From ce54be9aac846c7798307d6d6fcee3346c01f601 Mon Sep 17 00:00:00 2001 From: Trolli Schmittlauch Date: Wed, 30 Jul 2025 21:22:01 +0200 Subject: [PATCH 1/3] treewide: nixfmt nixfmt 1.0 has breaking formatting changes --- home/desktop.nix | 63 +++++----- home/modules/latex.nix | 3 +- home/modules/packages.nix | 253 +++++++++++++++++++------------------- home/workmac.nix | 31 +++-- 4 files changed, 172 insertions(+), 178 deletions(-) diff --git a/home/desktop.nix b/home/desktop.nix index 1e089e7..7fa7840 100644 --- a/home/desktop.nix +++ b/home/desktop.nix @@ -33,40 +33,39 @@ contacts = import "${inputs.mysecrets}/contacts.nix" { inherit lib; }; in { - includes = - [ - { - condition = "gitdir:~/Seafile/Studium/"; + includes = [ + { + condition = "gitdir:~/Seafile/Studium/"; + contents = { + user.name = contacts.personal.name; + user.email = contacts.uni.email; + }; + } + { + condition = "gitdir:~/src/nixpkgs/"; + contents = { + user.name = "Trolli Schmittlauch"; + user.email = contacts.nixOs.email; + }; + } + ] + # set default name for several other common locations + ++ + map + (dir: { + condition = "gitdir:${dir}"; contents = { - user.name = contacts.personal.name; - user.email = contacts.uni.email; - }; - } - { - condition = "gitdir:~/src/nixpkgs/"; - contents = { - user.name = "Trolli Schmittlauch"; - user.email = contacts.nixOs.email; - }; - } - ] - # set default name for several other common locations - ++ - map - (dir: { - condition = "gitdir:${dir}"; - contents = { - user = { - inherit (contacts.schmittlauch) email name; - }; + user = { + inherit (contacts.schmittlauch) email name; }; - }) - [ - "~/src/" - "~/bin/" - "~/tmp/" - "~/nixconfigs/" - ]; + }; + }) + [ + "~/src/" + "~/bin/" + "~/tmp/" + "~/nixconfigs/" + ]; }; services.gpg-agent = { diff --git a/home/modules/latex.nix b/home/modules/latex.nix index 3f79930..a9b853c 100644 --- a/home/modules/latex.nix +++ b/home/modules/latex.nix @@ -43,5 +43,6 @@ in koma-script ; }) - ] ++ lib.optionals config.schmittlauch.latex.guiTools latexGuiTools; + ] + ++ lib.optionals config.schmittlauch.latex.guiTools latexGuiTools; } diff --git a/home/modules/packages.nix b/home/modules/packages.nix index 57f097e..d9f1a31 100644 --- a/home/modules/packages.nix +++ b/home/modules/packages.nix @@ -12,88 +12,85 @@ let unstable = inputs.nixos-unstable.legacyPackages.${system}; nur = inputs.nur.legacyPackages.${system}; - graphicsApps = - [ - inkscape - darktable - exiftool - ] - ++ (with gimp3Plugins; [ - #fourier # broken - #lqrPlugin # broken - ]) - ++ lib.optionals pkgs.stdenv.isLinux [ - gimp3 - hugin - #luminanceHDR # FIXME, build failure - xournalpp - ] - ++ lib.optionals pkgs.stdenv.isDarwin [ - gimp - ]; + graphicsApps = [ + inkscape + darktable + exiftool + ] + ++ (with gimp3Plugins; [ + #fourier # broken + #lqrPlugin # broken + ]) + ++ lib.optionals pkgs.stdenv.isLinux [ + gimp3 + hugin + #luminanceHDR # FIXME, build failure + xournalpp + ] + ++ lib.optionals pkgs.stdenv.isDarwin [ + gimp + ]; - multimediaApps = - [ - mpv - yt-dlp - ] - ++ lib.optionals pkgs.stdenv.isDarwin [ vlc-bin ] - ++ lib.optionals pkgs.stdenv.isLinux [ - vlc - amarok - clementine - kdePackages.elisa - musescore - tenacity - soundkonverter - #nur.repos.fooker.studio-link - ]; + multimediaApps = [ + mpv + yt-dlp + ] + ++ lib.optionals pkgs.stdenv.isDarwin [ vlc-bin ] + ++ lib.optionals pkgs.stdenv.isLinux [ + vlc + amarok + clementine + kdePackages.elisa + musescore + tenacity + soundkonverter + #nur.repos.fooker.studio-link + ]; - cliApps = - [ - coreutils - myVim - htop - tmux - httpie - rsync - ponysay - gti - tree - lsof - mosh - openssh - sshfs-fuse - sshuttle - cryfs - thefuck - gnupg - unar - lzop - p7zip - pwgen - pandoc - pdfgrep - # zig dependency breaks occasionally, stay on C version for now - ncdu_1 - dos2unix - unzip - fswatch - jq - age - lnav - spacer + cliApps = [ + coreutils + myVim + htop + tmux + httpie + rsync + ponysay + gti + tree + lsof + mosh + openssh + sshfs-fuse + sshuttle + cryfs + thefuck + gnupg + unar + lzop + p7zip + pwgen + pandoc + pdfgrep + # zig dependency breaks occasionally, stay on C version for now + ncdu_1 + dos2unix + unzip + fswatch + jq + age + lnav + spacer - nix-output-monitor # putting this here as a plain `nix` alternative - ] - ++ lib.optionals pkgs.stdenv.isLinux [ - xclip - smbnetfs # for FUSE smb mounting - psmisc # for killall - torsocks - agrep - reptyr # re-bind running program to other tty - ]; + nix-output-monitor # putting this here as a plain `nix` alternative + ] + ++ lib.optionals pkgs.stdenv.isLinux [ + xclip + smbnetfs # for FUSE smb mounting + psmisc # for killall + torsocks + agrep + reptyr # re-bind running program to other tty + ]; nixHelpers = [ nixpkgs-review @@ -101,30 +98,29 @@ let nix-top statix ]; - devTools = - [ - curl - httpie - gcc - shellcheck - mtr - ripgrep - fd - gitui - pre-commit - scriv + devTools = [ + curl + httpie + gcc + shellcheck + mtr + ripgrep + fd + gitui + pre-commit + scriv - # Haskell - ghc - cabal2nix - ] - ++ lib.optionals pkgs.stdenv.isLinux [ - gdb - strace - ltrace - valgrind - zeal - ]; + # Haskell + ghc + cabal2nix + ] + ++ lib.optionals pkgs.stdenv.isLinux [ + gdb + strace + ltrace + valgrind + zeal + ]; pythonTools = with python3Packages; [ python # to shadow old macOS python @@ -196,33 +192,32 @@ let chromedriver ]; - kdeTools = - [ - okteta - plasma5Packages.kdeconnect-kde - ] - ++ (with kdePackages; [ - okular - gwenview - yakuake - dolphin - spectacle - kate - kleopatra - qdirstat - ark - kwalletmanager - #ktouch # TODO: unbreak - kcharselect - konversation - krdc - skanlite - akonadiconsole - tokodon # mastodon client - networkmanager-qt - kcrash - breeze-gtk - ]); + kdeTools = [ + okteta + plasma5Packages.kdeconnect-kde + ] + ++ (with kdePackages; [ + okular + gwenview + yakuake + dolphin + spectacle + kate + kleopatra + qdirstat + ark + kwalletmanager + #ktouch # TODO: unbreak + kcharselect + konversation + krdc + skanlite + akonadiconsole + tokodon # mastodon client + networkmanager-qt + kcrash + breeze-gtk + ]); in { options.schmittlauch.packages = { diff --git a/home/workmac.nix b/home/workmac.nix index 5227db0..f0803ec 100644 --- a/home/workmac.nix +++ b/home/workmac.nix @@ -66,26 +66,25 @@ in contacts = import "${inputs.mysecrets}/contacts.nix" { inherit lib; }; in { - includes = - [ - { - condition = "gitdir:~/src/schmittlauch/"; - contents = { - user = { - inherit (contacts.schmittlauch) name email; - }; - }; - } - ] - # set default name for several other common locations - ++ map (dir: { - condition = "gitdir:${dir}"; + includes = [ + { + condition = "gitdir:~/src/schmittlauch/"; contents = { user = { - inherit (contacts.work) name email; + inherit (contacts.schmittlauch) name email; }; }; - }) [ "~/" ]; + } + ] + # set default name for several other common locations + ++ map (dir: { + condition = "gitdir:${dir}"; + contents = { + user = { + inherit (contacts.work) name email; + }; + }; + }) [ "~/" ]; }; # some extra shell scripts From 633c93f1e0a43de91440c78ae731671bdaf6497d Mon Sep 17 00:00:00 2001 From: Trolli Schmittlauch Date: Wed, 30 Jul 2025 21:23:06 +0200 Subject: [PATCH 2/3] add nixfmt commit to ignored revisions --- .git-blame-ignore-revs | 1 + 1 file changed, 1 insertion(+) create mode 100644 .git-blame-ignore-revs diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs new file mode 100644 index 0000000..fb5a3ba --- /dev/null +++ b/.git-blame-ignore-revs @@ -0,0 +1 @@ +ce54be9aac846c7798307d6d6fcee3346c01f601 From 18adff4c5260d4e2b9b79411affeff4626ba88fe Mon Sep 17 00:00:00 2001 From: Trolli Schmittlauch Date: Wed, 30 Jul 2025 21:24:38 +0200 Subject: [PATCH 3/3] home/modules/captive-browser: init module starting with Chrome/ Chromium only by copying command from https://github.com/FiloSottile/captive-browser/ --- home/common.nix | 1 + home/modules/captive-browser.nix | 77 ++++++++++++++++++++++++++++++++ home/workmac.nix | 5 +++ 3 files changed, 83 insertions(+) create mode 100644 home/modules/captive-browser.nix diff --git a/home/common.nix b/home/common.nix index c2c5264..b8dc67f 100644 --- a/home/common.nix +++ b/home/common.nix @@ -11,6 +11,7 @@ ./modules/packages.nix ./modules/vscodium.nix ./modules/fonts.nix + ./modules/captive-browser.nix ]; home.homeDirectory = if pkgs.stdenv.isDarwin then "/Users/${config.home.username}" else "/home/${config.home.username}"; diff --git a/home/modules/captive-browser.nix b/home/modules/captive-browser.nix new file mode 100644 index 0000000..b07be4c --- /dev/null +++ b/home/modules/captive-browser.nix @@ -0,0 +1,77 @@ +{ + pkgs, + lib, + inputs, + config, + system, + ... +}: + +let + tomlFormat = pkgs.formats.toml { }; + cfg = config.programs.captive-browser; + inherit (pkgs.stdenv.hostPlatform) isDarwin; +in +{ + options.programs.captive-browser = { + enable = lib.mkEnableOption "Enable custom captive-browser in user PATH"; + package = lib.mkPackageOption pkgs "captive-browser" { nullable = true; }; + settings = lib.mkOption { + type = lib.types.submodule { + freeformType = tomlFormat.type; + + options = { + browser = lib.mkOption { + type = lib.types.str; + description = "command to invoke the browser with"; + + # browser is the shell (/bin/sh) command executed once the proxy starts. + # When browser exits, the proxy exits. An extra env var PROXY is available. + # + # Here, we use a separate Chrome instance in Incognito mode, so that + # it can run (and be waited for) alongside the default one, and that + # it maintains no state across runs. To configure this browser open a + # normal window in it, settings will be preserved. + default = '' + ${cfg.browserCommand} \ + --user-data-dir="$HOME/Library/Application Support/Google/Captive" \ + --proxy-server="socks5://$PROXY" \ + --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" \ + --no-first-run --new-window --incognito \ + http://example.com + ''; + }; + }; + }; + }; + interface = lib.mkOption { + type = lib.types.str; + description = "WLAN interface to use"; + }; + browserCommand = lib.mkOption { + type = lib.types.str; + default = if isDarwin then "open -n -W -a \"Google Chrome\" --args" else (lib.getExe pkgs.chromium); + }; + }; + config = lib.mkIf cfg.enable { + home.packages = [ cfg.package ]; + + programs.captive-browser.settings = { + # dhcp-dns is the shell (/bin/sh) command executed to obtain the DHCP + # DNS server address. The first match of an IPv4 regex is used. + # IPv4 only, because let's be real, it's a captive portal. + dhcp-dns = "ipconfig getoption ${cfg.interface} domain_name_server"; + + # socks5-addr is the listen address for the SOCKS5 proxy server. + socks5-addr = "localhost:1666"; + }; + home.file.".config/captive-browser.toml" = lib.mkIf (isDarwin && !config.xdg.enable) { + source = tomlFormat.generate "captive-browser-config" cfg.settings; + }; + + xdg.configFile."captive-browser.toml" = lib.mkIf (!(isDarwin && !config.xdg.enable)) { + source = tomlFormat.generate "captive-browser-config" cfg.settings; + }; + + }; +} diff --git a/home/workmac.nix b/home/workmac.nix index f0803ec..0a9cc65 100644 --- a/home/workmac.nix +++ b/home/workmac.nix @@ -93,6 +93,11 @@ in + import ./scripts/ssh-loop-fc.nix { inherit pkgs lib; } ); + # separate proxied browser using the DHCP-supplied DNS for accessing captive portals + programs.captive-browser = { + enable = true; + interface = "en0"; + }; launchd.agents.hydra_proxy = { enable = true; config = {