xfce.thunar
     rustdesk-flutter
+    autossh
+    scrcpy
     nixfmt
     btop
     htop

home/scripts.nix

@@ -11,10 +11,14 @@ let
 
     result=$(${pkgs.gnome.zenity}/bin/zenity --forms --title="Configuration" \
       --text="Please configure your settings" \
-    --add-combo="Browser:" --combo-values="google_chrome|chromium" \
+      --add-combo="Browser:" --combo-values="google_chrome|ungoogled_chromium|firefox" \
       --add-combo="Network Interface:" --combo-values="default|"$interfaces \
       --add-combo="DNS Server:" --combo-values="dhcp|1.1.1.1|8.8.8.8|77.88.8.1")
 
+    if [[ -z $result ]]; then
+      exit 1
+    fi
+
     browser=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f1)
     interface=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f2) 
     dns=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f3)
@@ -28,28 +32,36 @@ let
     ${pkgs.coreutils}/bin/mkdir -p /tmp/ephemeralbrowser
   
     if [[ $browser == "google_chrome" ]]; then
-    browser_path="${pkgs.google-chrome}/bin/google-chrome-stable"
+      browser_path="${pkgs.google-chrome}/bin/google-chrome-stable https://ifconfig.me"
       profile="google-chrome"
-  elif [[ $browser == "chromium" ]]; then
+    elif [[ $browser == "ungoogled_chromium" ]]; then
-    browser_path="${pkgs.chromium}/bin/chromium"
+      browser_path="${pkgs.ungoogled-chromium}/bin/chromium https://ifconfig.me"
       profile="chromium"
+    elif [[ $browser == "firefox" ]]; then
+      browser_path="${pkgs.firefox}/bin/firefox -no-remote https://ifconfig.me"
+      profile="firefox"
     fi
 
     ${pkgs.libnotify}/bin/notify-send --icon=google-chrome-unstable "Ephemeral Browser" "$browser | $interface | $dns" 
 
+    # FOR SOME FUCKING REASON https://github.com/netblue30/firejail/issues/2869#issuecomment-546579293
     if [[ $interface != "default" ]]; then
-    firejail --ignore='include whitelist-run-common.inc' \
+      firejail \
+        --ignore='include whitelist-run-common.inc' \
+        --blacklist='/var/run/nscd' \
         --private=/tmp/ephemeralbrowser \
         --profile="$profile" \
         --net="$interface" \
         --dns="$dns" \
-      "$browser_path" https://ifconfig.me
+        bash -c "$browser_path"
     else
-    firejail --ignore='include whitelist-run-common.inc' \
+      firejail \
+        --ignore='include whitelist-run-common.inc' \
+        --blacklist='/var/run/nscd' \
         --private=/tmp/ephemeralbrowser \
         --profile="$profile" \
         --dns="$dns" \
-      "$browser_path" https://ifconfig.me
+        bash -c "$browser_path"
     fi
   '';
 

hosts/dlaptop/configuration.nix

@@ -2,7 +2,7 @@
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
-{ inputs, stable, unstable, config, pkgs, age, ... }:
+{ inputs, stable, unstable, config, pkgs, age, lib, ... }:
 
 {
   time.timeZone = "Europe/Moscow";
@@ -39,30 +39,59 @@
   environment.sessionVariables = {
     QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
     QT_QPA_PLATFORM = "wayland";
-    STEAM_FORCE_DESKTOPUI_SCALING = "2";
+    STEAM_FORCE_DESKTOPUI_SCALING = "1";
     NIXOS_OZONE_WL = "1";
   };
 
-  services.dnscrypt-proxy2 = {
+  #services.dnscrypt-proxy2 = {
-    enable = true;
+  #  enable = true;
-    settings = {
+  #  settings = {
-      ipv6_servers = true;
+  #    ipv6_servers = true;
-      require_dnssec = true;
+  #    require_dnssec = true;
-      server_names = [ "cloudflare" ];
+  #    server_names = [ "cloudflare" ];
-    };
+  #  };
-  };
+  #};
-
-  systemd.services.dnscrypt-proxy2.serviceConfig = {
-    StateDirectory = "dnscrypt-proxy";
-  };
 
+  users.groups.no-net = {};
+  #services.connman.wifi.backend = "iwd";
   networking = {
     hostName = "dlaptop";
-    nameservers = [ "127.0.0.1" "::1" ];
+    nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ];
     networkmanager.dns = "none"; 
     networkmanager.enable = true;
+    #wireless.iwd.enable = true;
+    #networkmanager.wifi.backend = "iwd";
+    useDHCP = lib.mkDefault true;
+    interfaces.wlp1s0.proxyARP = true;
+    iproute2.enable = true;
     firewall = {
-      enable = false;
+      enable = true;
+      allowedTCPPorts = [
+        # qbittorrent
+        4780 
+        # audiorelay
+        59100
+        # localsend
+        53317
+        #syncthing
+        22000
+      ];
+      allowedUDPPorts = [
+        # audiorelay
+        59100
+        59200
+        # localsend
+        53317
+        #syncthing
+        22000
+        21027
+      ];
+      allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect
+      allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
+      checkReversePath = "loose";
+      extraCommands = ''
+        iptables -A OUTPUT -m owner --gid-owner no-net -j REJECT
+      '';
     };
   };
 
@@ -159,6 +188,7 @@
   hardware.pulseaudio.enable = false;
 
   services.tailscale.enable = true;
+  services.syncthing.enable = true;
   services.blueman.enable = true;
   services.tumbler.enable = true;
   services.gvfs.enable = true;
@@ -229,7 +259,9 @@
     gnomeExtensions.tiling-assistant
     #gnomeExtensions.wintile-windows-10-window-tiling-for-gnome
     gnomeExtensions.advanced-alttab-window-switcher
+    gnomeExtensions.syncthing-indicator
     gnome.gnome-tweaks
+    
     mojave-gtk-theme
     adw-gtk3
     any-nix-shell
@@ -246,6 +278,7 @@
     #firefox_nightly
     #inputs.anyrun.packages.${pkgs.system}.anyrun
     inputs.telegram-desktop-patched-unstable.packages.${pkgs.system}.default
+    inputs.ayugram-desktop.packages.${pkgs.system}.default
     inputs.agenix.packages.x86_64-linux.default
   ];
 

hosts/generic.nix

@@ -54,8 +54,19 @@ in {
     git
     micro
     nano
+    fishPlugins.grc
+    fishPlugins.autopair
+    fishPlugins.z
+    #fishPlugins.tide
+    #fishPlugins.hydro
+    fishPlugins.fzf-fish
+    fishPlugins.sponge
+    grc
     unstable.nh
     any-nix-shell
+    dnsutils
+    inetutils
+    killall
   ];
 
   programs.command-not-found.enable = false;
@@ -64,11 +75,13 @@ in {
     shellAliases = {
       rebuild = "nh os switch";
       rollback = "sudo nixos-rebuild switch --rollback --flake ~/Documents/dotfiles/";
+      haste = "HASTE_SERVER='https://haste.delch.workers.dev' ${pkgs.haste-client}/bin/haste";
     };
     promptInit = ''
       set TERM "xterm-256color"
       set fish_greeting
-      any-nix-shell fish --info-right | source
+      ${pkgs.any-nix-shell}/bin/any-nix-shell fish --info-right | source  
+      #tide configure --auto --style=Lean --prompt_colors='16 colors' --show_time=No --lean_prompt_height='Two lines' --prompt_connection=Disconnected --prompt_spacing=Compact --icons='Few icons' --transient=No 
     '';
   };
   users.defaultUserShell = pkgs.fish;