tasko(nixosUnstable): batis al HEAD de master

tasko(nixos) batis al HEAD de 24.11
trajto(brighde): ŝanĝo al Cosmic Desktop
2025-04-06 21:35:53 +10:00 · 2025-04-06 21:34:06 +10:00 · 2025-03-24 09:24:08 +10:00 · 2025-03-24 09:21:31 +10:00 · 2025-03-24 08:28:44 +10:00 · 2025-03-24 08:27:33 +10:00
7 changed files with 82 additions and 27 deletions
--- a/flake.lock
+++ b/flake.lock
@ -925,11 +925,11 @@
        "nixpkgs-stable": "nixpkgs-stable"
      },
      "locked": {
-        "lastModified": 1739756353,
-        "narHash": "sha256-UMRlUlCXyIG9jVgDQtKCyDpgjTIHkadVo0DIOayDH6U=",
+        "lastModified": 1742641703,
+        "narHash": "sha256-hoN8blvJco8OSZmPj8izwQaQUdydVi+5FO4/nWd1MNU=",
        "owner": "lilyinstarlight",
        "repo": "nixos-cosmic",
-        "rev": "0d64f87dff6778231ae0288cca71e78e2ab30752",
+        "rev": "216557e6cd229dbe7d73a497c227824a3c579cd7",
        "type": "github"
      },
      "original": {
@ -4761,11 +4761,11 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1739624908,
-        "narHash": "sha256-f84lBmLl4tkDp1ZU5LBTSFzlxXP4926DVW3KnXrke10=",
+        "lastModified": 1742512142,
+        "narHash": "sha256-8XfURTDxOm6+33swQJu/hx6xw1Tznl8vJJN5HwVqckg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "a60651b217d2e529729cbc7d989c19f3941b9250",
+        "rev": "7105ae3957700a9646cc4b766f5815b23ed0c682",
        "type": "github"
      },
      "original": {
@ -4873,11 +4873,11 @@
    },
    "nixpkgsUnstable": {
      "locked": {
-        "lastModified": 1739797909,
-        "narHash": "sha256-Tawcc3tnPRyqq6cgkhrAeL30ujgpfRObfX9Ffo0G4xc=",
+        "lastModified": 1743938762,
+        "narHash": "sha256-UgFYn8sGv9B8PoFpUfCa43CjMZBl1x/ShQhRDHBFQdI=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "6d0e5aea88d0f8fa0d0e1258c65c4f799c46717e",
+        "rev": "74a40410369a1c35ee09b8a1abee6f4acbedc059",
        "type": "github"
      },
      "original": {
@ -5277,11 +5277,11 @@
    },
    "nixpkgs_33": {
      "locked": {
-        "lastModified": 1740162160,
-        "narHash": "sha256-SSYxFhqCOb3aiPb6MmN68yEzBIltfom8IgRz7phHscM=",
+        "lastModified": 1743703532,
+        "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "11415c7ae8539d6292f2928317ee7a8410b28bb9",
+        "rev": "bdb91860de2f719b57eef819b5617762f7120c70",
        "type": "github"
      },
      "original": {
--- a/hosts/brighde/default.nix
+++ b/hosts/brighde/default.nix
@ -7,7 +7,6 @@
  imports = [
    ../../hardware/lenovo_yoga7i.nix
    ../../profiles/desktopFiona.nix
-    ../../profiles/desktop_common.nix
  ];

  # Use the UEFI boot loader.
--- a/modules/roles/desktop/default.nix
+++ b/modules/roles/desktop/default.nix
@ -21,11 +21,9 @@ in {
      chromium
      element-desktop # A feature-rich client for Matrix.org
      evince # document viewer
-      firefox # A web browser built from Firefox source tree
      gnome-tweaks # A tool to customize advanced GNOME 3 options
      krita # A free and open source painting application
      libreoffice-fresh # Comprehensive, professional-quality productivity suite
-      librewolf # Firefox fork, focused on privacy, security and freedom
      mplayer # A movie player that supports many video formats
      nextcloud-client # Nextcloud desktop client
      pavucontrol # PulseAudio Volume Control
@ -104,6 +102,56 @@ in {
        enable = true;
        homepageLocation = "https://start.duckduckgo.com/";
      };
+      firefox = {
+        enable = true;
+        package = pkgs.librewolf;
+        policies = {
+          DisableTelemetry = true;
+          DisableFirefoxStudies = true;
+          Preferences = {
+            "cookiebanners.service.mode" = 2; # Block cookie banners
+            "cookiebanners.service.mode.privateBrowsing" = 2; # Block cookie banners in private browsing
+            "privacy.donottrackheader.enabled" = true;
+            "privacy.fingerprintingProtection" = true;
+            "privacy.resistFingerprinting" = true;
+            "privacy.trackingprotection.emailtracking.enabled" = true;
+            "privacy.trackingprotection.enabled" = true;
+            "privacy.trackingprotection.fingerprinting.enabled" = true;
+            "privacy.trackingprotection.socialtracking.enabled" = true;
+            "webgl.disabled" = false;
+          };
+          ExtensionSettings = {
+            "CanvasBlocker@kkapsner.de" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/canvasblocker/latest.xpi";
+              installation_mode = "force_installed";
+            }; # prevents fingerprinting when webgl is enabled
+            "CookieAutoDelete@kennydo.com" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/cookie-autodelete/latest.xpi";
+              installation_mode = "force_installed";
+            }; # cookie deletion
+            "floccus@handmadeideas.org" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/floccus/latest.xpi";
+              installation_mode = "force_installed";
+            }; # bookmark sync
+            "jid1-MnnxcxisBPnSXQ@jetpack" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
+              installation_mode = "force_installed";
+            }; # privacy
+            "jid1-ZAdIEUB7XOzOJw@jetpack" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/duckduckgo-for-firefox/latest.xpi";
+              installation_mode = "force_installed";
+            }; # private search
+            "uBlock0@raymondhill.net" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+              installation_mode = "force_installed";
+            }; # add blocking
+            "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
+              install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
+              installation_mode = "force_installed";
+            }; # password management
+          };
+        };
+      };
    };

    # Groups to add
--- a/modules/roles/desktopCraige/default.nix
+++ b/modules/roles/desktopCraige/default.nix
@ -35,5 +35,15 @@ in {
      vcsh # Version Control System for $HOME
      yt-dlp # Command-line tool to download videos
    ];
+    programs.firefox.policies.ExtensionSettings = {
+      "{eceab40b-230a-4560-98ed-185ad010633f}" = {
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/nixos-packages-search-engine/latest.xpi";
+        installation_mode = "force_installed";
+      }; # package search
+      "{530f7c6c-6077-4703-8f71-cb368c663e35}" = {
+        install_url = "https://addons.mozilla.org/firefox/downloads/latest/yoroi/latest.xpi";
+        installation_mode = "force_installed";
+      }; # package search
+    };
  };
 }
--- a/outputs.nix
+++ b/outputs.nix
@ -70,8 +70,9 @@ in {
      ];
      deployment = {
        tags = ["active"];
-        targetHost = "10.42.0.124";
+        targetHost = "10.69.0.122";
      };
+      roles.desktop.enable = true;
    };
    ceilidh = {
      imports = [
@ -112,7 +113,7 @@ in {
      ];
      deployment = {
        tags = ["active" "rPi"];
-        targetHost = "10.42.0.204";
+        targetHost = "10.69.0.204";
      };
    };
    eamhair = {
@ -122,7 +123,7 @@ in {
      ];
      deployment = {
        tags = ["active" "rPi"];
-        targetHost = "10.42.0.205";
+        targetHost = "10.69.0.205";
      };
      services.toxvpn.localip = "10.37.0.205";
    };
@ -157,7 +158,10 @@ in {
        hosts/sercanto
        ragenix.nixosModules.default
      ];
-      deployment.targetHost = "10.42.0.180";
+      deployment = {
+        targetHost = "10.69.0.149";
+        tags = ["active"];
+      };
      roles.desktop.enable = true;
      roles.desktopCraige.enable = true;
    };
--- a/profiles/nextcloud.nix
+++ b/profiles/nextcloud.nix
@ -41,7 +41,7 @@
    };
    package = pkgs.nextcloud30;
    extraApps = with config.services.nextcloud.package.packages.apps; {
-      inherit calendar contacts deck gpoddersync news notes tasks twofactor_webauthn;
+      inherit bookmarks calendar contacts deck gpoddersync news notes tasks twofactor_webauthn;
    };
    extraAppsEnable = true;
    settings = {
--- a/profiles/nixpkgs-dev.nix
+++ b/profiles/nixpkgs-dev.nix
@ -4,12 +4,7 @@
  pkgs,
  lib,
  ...
-}:
-#let
-#  sources = import ../nix/sources.nix;
-#  unstable = import sources.nixpkgsUnstable {};
-#in
-{
+}: {
  nixpkgs = {config = {allowUnfree = true;};};

  environment = {
@ -24,7 +19,6 @@
      nox # Tools to make Nix nicer
      sqlite # To query the nixpkgs sqlite database
      tig # Text-mode interface for git
-      #unstable.statix          # Lints and suggestions for the nix programming language
    ];
  };
 }
Author	SHA1	Message	Date
Craige McWhirter	57c9a81fff	tasko(nixosUnstable): batis al HEAD de master	2025-04-06 21:35:53 +10:00
Craige McWhirter	9ff082da33	tasko(nixos) batis al HEAD de 24.11	2025-04-06 21:34:06 +10:00
Craige McWhirter	b96cb32522	trajto(brighde): ŝanĝo al Cosmic Desktop	2025-03-24 09:24:08 +10:00
Craige McWhirter	371cca1d7d	tasko(hosts): ŝanĝo al korligejo	2025-03-24 09:21:31 +10:00
Craige McWhirter	e52012029d	trajto(cosmicDesktop): pliboniĝis al alpha 6	2025-03-24 08:28:44 +10:00
Craige McWhirter	4abb16c3f1	tasko(nixos) batis al HEAD de 24.11	2025-03-24 08:27:33 +10:00
Craige McWhirter	d664b153e4	tasko(nixos) batis al HEAD de 24.11	2025-03-17 11:09:17 +10:00
Craige McWhirter	ca7845d431	tasko(nixosUnstable): batis al HEAD de master	2025-03-10 10:57:15 +10:00
Craige McWhirter	a8a88205a4	tasko(nixos) batis al HEAD de 24.11	2025-03-10 10:52:15 +10:00
Craige McWhirter	e9eb17c396	trajto:(nextcloud): aldoni bookmarks	2025-03-10 10:37:03 +10:00
Craige McWhirter	3edc63064a	trajto(librewolf): aldonu Yoroi	2025-03-06 11:06:35 +10:00
Craige McWhirter	1a3c9eae2e	tasko(librewolf): antaŭ-agordi defaŭltojn Forto-instali bezonatajn etendaĵojn kaj antaŭ-agordi deziratajn opciojn.	2025-03-06 10:34:07 +10:00
Craige McWhirter	38d3772d46	tasko(nix): forigi evitindajn komentojn	2025-02-24 12:14:59 +10:00