vscode upd + trans socks + some other small fixes

apps/apps.nix

@@ -94,32 +94,9 @@ in {
     ripgrep gh # for nvim
     lunarvim # text edit
     lexend # font from google (non-mono)
-    # (pkgs.writeScriptBin "kitty" "${pkgs.kitty}/bin/kitty --single-instance --config ${kitty_config} $@")
+    jamesdsp easyeffects
-    # (pkgs.writeScriptBin "kitten" "${pkgs.kitty}/bin/kitten $@")
+    nmap
-    # (pkgs.makeDesktopItem {
+    wget
-    #   type = "Application";
-    #   name = "kitty";
-    #   desktopName = "kitty";
-    #   genericName = "Terminal Emulator";
-    #   comment = "Fast, feature-rich, GPU based terminal";
-    #   tryExec = "kitty";
-    #   exec = "kitty";
-    #   icon = "kitty";
-    #   categories = [ "System" "TerminalEmulator"];
-    # })
-    # (pkgs.makeDesktopItem {
-    #   type = "Application";
-    #   name = "kitty URL Launcher";
-    #   desktopName = "kitty URL Launcher";
-    #   genericName = "Terminal Emulator";
-    #   comment = "Open URLs with kitty";
-    #   tryExec = "kitty";
-    #   exec = "kitty +open %U";
-    #   icon = "kitty";
-    #   categories = [ "System" "TerminalEmulator"];
-    #   noDisplay = true;
-    #   mimeTypes = [ "image/*" "application/x-sh" "application/x-shellscript" "inode/directory" "text/*" "x-scheme-handler/kitty" "x-scheme-handler/ssh" ];
-    # })
   ]);
 
   programs.firefox = {
@@ -198,8 +175,8 @@ in {
           (extension "tampermonkey" "firefox@tampermonkey.net")
           #(extension "torrent-control" "{e6e36c9a-8323-446c-b720-a176017e38ff}")
           (extension "unpaywall" "{f209234a-76f0-4735-9920-eb62507a54cd}")
-          (extension "ctrl-number-to-switch-tabs"
+          (extension "ctrl-number-to-switch-tabs" "{84601290-bec9-494a-b11c-1baa897a9683}")
-            "{84601290-bec9-494a-b11c-1baa897a9683}")
+          (extension "temporary-containers" "{c607c8df-14a7-4f28-894f-29e8722976af}")
         ];
     };
   };

apps/scripts.nix

@@ -35,7 +35,7 @@ let
       browser_path="${pkgs.google-chrome}/bin/google-chrome-stable https://ifconfig.me"
       profile="google-chrome"
     elif [[ $browser == "ungoogled_chromium" ]]; then
-      browser_path="${pkgs.ungoogled-chromium}/bin/chromium https://ifconfig.me"
+      browser_path="${pkgs.ungoogled-chromium}/bin/chromium --user-data-dir=/tmp/ephemeralbrowser/.config/chromium https://ifconfig.me"
       profile="chromium"
     elif [[ $browser == "firefox" ]]; then
       browser_path="${pkgs.firefox}/bin/firefox -no-remote https://ifconfig.me"

apps/socks.nix

@@ -22,7 +22,13 @@ let
         script = attrs.script;
         preStart = "while true; do ip addr show dev novpn1 | grep -q 'inet' && break; sleep 1; done";
 
-        path = with pkgs; [ shadowsocks-libev shadowsocks-v2ray-plugin sing-box wireproxy iproute2 ];
+        path = with pkgs; [ 
+          iproute2 
+          shadowsocks-libev 
+          shadowsocks-v2ray-plugin 
+          sing-box 
+          wireproxy 
+          (callPackage ../derivations/microsocks.nix {}) ];
       };
     };
   
@@ -31,6 +37,7 @@ let
   socksed = [
     { name = "singbox-aus"; script = "sing-box run -c /run/secrets/singbox-aus";   } # port 4000
     { name = "socks-warp";  script = "wireproxy -c /etc/wireguard/warp0.conf";     } # port 3333
+    { name = "socks-novpn"; script = "microsocks -i 192.168.150.2 -p 3334";        } # port 3334
   ];
 
   delete_rules = pkgs.writeScriptBin "delete_rules" ''
@@ -117,7 +124,8 @@ in {
   };
 
   users.groups.socks = {};
-  systemd.services = builtins.listToAttrs (map socksBuilder socksed) // { novpn = {
+  systemd.services = builtins.listToAttrs (map socksBuilder socksed) // { 
+    novpn = {
       enable = true;
       description = "novpn namespace";
       after = [ "network-online.target" ];
@@ -129,15 +137,54 @@ in {
         RestartSec = "15";
         ExecStart = "${start_novpn}/bin/start_novpn";
         ExecStop = "${stop_novpn}/bin/stop_novpn";
+        StateDirectory = "novpn";
         Type = "simple";
       };
       
       preStart = "${stop_novpn}/bin/stop_novpn && ip netns add novpn";
       path = with pkgs; [ gawk iproute2 iptables sysctl coreutils ];
-  };};
+    };
+
+    warp-svc = {
+      enable = true;
+      description = "Cloudflare Zero Trust Client Daemon";
+      wantedBy = [ "multi-user.target" ];
+      after = [ "pre-network.target" ];
+
+      serviceConfig = {
+        Type = "simple";
+        Restart = "on-failure";
+        RestartSec = "15";
+        DynamicUser = "no";
+        # ReadOnlyPaths = "/etc/resolv.conf";
+        CapabilityBoundingSet = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE";
+        AmbientCapabilities = "CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_SYS_PTRACE";
+        StateDirectory = "cloudflare-warp";
+        RuntimeDirectory = "cloudflare-warp";
+        LogsDirectory = "cloudflare-warp";
+        ExecStart = "${pkgs.cloudflare-warp}/bin/warp-svc";
+      };
+
+      postStart = ''
+        while true; do
+          set -e
+          status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true)
+          set +e
+
+          if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then
+            ${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408
+            exit 0
+          fi
+          sleep 1
+        done
+      '';
+    };
+
+    tor.wantedBy = lib.mkForce [];
+  };
 
   users.users.delta.packages = [
-    (pkgs.writeScriptBin "nyx" ''sudo -u tor -g tor ${inputs.nixpkgs-2105.legacyPackages."x86_64-linux".nyx}/bin/nyx $@'')
+    (pkgs.writeScriptBin "nyx" ''sudo -u tor -g tor ${inputs.nixpkgs2105.legacyPackages."x86_64-linux".nyx}/bin/nyx $@'')
   ];
 
   services.tor = {

derivations/microsocks.nix

@@ -0,0 +1,22 @@
+{ pkgs, stdenv, fetchFromGitHub }: 
+
+stdenv.mkDerivation {
+  pname = "microsocks";
+  version = "1.0.4";
+  
+  src = fetchFromGitHub {
+    owner = "rofl0r";
+    repo = "microsocks";
+    rev = "v1.0.4";
+    sha256 = "sha256-cB2XMWjoZ1zLAmAfl/nqjdOyBDKZ+xtlEmqsZxjnFn0=";
+  };
+
+  buildPhase = ''
+    make
+  '';
+
+  installPhase = ''
+    mkdir -p $out/bin/
+    cp ./microsocks $out/bin/
+  '';
+}

flake.lock

@@ -269,22 +269,6 @@
         "type": "github"
       }
     },
-    "nixpkgs-2105": {
-      "locked": {
-        "lastModified": 1659914493,
-        "narHash": "sha256-lkA5X3VNMKirvA+SUzvEhfA7XquWLci+CGi505YFAIs=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "022caabb5f2265ad4006c1fa5b1ebe69fb0c3faf",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-21.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
     "nixpkgs-stable": {
       "locked": {
         "lastModified": 1711668574,
@@ -333,6 +317,22 @@
         "type": "github"
       }
     },
+    "nixpkgs2105": {
+      "locked": {
+        "lastModified": 1659914493,
+        "narHash": "sha256-lkA5X3VNMKirvA+SUzvEhfA7XquWLci+CGi505YFAIs=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "022caabb5f2265ad4006c1fa5b1ebe69fb0c3faf",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-21.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "nixpkgs_2": {
       "locked": {
         "lastModified": 1711703276,
@@ -408,11 +408,11 @@
         "pre-commit-hooks": "pre-commit-hooks"
       },
       "locked": {
-        "lastModified": 1711809391,
+        "lastModified": 1711888895,
-        "narHash": "sha256-/nGV6P8nB/R/ysbl1KQIKIwp1mQPXxtnoEd+pf3X+nw=",
+        "narHash": "sha256-Hykv2DGC5EHzZ89+54w/zkit+CVGLRcdIgOWnB4zW5k=",
         "owner": "nix-community",
         "repo": "nixvim",
-        "rev": "0c16f59202c5062d12ef9cd4560cc9fca9d99f9a",
+        "rev": "db6b61f117c83943f15289ced03674f81d08256a",
         "type": "github"
       },
       "original": {
@@ -454,9 +454,9 @@
         "anyrun": "anyrun",
         "home-manager": "home-manager",
         "nixpkgs": "nixpkgs",
-        "nixpkgs-2105": "nixpkgs-2105",
         "nixpkgs-stable": "nixpkgs-stable",
         "nixpkgs-unstable": "nixpkgs-unstable",
+        "nixpkgs2105": "nixpkgs2105",
         "nixvim": "nixvim",
         "secrets": "secrets",
         "telegram-desktop-patched": "telegram-desktop-patched"

flake.nix

@@ -3,7 +3,7 @@
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
     nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
-    nixpkgs-2105.url = "github:NixOS/nixpkgs/nixos-21.05";
+    nixpkgs2105.url = "github:NixOS/nixpkgs/nixos-21.05";
     home-manager.url = "github:nix-community/home-manager";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
     anyrun.url = "github:Kirottu/anyrun";

home/home.nix

@@ -32,13 +32,22 @@
         version = "2.0.11";
         sha256 = "7ZH9l4jySPo1jMZnylTPK6o+XZnxUtrpYIiY9xVPuRw=";
       }
+      {
+        name = "bracket-select";
+        publisher = "chunsen";
+        version = "2.0.2";
+        sha256 = "sha256-2+42NJWAI0cz+RvmihO2v8J/ndAHvV3YqMExvnl46m4=";
+      }
     ];
       enableExtensionUpdateCheck = false;
       enableUpdateCheck = false;
       userSettings = {
-        "files.autoSave" = "on";
+        "files.autoSave" = "onFocusChange";
         "window.titleBarStyle" = "custom";
         "workbench.colorTheme" = "Popping and Locking";
+        "terminal.external.linuxExec" = "kitty";
+        "editor.guides.bracketPairs" = "active";
+        "editor.bracketPairColorization.independentColorPoolPerBracketType" = true;
         "nix.enableLanguageServer"= true;
         #"nix.serverPath" = "${pkgs.nil}/bin/nil";
         "nix.serverPath" = "${pkgs.nixd}/bin/nixd";

hosts/dlaptop/hardware.nix

@@ -26,8 +26,14 @@
         name = "TIAS2781RCA4.bin";
       }} $out/lib/firmware/TIAS2781RCA4.bin
     '')
+    pkgs.wireless-regdb
   ];
 
+  # 5 GHZ wifi
+  boot.extraModprobeConfig = ''
+    options cfg80211 ieee80211_regdom="RU"
+  '';
+
   boot.loader.systemd-boot.enable = true;
 
   boot.kernelParams = [

hosts/dlaptop/services.nix

@@ -4,29 +4,29 @@
     (pkgs.writeScriptBin "warp-cli" "${pkgs.cloudflare-warp}/bin/warp-cli $@")
   ];
 
-  systemd.services.cloudflare-warp = {
+  # systemd.services.cloudflare-warp = {
-    enable = true;
+  #   enable = true;
-    description = "cloudflare warp service";
+  #   description = "cloudflare warp service";
-    wantedBy = [ "multi-user.target" ];
+  #   wantedBy = [ "multi-user.target" ];
-    serviceConfig = {
+  #   serviceConfig = {
-      Restart = "on-failure";
+  #     Restart = "on-failure";
-      RestartSec = "15";
+  #     RestartSec = "15";
-    };
+  #   };
-    script = "${pkgs.cloudflare-warp}/bin/warp-svc";
+  #   script = "${pkgs.cloudflare-warp}/bin/warp-svc";
 
-    postStart = ''
+  #   postStart = ''
-      while true; do
+  #     while true; do
-        set -e
+  #       set -e
-        status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true)
+  #       status=$(${pkgs.cloudflare-warp}/bin/warp-cli status || true)
-        set +e
+  #       set +e
-        if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then
+  #       if [[ "$status" != *"Unable to connect to CloudflareWARP daemon"* ]]; then
-          ${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408
+  #         ${pkgs.cloudflare-warp}/bin/warp-cli set-custom-endpoint 162.159.193.1:2408
-          exit 0
+  #         exit 0
-        fi
+  #       fi
-        sleep 15
+  #       sleep 15
-      done
+  #     done
-    '';
+  #   '';
-  };
+  # };
 
   users.groups.cloudflared = { };
   users.users.cloudflared = {

hosts/generic.nix

@@ -41,6 +41,7 @@ in {
     FLAKE = "/home/delta/Documents/dotfiles";
   };
 
+
   users.users.delta = {
     isNormalUser = true;
     description = "delta";
@@ -63,6 +64,7 @@ in {
           "anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s=" 
         ];
       };
+      package = unstable.nixUnstable;
     };
 
   nixpkgs.config.allowUnfree = true;
@@ -93,6 +95,8 @@ in {
     eza # better ls, will check what's better 
     htop
     btop
+    nix-search-cli
+    nix-index
     (pkgs.writeScriptBin "reboot" ''read -p "Do you REALLY want to reboot? (y/N) " answer; [[ $answer == [Yy]* ]] && ${pkgs.systemd}/bin/reboot'')
   ];
 
@@ -107,6 +111,7 @@ in {
       rollback = "sudo nixos-rebuild switch --rollback --flake ~/Documents/dotfiles/";
       haste = "HASTE_SERVER='https://haste.schizoposting.online' ${pkgs.haste-client}/bin/haste";
       ls = "${pkgs.lsd}/bin/lsd";
+      search = "nix-search -d -m 5 -p";
       ltree = "${pkgs.lsd}/bin/lsd --tree";
     };
     promptInit = ''