diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs new file mode 100644 index 0000000..fb5a3ba --- /dev/null +++ b/.git-blame-ignore-revs @@ -0,0 +1 @@ +ce54be9aac846c7798307d6d6fcee3346c01f601 diff --git a/home/common.nix b/home/common.nix index c2c5264..b8dc67f 100644 --- a/home/common.nix +++ b/home/common.nix @@ -11,6 +11,7 @@ ./modules/packages.nix ./modules/vscodium.nix ./modules/fonts.nix + ./modules/captive-browser.nix ]; home.homeDirectory = if pkgs.stdenv.isDarwin then "/Users/${config.home.username}" else "/home/${config.home.username}"; diff --git a/home/desktop.nix b/home/desktop.nix index 1e089e7..7fa7840 100644 --- a/home/desktop.nix +++ b/home/desktop.nix @@ -33,40 +33,39 @@ contacts = import "${inputs.mysecrets}/contacts.nix" { inherit lib; }; in { - includes = - [ - { - condition = "gitdir:~/Seafile/Studium/"; + includes = [ + { + condition = "gitdir:~/Seafile/Studium/"; + contents = { + user.name = contacts.personal.name; + user.email = contacts.uni.email; + }; + } + { + condition = "gitdir:~/src/nixpkgs/"; + contents = { + user.name = "Trolli Schmittlauch"; + user.email = contacts.nixOs.email; + }; + } + ] + # set default name for several other common locations + ++ + map + (dir: { + condition = "gitdir:${dir}"; contents = { - user.name = contacts.personal.name; - user.email = contacts.uni.email; - }; - } - { - condition = "gitdir:~/src/nixpkgs/"; - contents = { - user.name = "Trolli Schmittlauch"; - user.email = contacts.nixOs.email; - }; - } - ] - # set default name for several other common locations - ++ - map - (dir: { - condition = "gitdir:${dir}"; - contents = { - user = { - inherit (contacts.schmittlauch) email name; - }; + user = { + inherit (contacts.schmittlauch) email name; }; - }) - [ - "~/src/" - "~/bin/" - "~/tmp/" - "~/nixconfigs/" - ]; + }; + }) + [ + "~/src/" + "~/bin/" + "~/tmp/" + "~/nixconfigs/" + ]; }; services.gpg-agent = { diff --git a/home/modules/captive-browser.nix b/home/modules/captive-browser.nix new file mode 100644 index 0000000..b07be4c --- /dev/null +++ b/home/modules/captive-browser.nix @@ -0,0 +1,77 @@ +{ + pkgs, + lib, + inputs, + config, + system, + ... +}: + +let + tomlFormat = pkgs.formats.toml { }; + cfg = config.programs.captive-browser; + inherit (pkgs.stdenv.hostPlatform) isDarwin; +in +{ + options.programs.captive-browser = { + enable = lib.mkEnableOption "Enable custom captive-browser in user PATH"; + package = lib.mkPackageOption pkgs "captive-browser" { nullable = true; }; + settings = lib.mkOption { + type = lib.types.submodule { + freeformType = tomlFormat.type; + + options = { + browser = lib.mkOption { + type = lib.types.str; + description = "command to invoke the browser with"; + + # browser is the shell (/bin/sh) command executed once the proxy starts. + # When browser exits, the proxy exits. An extra env var PROXY is available. + # + # Here, we use a separate Chrome instance in Incognito mode, so that + # it can run (and be waited for) alongside the default one, and that + # it maintains no state across runs. To configure this browser open a + # normal window in it, settings will be preserved. + default = '' + ${cfg.browserCommand} \ + --user-data-dir="$HOME/Library/Application Support/Google/Captive" \ + --proxy-server="socks5://$PROXY" \ + --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" \ + --no-first-run --new-window --incognito \ + http://example.com + ''; + }; + }; + }; + }; + interface = lib.mkOption { + type = lib.types.str; + description = "WLAN interface to use"; + }; + browserCommand = lib.mkOption { + type = lib.types.str; + default = if isDarwin then "open -n -W -a \"Google Chrome\" --args" else (lib.getExe pkgs.chromium); + }; + }; + config = lib.mkIf cfg.enable { + home.packages = [ cfg.package ]; + + programs.captive-browser.settings = { + # dhcp-dns is the shell (/bin/sh) command executed to obtain the DHCP + # DNS server address. The first match of an IPv4 regex is used. + # IPv4 only, because let's be real, it's a captive portal. + dhcp-dns = "ipconfig getoption ${cfg.interface} domain_name_server"; + + # socks5-addr is the listen address for the SOCKS5 proxy server. + socks5-addr = "localhost:1666"; + }; + home.file.".config/captive-browser.toml" = lib.mkIf (isDarwin && !config.xdg.enable) { + source = tomlFormat.generate "captive-browser-config" cfg.settings; + }; + + xdg.configFile."captive-browser.toml" = lib.mkIf (!(isDarwin && !config.xdg.enable)) { + source = tomlFormat.generate "captive-browser-config" cfg.settings; + }; + + }; +} diff --git a/home/modules/latex.nix b/home/modules/latex.nix index 3f79930..a9b853c 100644 --- a/home/modules/latex.nix +++ b/home/modules/latex.nix @@ -43,5 +43,6 @@ in koma-script ; }) - ] ++ lib.optionals config.schmittlauch.latex.guiTools latexGuiTools; + ] + ++ lib.optionals config.schmittlauch.latex.guiTools latexGuiTools; } diff --git a/home/modules/packages.nix b/home/modules/packages.nix index 57f097e..d9f1a31 100644 --- a/home/modules/packages.nix +++ b/home/modules/packages.nix @@ -12,88 +12,85 @@ let unstable = inputs.nixos-unstable.legacyPackages.${system}; nur = inputs.nur.legacyPackages.${system}; - graphicsApps = - [ - inkscape - darktable - exiftool - ] - ++ (with gimp3Plugins; [ - #fourier # broken - #lqrPlugin # broken - ]) - ++ lib.optionals pkgs.stdenv.isLinux [ - gimp3 - hugin - #luminanceHDR # FIXME, build failure - xournalpp - ] - ++ lib.optionals pkgs.stdenv.isDarwin [ - gimp - ]; + graphicsApps = [ + inkscape + darktable + exiftool + ] + ++ (with gimp3Plugins; [ + #fourier # broken + #lqrPlugin # broken + ]) + ++ lib.optionals pkgs.stdenv.isLinux [ + gimp3 + hugin + #luminanceHDR # FIXME, build failure + xournalpp + ] + ++ lib.optionals pkgs.stdenv.isDarwin [ + gimp + ]; - multimediaApps = - [ - mpv - yt-dlp - ] - ++ lib.optionals pkgs.stdenv.isDarwin [ vlc-bin ] - ++ lib.optionals pkgs.stdenv.isLinux [ - vlc - amarok - clementine - kdePackages.elisa - musescore - tenacity - soundkonverter - #nur.repos.fooker.studio-link - ]; + multimediaApps = [ + mpv + yt-dlp + ] + ++ lib.optionals pkgs.stdenv.isDarwin [ vlc-bin ] + ++ lib.optionals pkgs.stdenv.isLinux [ + vlc + amarok + clementine + kdePackages.elisa + musescore + tenacity + soundkonverter + #nur.repos.fooker.studio-link + ]; - cliApps = - [ - coreutils - myVim - htop - tmux - httpie - rsync - ponysay - gti - tree - lsof - mosh - openssh - sshfs-fuse - sshuttle - cryfs - thefuck - gnupg - unar - lzop - p7zip - pwgen - pandoc - pdfgrep - # zig dependency breaks occasionally, stay on C version for now - ncdu_1 - dos2unix - unzip - fswatch - jq - age - lnav - spacer + cliApps = [ + coreutils + myVim + htop + tmux + httpie + rsync + ponysay + gti + tree + lsof + mosh + openssh + sshfs-fuse + sshuttle + cryfs + thefuck + gnupg + unar + lzop + p7zip + pwgen + pandoc + pdfgrep + # zig dependency breaks occasionally, stay on C version for now + ncdu_1 + dos2unix + unzip + fswatch + jq + age + lnav + spacer - nix-output-monitor # putting this here as a plain `nix` alternative - ] - ++ lib.optionals pkgs.stdenv.isLinux [ - xclip - smbnetfs # for FUSE smb mounting - psmisc # for killall - torsocks - agrep - reptyr # re-bind running program to other tty - ]; + nix-output-monitor # putting this here as a plain `nix` alternative + ] + ++ lib.optionals pkgs.stdenv.isLinux [ + xclip + smbnetfs # for FUSE smb mounting + psmisc # for killall + torsocks + agrep + reptyr # re-bind running program to other tty + ]; nixHelpers = [ nixpkgs-review @@ -101,30 +98,29 @@ let nix-top statix ]; - devTools = - [ - curl - httpie - gcc - shellcheck - mtr - ripgrep - fd - gitui - pre-commit - scriv + devTools = [ + curl + httpie + gcc + shellcheck + mtr + ripgrep + fd + gitui + pre-commit + scriv - # Haskell - ghc - cabal2nix - ] - ++ lib.optionals pkgs.stdenv.isLinux [ - gdb - strace - ltrace - valgrind - zeal - ]; + # Haskell + ghc + cabal2nix + ] + ++ lib.optionals pkgs.stdenv.isLinux [ + gdb + strace + ltrace + valgrind + zeal + ]; pythonTools = with python3Packages; [ python # to shadow old macOS python @@ -196,33 +192,32 @@ let chromedriver ]; - kdeTools = - [ - okteta - plasma5Packages.kdeconnect-kde - ] - ++ (with kdePackages; [ - okular - gwenview - yakuake - dolphin - spectacle - kate - kleopatra - qdirstat - ark - kwalletmanager - #ktouch # TODO: unbreak - kcharselect - konversation - krdc - skanlite - akonadiconsole - tokodon # mastodon client - networkmanager-qt - kcrash - breeze-gtk - ]); + kdeTools = [ + okteta + plasma5Packages.kdeconnect-kde + ] + ++ (with kdePackages; [ + okular + gwenview + yakuake + dolphin + spectacle + kate + kleopatra + qdirstat + ark + kwalletmanager + #ktouch # TODO: unbreak + kcharselect + konversation + krdc + skanlite + akonadiconsole + tokodon # mastodon client + networkmanager-qt + kcrash + breeze-gtk + ]); in { options.schmittlauch.packages = { diff --git a/home/workmac.nix b/home/workmac.nix index 5227db0..0a9cc65 100644 --- a/home/workmac.nix +++ b/home/workmac.nix @@ -66,26 +66,25 @@ in contacts = import "${inputs.mysecrets}/contacts.nix" { inherit lib; }; in { - includes = - [ - { - condition = "gitdir:~/src/schmittlauch/"; - contents = { - user = { - inherit (contacts.schmittlauch) name email; - }; - }; - } - ] - # set default name for several other common locations - ++ map (dir: { - condition = "gitdir:${dir}"; + includes = [ + { + condition = "gitdir:~/src/schmittlauch/"; contents = { user = { - inherit (contacts.work) name email; + inherit (contacts.schmittlauch) name email; }; }; - }) [ "~/" ]; + } + ] + # set default name for several other common locations + ++ map (dir: { + condition = "gitdir:${dir}"; + contents = { + user = { + inherit (contacts.work) name email; + }; + }; + }) [ "~/" ]; }; # some extra shell scripts @@ -94,6 +93,11 @@ in + import ./scripts/ssh-loop-fc.nix { inherit pkgs lib; } ); + # separate proxied browser using the DHCP-supplied DNS for accessing captive portals + programs.captive-browser = { + enable = true; + interface = "en0"; + }; launchd.agents.hydra_proxy = { enable = true; config = {