upd idk ayuogram

2025-12-06 07:16:37 +03:00 · 2024-03-12 16:03:57 +03:00 · 2024-03-12 16:03:57 +03:00 · 4608c137ec
parent 547c582aef
commit 4608c137ec
5 changed files with 141 additions and 57 deletions
--- a/derivations/nu_plugin_dns.nix
+++ b/derivations/nu_plugin_dns.nix
@ -0,0 +1,23 @@
+{ lib, fetchFromGitHub, rustPlatform }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "nu_plugin_dns";
+  version = "v1.0.5";
+  doCheck = false;
+
+  src = fetchFromGitHub {
+    owner = "dead10ck";
+    repo = pname;
+    rev = version;
+    sha256 = "sha256-Qnj0oe+OnxlGoah7kr1ni50iKC0xCQ5fFC2GQ8iHqDc=";
+  };
+
+  cargoSha256 = "sha256-JEZ7Ng+woHEkCDzcUUqrQvl9cM7kiUtdLmZUidC3Vxs=";
+
+  meta = with lib; {
+    description = "DNS utility for nushell";
+    homepage = "https://github.com/dead10ck/nu_plugin_dns";
+    license = licenses.mpl20;
+    maintainers = [ ];
+  };
+}
--- a/home/home.nix
+++ b/home/home.nix
@ -49,11 +49,14 @@
    wl-clipboard-x11
    (callPackage ../derivations/audiorelay.nix { })
    (callPackage ../derivations/spotify.nix { })
+    (callPackage ../derivations/nu_plugin_dns.nix { })
    xorg.xwininfo
    jq
  ]) ++ (with unstable; [
    xfce.thunar
    rustdesk-flutter
+    autossh
+    scrcpy
    nixfmt
    btop
    htop
--- a/home/scripts.nix
+++ b/home/scripts.nix
@ -2,55 +2,67 @@

 let 
  ephemeralbrowser = pkgs.writeScriptBin "ephemeralbrowser" ''
-  #!/usr/bin/env bash
+    #!/usr/bin/env bash

-  default_interface=$(${pkgs.iproute2}/bin/ip route show default | ${pkgs.gawk}/bin/awk '/default/ {print $5}')
-  interfaces=$(${pkgs.iproute2}/bin/ip -o -4 addr show | ${pkgs.gawk}/bin/awk '$4 ~ /\/24/ {print $2}' | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/|/g')
+    default_interface=$(${pkgs.iproute2}/bin/ip route show default | ${pkgs.gawk}/bin/awk '/default/ {print $5}')
+    interfaces=$(${pkgs.iproute2}/bin/ip -o -4 addr show | ${pkgs.gawk}/bin/awk '$4 ~ /\/24/ {print $2}' | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/|/g')

-  # The difference between default_interface and and default chose option is that default_interface is used to get dhcp from it, and default is for leave network as is without tweaking it (e.g. VPN/proxy/whatever)
+    # The difference between default_interface and and default chose option is that default_interface is used to get dhcp from it, and default is for leave network as is without tweaking it (e.g. VPN/proxy/whatever)

-  result=$(${pkgs.gnome.zenity}/bin/zenity --forms --title="Configuration" \
-    --text="Please configure your settings" \
-    --add-combo="Browser:" --combo-values="google_chrome|chromium" \
-    --add-combo="Network Interface:" --combo-values="default|"$interfaces \
-    --add-combo="DNS Server:" --combo-values="dhcp|1.1.1.1|8.8.8.8|77.88.8.1")
+    result=$(${pkgs.gnome.zenity}/bin/zenity --forms --title="Configuration" \
+      --text="Please configure your settings" \
+      --add-combo="Browser:" --combo-values="google_chrome|ungoogled_chromium|firefox" \
+      --add-combo="Network Interface:" --combo-values="default|"$interfaces \
+      --add-combo="DNS Server:" --combo-values="dhcp|1.1.1.1|8.8.8.8|77.88.8.1")

-  browser=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f1)
-  interface=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f2)
-  dns=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f3)
+    if [[ -z $result ]]; then
+      exit 1
+    fi

-  if [[ $dns == "dhcp" ]]; then
-    ${pkgs.coreutils}/bin/echo "Getting DNS from DHCP..."
-    dns=$(${pkgs.networkmanager}/bin/nmcli device show $default_interface | ${pkgs.gnugrep}/bin/grep 'IP4.DNS\[1\]' | ${pkgs.coreutils}/bin/head -n 1 | ${pkgs.gawk}/bin/awk '{print $2}')
-    ${pkgs.coreutils}/bin/echo "DHCP's dns is $dns"
-  fi
+    browser=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f1)
+    interface=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f2) 
+    dns=$(${pkgs.coreutils}/bin/echo "$result" | cut -d'|' -f3)

-  ${pkgs.coreutils}/bin/mkdir -p /tmp/ephemeralbrowser
+    if [[ $dns == "dhcp" ]]; then
+      ${pkgs.coreutils}/bin/echo "Getting DNS from DHCP..."
+      dns=$(${pkgs.networkmanager}/bin/nmcli device show $default_interface | ${pkgs.gnugrep}/bin/grep 'IP4.DNS\[1\]' | ${pkgs.coreutils}/bin/head -n 1 | ${pkgs.gawk}/bin/awk '{print $2}')
+      ${pkgs.coreutils}/bin/echo "DHCP's dns is $dns"
+    fi

-  if [[ $browser == "google_chrome" ]]; then
-    browser_path="${pkgs.google-chrome}/bin/google-chrome-stable"
-    profile="google-chrome"
-  elif [[ $browser == "chromium" ]]; then
-    browser_path="${pkgs.chromium}/bin/chromium"
-    profile="chromium"
-  fi
+    ${pkgs.coreutils}/bin/mkdir -p /tmp/ephemeralbrowser
+  
+    if [[ $browser == "google_chrome" ]]; then
+      browser_path="${pkgs.google-chrome}/bin/google-chrome-stable https://ifconfig.me"
+      profile="google-chrome"
+    elif [[ $browser == "ungoogled_chromium" ]]; then
+      browser_path="${pkgs.ungoogled-chromium}/bin/chromium https://ifconfig.me"
+      profile="chromium"
+    elif [[ $browser == "firefox" ]]; then
+      browser_path="${pkgs.firefox}/bin/firefox -no-remote https://ifconfig.me"
+      profile="firefox"
+    fi

-  ${pkgs.libnotify}/bin/notify-send --icon=google-chrome-unstable "Ephemeral Browser" "$browser | $interface | $dns" 
+    ${pkgs.libnotify}/bin/notify-send --icon=google-chrome-unstable "Ephemeral Browser" "$browser | $interface | $dns" 

-  if [[ $interface != "default" ]]; then
-    firejail --ignore='include whitelist-run-common.inc' \
-      --private=/tmp/ephemeralbrowser \
-      --profile="$profile" \
-      --net="$interface" \
-      --dns="$dns" \
-      "$browser_path" https://ifconfig.me
-  else
-    firejail --ignore='include whitelist-run-common.inc' \
-      --private=/tmp/ephemeralbrowser \
-      --profile="$profile" \
-      --dns="$dns" \
-      "$browser_path" https://ifconfig.me
-  fi
+    # FOR SOME FUCKING REASON https://github.com/netblue30/firejail/issues/2869#issuecomment-546579293
+    if [[ $interface != "default" ]]; then
+      firejail \
+        --ignore='include whitelist-run-common.inc' \
+        --blacklist='/var/run/nscd' \
+        --private=/tmp/ephemeralbrowser \
+        --profile="$profile" \
+        --net="$interface" \
+        --dns="$dns" \
+        bash -c "$browser_path"
+    else
+      firejail \
+        --ignore='include whitelist-run-common.inc' \
+        --blacklist='/var/run/nscd' \
+        --private=/tmp/ephemeralbrowser \
+        --profile="$profile" \
+        --dns="$dns" \
+        bash -c "$browser_path"
+    fi
  '';

  keepassxc = pkgs.writeScriptBin "keepassxc" ''
--- a/hosts/dlaptop/configuration.nix
+++ b/hosts/dlaptop/configuration.nix
@ -2,7 +2,7 @@
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).

-{ inputs, stable, unstable, config, pkgs, age, ... }:
+{ inputs, stable, unstable, config, pkgs, age, lib, ... }:

 {
  time.timeZone = "Europe/Moscow";
@ -39,30 +39,59 @@
  environment.sessionVariables = {
    QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
    QT_QPA_PLATFORM = "wayland";
-    STEAM_FORCE_DESKTOPUI_SCALING = "2";
+    STEAM_FORCE_DESKTOPUI_SCALING = "1";
    NIXOS_OZONE_WL = "1";
  };

-  services.dnscrypt-proxy2 = {
-    enable = true;
-    settings = {
-      ipv6_servers = true;
-      require_dnssec = true;
-      server_names = [ "cloudflare" ];
-    };
-  };
-
-  systemd.services.dnscrypt-proxy2.serviceConfig = {
-    StateDirectory = "dnscrypt-proxy";
-  };
+  #services.dnscrypt-proxy2 = {
+  #  enable = true;
+  #  settings = {
+  #    ipv6_servers = true;
+  #    require_dnssec = true;
+  #    server_names = [ "cloudflare" ];
+  #  };
+  #};

+  users.groups.no-net = {};
+  #services.connman.wifi.backend = "iwd";
  networking = {
    hostName = "dlaptop";
-    nameservers = [ "127.0.0.1" "::1" ];
+    nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ];
    networkmanager.dns = "none"; 
    networkmanager.enable = true;
+    #wireless.iwd.enable = true;
+    #networkmanager.wifi.backend = "iwd";
+    useDHCP = lib.mkDefault true;
+    interfaces.wlp1s0.proxyARP = true;
+    iproute2.enable = true;
    firewall = {
-      enable = false;
+      enable = true;
+      allowedTCPPorts = [
+        # qbittorrent
+        4780 
+        # audiorelay
+        59100
+        # localsend
+        53317
+        #syncthing
+        22000
+      ];
+      allowedUDPPorts = [
+        # audiorelay
+        59100
+        59200
+        # localsend
+        53317
+        #syncthing
+        22000
+        21027
+      ];
+      allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect
+      allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
+      checkReversePath = "loose";
+      extraCommands = ''
+        iptables -A OUTPUT -m owner --gid-owner no-net -j REJECT
+      '';
    };
  };

@ -159,6 +188,7 @@
  hardware.pulseaudio.enable = false;

  services.tailscale.enable = true;
+  services.syncthing.enable = true;
  services.blueman.enable = true;
  services.tumbler.enable = true;
  services.gvfs.enable = true;
@ -229,7 +259,9 @@
    gnomeExtensions.tiling-assistant
    #gnomeExtensions.wintile-windows-10-window-tiling-for-gnome
    gnomeExtensions.advanced-alttab-window-switcher
+    gnomeExtensions.syncthing-indicator
    gnome.gnome-tweaks
+    
    mojave-gtk-theme
    adw-gtk3
    any-nix-shell
@ -246,6 +278,7 @@
    #firefox_nightly
    #inputs.anyrun.packages.${pkgs.system}.anyrun
    inputs.telegram-desktop-patched-unstable.packages.${pkgs.system}.default
+    inputs.ayugram-desktop.packages.${pkgs.system}.default
    inputs.agenix.packages.x86_64-linux.default
  ];

--- a/hosts/generic.nix
+++ b/hosts/generic.nix
@ -54,8 +54,19 @@ in {
    git
    micro
    nano
+    fishPlugins.grc
+    fishPlugins.autopair
+    fishPlugins.z
+    #fishPlugins.tide
+    #fishPlugins.hydro
+    fishPlugins.fzf-fish
+    fishPlugins.sponge
+    grc
    unstable.nh
    any-nix-shell
+    dnsutils
+    inetutils
+    killall
  ];

  programs.command-not-found.enable = false;
@ -64,11 +75,13 @@ in {
    shellAliases = {
      rebuild = "nh os switch";
      rollback = "sudo nixos-rebuild switch --rollback --flake ~/Documents/dotfiles/";
+      haste = "HASTE_SERVER='https://haste.delch.workers.dev' ${pkgs.haste-client}/bin/haste";
    };
    promptInit = ''
      set TERM "xterm-256color"
      set fish_greeting
-      any-nix-shell fish --info-right | source
+      ${pkgs.any-nix-shell}/bin/any-nix-shell fish --info-right | source  
+      #tide configure --auto --style=Lean --prompt_colors='16 colors' --show_time=No --lean_prompt_height='Two lines' --prompt_connection=Disconnected --prompt_spacing=Compact --icons='Few icons' --transient=No 
    '';
  };
  users.defaultUserShell = pkgs.fish;