diff --git a/flake.lock b/flake.lock index 0ac8fcd..5355653 100644 --- a/flake.lock +++ b/flake.lock @@ -28,11 +28,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1741985801, - "narHash": "sha256-EnjiCpEi8p1kFgNUCVPuDUYoOSYBlr7ByMEF8qMGZws=", + "lastModified": 1743414153, + "narHash": "sha256-bFIXz7SvLlSNR4M3vYPYS1CpEN9vTUiH01R4iR/BDmA=", "owner": "catppuccin", "repo": "nix", - "rev": "f833a338ff6c091c84e041ee77ce88f8b242ca79", + "rev": "2f52f9ead26f80d7b391cedcbb3eb309bd83fff4", "type": "github" }, "original": { @@ -167,11 +167,11 @@ ] }, "locked": { - "lastModified": 1741955947, - "narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=", + "lastModified": 1743648554, + "narHash": "sha256-23JFd+zd2GamTTdnGuFVeIg8x8C3hLpQJRh/PGTORzo=", "owner": "nix-community", "repo": "home-manager", - "rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4", + "rev": "107352dde4ff3c01cb5a0b3fe17f5beef37215bc", "type": "github" }, "original": { @@ -187,11 +187,11 @@ ] }, "locked": { - "lastModified": 1739757849, - "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", + "lastModified": 1743387206, + "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=", "owner": "nix-community", "repo": "home-manager", - "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", + "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146", "type": "github" }, "original": { @@ -209,11 +209,11 @@ ] }, "locked": { - "lastModified": 1742021951, - "narHash": "sha256-Nxrkvh353BeG6/D8yPq50VCaYnCMKviS7krw4DfzLVU=", + "lastModified": 1743660830, + "narHash": "sha256-ezJqPIuB25iMJeugwHKWnB1DjMvrdpkrPxE3TCULjGk=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "ecaf8b6aa7d28cb7b87da334310fbe1ba31f8d64", + "rev": "c7ade1c8fe2bdb70d38b3b9a97b874dcaf33b755", "type": "github" }, "original": { @@ -225,11 +225,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1741976543, - "narHash": "sha256-hSiO4cq2ub0Hs1bH+Qnne7pF8596wKZxmbWH2Kqe9UE=", - "rev": "85d614538fd1e6fa8a230d5f1c4d6e5587e9e3ef", + "lastModified": 1743523803, + "narHash": "sha256-L/8tnMbfwOmRXRrzzDJBlkRUiVOxy8cxWTdaN3n3AGI=", + "rev": "5a7e9e17464008904403af4297823443281bef12", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/85d614538fd1e6fa8a230d5f1c4d6e5587e9e3ef.tar.gz?rev=85d614538fd1e6fa8a230d5f1c4d6e5587e9e3ef" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/5a7e9e17464008904403af4297823443281bef12.tar.gz?rev=5a7e9e17464008904403af4297823443281bef12" }, "original": { "type": "tarball", @@ -248,11 +248,11 @@ ] }, "locked": { - "lastModified": 1741894565, - "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", - "rev": "a6da43f8193d9e329bba1795c42590c27966082e", + "lastModified": 1742945498, + "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", + "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/a6da43f8193d9e329bba1795c42590c27966082e.tar.gz?rev=a6da43f8193d9e329bba1795c42590c27966082e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fa69ae26cc32dda178117b46487c2165c0e08316.tar.gz?rev=fa69ae26cc32dda178117b46487c2165c0e08316" }, "original": { "type": "tarball", @@ -271,11 +271,11 @@ ] }, "locked": { - "lastModified": 1741894565, - "narHash": "sha256-2FD0NDJbEjUHloVrtEIms5miJsj1tvQCc/0YK5ambyc=", - "rev": "a6da43f8193d9e329bba1795c42590c27966082e", + "lastModified": 1742945498, + "narHash": "sha256-MB/b/xcDKqaVBxJIIxwb81r8ZiGLeKEcqokATRRroo8=", + "rev": "fa69ae26cc32dda178117b46487c2165c0e08316", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/a6da43f8193d9e329bba1795c42590c27966082e.tar.gz?rev=a6da43f8193d9e329bba1795c42590c27966082e" + "url": "https://git.lix.systems/api/v1/repos/lix-project/nixos-module/archive/fa69ae26cc32dda178117b46487c2165c0e08316.tar.gz?rev=fa69ae26cc32dda178117b46487c2165c0e08316" }, "original": { "type": "tarball", @@ -342,11 +342,11 @@ ] }, "locked": { - "lastModified": 1741619381, - "narHash": "sha256-koZtlJRqi0/MD/AKd0KrXLA2NuBOVzlIyAJprjzpxZE=", + "lastModified": 1743306489, + "narHash": "sha256-LROaIjSLo347cwcHRfSpqzEOa2FoLSeJwU4dOrGm55E=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "66537fb185462ba9b07f4e6f2d54894a1b2d04ab", + "rev": "b3696bfb6c24aa61428839a99e8b40c53ac3a82d", "type": "github" }, "original": { @@ -362,11 +362,11 @@ ] }, "locked": { - "lastModified": 1741619381, - "narHash": "sha256-koZtlJRqi0/MD/AKd0KrXLA2NuBOVzlIyAJprjzpxZE=", + "lastModified": 1743306489, + "narHash": "sha256-LROaIjSLo347cwcHRfSpqzEOa2FoLSeJwU4dOrGm55E=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "66537fb185462ba9b07f4e6f2d54894a1b2d04ab", + "rev": "b3696bfb6c24aa61428839a99e8b40c53ac3a82d", "type": "github" }, "original": { @@ -377,11 +377,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1741792691, - "narHash": "sha256-f0BVt1/cvA0DQ/q3rB+HY4g4tKksd03ZkzI4xehC2Ew=", + "lastModified": 1743420942, + "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "e1f12151258b12c567f456d8248e4694e9390613", + "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4", "type": "github" }, "original": { @@ -393,11 +393,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741851582, - "narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=", + "lastModified": 1742889210, + "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6607cf789e541e7873d40d3a8f7815ea92204f32", + "rev": "698214a32beb4f4c8e3942372c694f40848b360d", "type": "github" }, "original": { @@ -409,11 +409,11 @@ }, "nixpkgs-raw": { "locked": { - "lastModified": 1741862977, - "narHash": "sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB+ikn74/xQoNrGQ=", + "lastModified": 1743576891, + "narHash": "sha256-vXiKURtntURybE6FMNFAVpRPr8+e8KoLPrYs9TGuAKc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cdd2ef009676ac92b715ff26630164bb88fec4e0", + "rev": "44a69ed688786e98a101f02b712c313f1ade37ab", "type": "github" }, "original": { @@ -424,11 +424,11 @@ }, "nixpkgs-unstable-raw": { "locked": { - "lastModified": 1741851582, - "narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=", + "lastModified": 1743583204, + "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6607cf789e541e7873d40d3a8f7815ea92204f32", + "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434", "type": "github" }, "original": { @@ -459,11 +459,11 @@ ] }, "locked": { - "lastModified": 1740569341, - "narHash": "sha256-WV8nY2IOfWdzBF5syVgCcgOchg/qQtpYh6LECYS9XkY=", + "lastModified": 1742765550, + "narHash": "sha256-2vVIh2JrL6GAGfgCeY9e6iNKrBjs0Hw3bGQEAbwVs68=", "owner": "nix-community", "repo": "plasma-manager", - "rev": "5eeb0172fb74392053b66a8149e61b5e191b2845", + "rev": "b70be387276e632fe51232887f9e04e2b6ef8c16", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0b7bae9..2de1703 100644 --- a/flake.nix +++ b/flake.nix @@ -105,10 +105,6 @@ name = "patched-nixpkgs"; src = nixpkgs-raw; patches = [ - (nixpkgs-raw.legacyPackages.x86_64-linux.fetchpatch { - url = "https://github.com/NixOS/nixpkgs/pull/370713.patch"; - hash = "sha256-gZPP99e42XdYrQz9wWHpS0ChRhK7m9Yitmy7UT5OxiM="; - }) ]; }; # https://discourse.nixos.org/t/proper-way-of-applying-patch-to-system-managed-via-flake/21073/26 diff --git a/roles/common/configuration.nix b/roles/common/configuration.nix index 6eed62a..7c18fe3 100755 --- a/roles/common/configuration.nix +++ b/roles/common/configuration.nix @@ -127,7 +127,7 @@ backupFileExtension = "hm-backup"; useGlobalPkgs = true; verbose = true; - sharedModules = [flakeSelf.inputs.catppuccin.homeManagerModules.catppuccin]; + sharedModules = [flakeSelf.inputs.catppuccin.homeModules.catppuccin]; users.toast = {osConfig, ...}: { catppuccin.flavor = osConfig.catppuccin.flavor; catppuccin.accent = osConfig.catppuccin.accent; diff --git a/roles/desktop/programs/default.nix b/roles/desktop/programs/default.nix index 9caa2e4..42fe870 100755 --- a/roles/desktop/programs/default.nix +++ b/roles/desktop/programs/default.nix @@ -9,5 +9,6 @@ ./appimage.nix ./mpv.nix ./sysdvr-qt.nix + ./spotify.nix ]; } diff --git a/roles/desktop/programs/firefox.nix b/roles/desktop/programs/firefox.nix index 96b50a9..aac3918 100644 --- a/roles/desktop/programs/firefox.nix +++ b/roles/desktop/programs/firefox.nix @@ -1,55 +1,123 @@ {lib, ...}: { - # System wide firefox settings - programs.firefox = { - enable = true; - policies = { - "DisablePocket" = true; - "DisableTelemetry" = true; - # You need these for Spotify - "EncryptedMediaExtensions" = {"Enabled" = true;}; - "ExtensionSettings" = { - # TODO: Install extensions the NUR instead of from AMO - "uBlock0@raymondhill.net" = { - "installation_mode" = "force_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; + home-manager.sharedModules = [ + { + # System wide firefox settings + programs.firefox = { + enable = true; + policies = { + DisableTelemetry = true; + # You need these for Spotify + EncryptedMediaExtensions.Enabled = true; + ExtensionSettings = { + # TODO: Install extensions the NUR instead of from AMO + "uBlock0@raymondhill.net" = { + installation_mode = "force_installed"; + install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"; + }; + # Decentraleyes + "jid1-BoFifL9Vbdl2zQ@jetpack" = { + installation_mode = "normal_installed"; + install_url = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; + }; + "jid1-MnnxcxisBPnSXQ@jetpack" = { + installation_mode = "normal_installed"; + install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; + }; + # Uninstall undeclared extensions + "*" = { + installation_mode = "blocked"; + blocked_install_message = "Extensions are managed by home-manager"; + }; + }; + Preferences = { + # Enable video hardware acceleration + "media.ffmpeg.vaapi.enabled" = { + Value = true; + Status = "default"; + }; + "dom.security.https_only_mode" = { + Value = true; + Status = "locked"; + }; + }; + PromptForDownloadLocation = true; + # I use an external password manager, so the built in one just bothers me + PasswordManagerEnabled = false; + Permissions = { + Autoplay = { + Allow = [ + "https://www.youtube.com" + "https://sync-tube.de" + ]; + Default = "block-audio-video"; + }; + }; + FirefoxHome.SponsoredTopSites = false; }; - # Decentraleyes - "jid1-BoFifL9Vbdl2zQ@jetpack" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/decentraleyes/latest.xpi"; - }; - "jid1-MnnxcxisBPnSXQ@jetpack" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi"; - }; - # Uninstall the kde plasma integration extension if KDE is not installed - "plasma-browser-integration@kde.org"."installation_mode" = lib.mkDefault "blocked"; }; - "Preferences" = { - # Enable video hardware acceleration - "media.ffmpeg.vaapi.enabled" = { - "Value" = true; - "Status" = "default"; + } + ]; + # Per-user settings + home-manager.users.toast = { + programs.firefox.policies = { + DisablePocket = true; + ExtensionSettings = { + "sponsorBlocker@ajay.app" = { + installation_mode = "normal_installed"; + install_url = "https://addons.mozilla.org/firefox/downloads/latest/sponsorblock/latest.xpi"; }; - "dom.security.https_only_mode" = { - "Value" = true; - "Status" = "locked"; + "@testpilot-containers" = { + installation_mode = "normal_installed"; + install_url = "https://addons.mozilla.org/firefox/downloads/latest/multi-account-containers/latest.xpi"; }; + }; + Preferences = { "general.smoothScroll.msdPhysics.enabled" = { - "Value" = true; - "Status" = "default"; + Value = true; + Status = "default"; + }; + "browser.ctrlTab.sortByRecentlyUsed" = { + Value = true; + Status = "default"; + }; + # This should be set automatically, but it isn't for some reason + "extensions.webextensions.ExtensionStorageIDB.enabled" = { + Value = false; + Status = "locked"; }; }; - "PromptForDownloadLocation" = true; - # I use an external password manager, so the built in one just bothers me - "PasswordManagerEnabled" = false; - "Permissions" = { - "Autoplay" = { - "Allow" = ["https://www.youtube.com"]; - "Default" = "block-audio-video"; + }; + programs.firefox.profiles = { + personal = { + name = "Personal"; + id = 0; + isDefault = true; + containersForce = true; + containers = { + work = { + name = "Work"; + id = 1; + icon = "briefcase"; + color = "green"; + }; + }; + extensions.force = true; + extensions.settings = { + "@testpilot-containers".settings = { + onboarding-stage = 8; + "siteContainerMap@@_teams.microsoft.com" = { + userContextId = "1"; + neverAsk = false; + identityMacAddonUUID = "b50e5b1e-6f3b-4245-8eac-5654d889156e"; + }; + "siteContainerMap@@_outlook.office.com" = { + userContextId = "1"; + neverAsk = false; + identityMacAddonUUID = "b50e5b1e-6f3b-4245-8eac-5654d889156e"; + }; + }; }; }; - "FirefoxHome" = {"SponsoredTopSites" = false;}; }; }; } diff --git a/roles/desktop/programs/spotify.nix b/roles/desktop/programs/spotify.nix new file mode 100644 index 0000000..c895f52 --- /dev/null +++ b/roles/desktop/programs/spotify.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + home-manager.users.toast = { + home.packages = [pkgs.spotify]; + }; +} diff --git a/roles/kde/patches/default.nix b/roles/kde/patches/default.nix index 1e14271..86198ed 100644 --- a/roles/kde/patches/default.nix +++ b/roles/kde/patches/default.nix @@ -1,6 +1,7 @@ -{lib, ...}: let +{lib, pkgs, ...}: let rootDirs = builtins.readDir ./.; removeFiles = lib.attrsets.filterAttrs (n: v: v == "directory") rootDirs; + programsToPatch = builtins.attrNames removeFiles; getPatches = name: builtins.map (value: ./${name}/${value}) (builtins.attrNames ( @@ -11,14 +12,17 @@ )); bigOverlay = final: prev: - builtins.mapAttrs ( - name: _value: - prev."${name}".overrideAttrs { - version = prev."${name}".version + "-patched"; - patches = prev."${name}".patches ++ getPatches name; + lib.attrsets.mergeAttrsList ( + lib.lists.forEach programsToPatch ( + program: let + unpatchedProgram = prev."${program}"; + in { + "${program}-patched" = unpatchedProgram.overrideAttrs { + patches = unpatchedProgram.patches ++ getPatches program; + }; } - ) - removeFiles; + ) + ); in { nixpkgs.overlays = [ ( @@ -27,4 +31,11 @@ in { } ) ]; + + system.replaceDependencies.replacements = lib.lists.forEach programsToPatch ( + package: { + oldDependency = pkgs.kdePackages.${package}; + newDependency = pkgs.kdePackages."${package}-patched"; + } + ); } diff --git a/roles/kde/programs/firefox.nix b/roles/kde/programs/firefox.nix index bbe1638..41f81e2 100644 --- a/roles/kde/programs/firefox.nix +++ b/roles/kde/programs/firefox.nix @@ -1,30 +1,35 @@ -{...}: { - # KDE specific firefox settings - programs.firefox = { - policies = { - "ExtensionSettings" = { - # TODO: Install extensions the NUR instead of from AMO - "plasma-browser-integration@kde.org" = { - "installation_mode" = "normal_installed"; - "install_url" = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; +{pkgs, ...}: { + home-manager.sharedModules = [ + { + # KDE specific firefox settings + programs.firefox = { + nativeMessagingHosts = [pkgs.kdePackages.plasma-browser-integration]; + policies = { + ExtensionSettings = { + # TODO: Install extensions the NUR instead of from AMO + "plasma-browser-integration@kde.org" = { + installation_mode = "normal_installed"; + install_url = "https://addons.mozilla.org/firefox/downloads/latest/plasma-integration/latest.xpi"; + }; + }; + Preferences = { + # Make firefox use the kde file picker + "widget.use-xdg-desktop-portal.file-picker" = { + Value = 1; + Status = "default"; + }; + /* + https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, + but strangely enough doing so makes firefox ask to be set as the default browser + every time you start it up, so I'll disable it + */ + "widget.use-xdg-desktop-portal.mime-handler" = { + Value = 0; + Status = "default"; + }; + }; }; }; - "Preferences" = { - # Make firefox use the kde file picker - "widget.use-xdg-desktop-portal.file-picker" = { - "Value" = 1; - "Status" = "default"; - }; - /* - https://wiki.archlinux.org/title/Firefox#KDE_integration tells me to enable this, - but strangely enough doing so makes firefox ask to be set as the default browser - every time you start it up, so I'll disable it - */ - "widget.use-xdg-desktop-portal.mime-handler" = { - "Value" = 0; - "Status" = "default"; - }; - }; - }; - }; + } + ]; }