From 4e869e2a39e20c0a6c184feac44b7eef30939842 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 31 Mar 2025 19:13:04 -0500 Subject: [PATCH 1/4] feat: added bookmarks --- .../config/bookmarks/config/shopping.nix | 25 +++++-------------- .../config/bookmarks/config/socialMedia.nix | 9 +++++++ 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/shopping.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/shopping.nix index 871c0e3..5bfb498 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/shopping.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/shopping.nix @@ -34,15 +34,14 @@ keyword = "Five"; } { - name = "FTY Supplies"; - url = "https://fytsupplies.ca"; + name = "Instacart"; + url = "https://www.instacart.ca"; tags = [ - "tattoo tat" - "fyt" - "shopping" - "supply" + "instacart" + "food" + "grocery" ]; - keyword = "FYT"; + keyword = "Instacart"; } { name = "Skip the Dishes"; @@ -64,17 +63,5 @@ ]; keyword = "Uber"; } - { - name = "TatSoul"; - url = "https://www.tatsoul.com"; - tags = [ - "tattoo" - "tat" - "tatsoul" - "shopping" - "supply" - ]; - keyword = "TatSoul"; - } ]; } diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/socialMedia.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/socialMedia.nix index d83ad21..27839b6 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/socialMedia.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/socialMedia.nix @@ -71,6 +71,15 @@ in ]; keyword = "Lem"; } + { + name = "Instagram"; + url = "https://www.instagram.com/"; + tags = [ + "instagram" + "insta" + ]; + keyword = "IG"; + } { name = "OnlyFans"; url = "https://onlyfans.com"; From 9fdc5cf16071828d5bb9e6ebedf4411efc018d68 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 31 Mar 2025 19:13:24 -0500 Subject: [PATCH 2/4] feat: updated justfile --- profiles/user0/default.nix | 41 +++++++++++++++++++++++++------------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/profiles/user0/default.nix b/profiles/user0/default.nix index 6600e83..b74069c 100755 --- a/profiles/user0/default.nix +++ b/profiles/user0/default.nix @@ -10,6 +10,7 @@ let inherit (flake.config.people) user0; inherit (flake.config.machines) devices; inherit (flake.config.people.users.${user0}) name paths; + hostname = config.networking.hostName; in { @@ -47,24 +48,36 @@ in username = user0; homeDirectory = "/home/${user0}"; file = { - "./justfile" = { - text = '' - vpn: - sudo protonvpn c --c CA + "./justfile" = + let + mars = devices.mars; + deimos = devices.deimos; + deviceLogic = if hostname == mars.name then deimos else mars; + in + { + text = '' + vpn: + sudo protonvpn c --c CA - vpnoff: - sudo protonvpn d + vpnoff: + sudo protonvpn d - rebuild: - nixos-rebuild switch --use-remote-sudo --flake ~/Files/Projects/dotfiles#${hostname} --show-trace + rebuild: + nixos-rebuild switch --use-remote-sudo --flake ~/Files/Projects/dotfiles#${hostname} --show-trace - elm: - cd ~/Files/Projects/website/frontend ; elm-land server + update: + nix flake update --flake ~/Files/Projects/dotfiles - server: - ssh ${devices.ceres.ip.address0} - ''; - }; + elm: + cd ~/Files/Projects/website/frontend ; elm-land server + + server: + ssh ${devices.ceres.ip.address0} + + ${deviceLogic.name}: + ssh ${deviceLogic.ip.address0} + ''; + }; "./Files/Scripts/list.sh" = { source = ./files/list.sh; executable = true; From a63523712523fb3b9947a666480c7695c2fb39d7 Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 31 Mar 2025 19:47:20 -0500 Subject: [PATCH 3/4] feat: added espanso --- modules/home/default.nix | 3 +- .../home/gui/apps/tools/espanso/default.nix | 43 +++++++++++++++++++ 2 files changed, 45 insertions(+), 1 deletion(-) create mode 100755 modules/home/gui/apps/tools/espanso/default.nix diff --git a/modules/home/default.nix b/modules/home/default.nix index 6a13da2..6195e3d 100755 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -180,6 +180,7 @@ in theming polychromatic dolphin + espanso ; }; }; @@ -206,7 +207,7 @@ in ; }; }; - "${deimos.name}-${user2}" = { + "${deimos.name}-${user2}" = { imports = builtins.attrValues { inherit (modules) cli diff --git a/modules/home/gui/apps/tools/espanso/default.nix b/modules/home/gui/apps/tools/espanso/default.nix new file mode 100755 index 0000000..6b0e7a9 --- /dev/null +++ b/modules/home/gui/apps/tools/espanso/default.nix @@ -0,0 +1,43 @@ +{ pkgs, ... }: +{ + services.espanso = { + enable = true; + package = pkgs.espanso-wayland; + matches = { + base = { + matches = [ + { + trigger = ":now"; + replace = "It's {{currentdate}} {{currenttime}}"; + } + { + trigger = ":hello"; + replace = "line1\nline2"; + } + { + regex = ":hi(?P.*)\\."; + replace = "Hi {{person}}!"; + } + ]; + }; + global_vars = { + global_vars = [ + { + name = "currentdate"; + type = "date"; + params = { + format = "%d/%m/%Y"; + }; + } + { + name = "currenttime"; + type = "date"; + params = { + format = "%R"; + }; + } + ]; + }; + }; + }; +} From a7ed1629e89b9c295a54857e48c6a74a5429f50d Mon Sep 17 00:00:00 2001 From: Nick Date: Mon, 31 Mar 2025 22:53:08 -0500 Subject: [PATCH 4/4] feat: added wireguard --- modules/config/instances/config/wireGuard.nix | 18 +++++ modules/home/default.nix | 1 + modules/nixos/default.nix | 1 + modules/nixos/services/wireGuard/default.nix | 67 +++++++++++++++++++ profiles/user0/default.nix | 15 ++++- secrets/secrets.yaml | 8 ++- 6 files changed, 105 insertions(+), 5 deletions(-) create mode 100644 modules/config/instances/config/wireGuard.nix create mode 100644 modules/nixos/services/wireGuard/default.nix diff --git a/modules/config/instances/config/wireGuard.nix b/modules/config/instances/config/wireGuard.nix new file mode 100644 index 0000000..49d6824 --- /dev/null +++ b/modules/config/instances/config/wireGuard.nix @@ -0,0 +1,18 @@ +{ instancesFunctions }: +let + inherit (instancesFunctions) + sopsPath + ; + + wireGuardLabel = "WireGuard"; + wireGuardName = "wireguard"; +in +{ + label = wireGuardLabel; + name = wireGuardName; + sops = { + path0 = "${sopsPath}/${wireGuardName}"; + }; + ports = { + }; +} diff --git a/modules/home/default.nix b/modules/home/default.nix index 6195e3d..c21cf84 100755 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -62,6 +62,7 @@ in theming polychromatic dolphin + espanso ; }; }; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 3d0b078..d17d1b3 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -17,6 +17,7 @@ in flatpak plasma sddm + wireGuard ; }; }; diff --git a/modules/nixos/services/wireGuard/default.nix b/modules/nixos/services/wireGuard/default.nix new file mode 100644 index 0000000..75b1e38 --- /dev/null +++ b/modules/nixos/services/wireGuard/default.nix @@ -0,0 +1,67 @@ +{ config, flake, ... }: +let + inherit (flake.config.services.instances) wireGuard; + service = wireGuard; + + wireGuardInterface = + { + secret, + publicKey, + endpoint, + }: + { + name = "Proton-${secret}"; + value = { + autostart = false; + address = [ "10.2.0.2/32" ]; + dns = [ "10.2.0.1" ]; + privateKeyFile = config.sops.secrets."${service.name}-${secret}".path; + peers = [ + { + inherit publicKey endpoint; + allowedIPs = [ "0.0.0.0/0,::/0" ]; + persistentKeepalive = 25; + } + ]; + }; + }; + + interfaces = [ + { + secret = "CA363"; + publicKey = "9mTDh5Tku0gxDdzqxnpnzItHQBm2h2B2hXnUHvhGCFw="; + endpoint = "149.88.97.110:51820"; + } + { + secret = "CA220"; + publicKey = "UR8vjVYrrWYadCwLKiAabKTIdxM4yikmCXnvKWm89D8="; + endpoint = "139.28.218.130:51820"; + } + { + secret = "CA358"; + publicKey = "9mTDh5Tku0gxDdzqxnpnzItHQBm2h2B2hXnUHvhGCFw="; + endpoint = "149.88.97.110:51820"; + } + { + secret = "CA627"; + publicKey = "xLFgU430Tt7PdHJydVbIKvtjXJodoPpGKW7fhF7XE2k="; + endpoint = "139.28.218.130:51820"; + } + ]; + + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}"; + owner = "root"; + mode = "600"; + }; +in +{ + networking.wg-quick.interfaces = builtins.listToAttrs (map wireGuardInterface interfaces); + + sops.secrets = builtins.listToAttrs ( + map (interface: { + name = "${service.name}-${interface.secret}"; + value = sopsPath interface.secret; + }) interfaces + ); +} diff --git a/profiles/user0/default.nix b/profiles/user0/default.nix index b74069c..aa1fb43 100755 --- a/profiles/user0/default.nix +++ b/profiles/user0/default.nix @@ -56,11 +56,20 @@ in in { text = '' - vpn: - sudo protonvpn c --c CA + vpn0: + sudo systemctl start wg-quick-Proton-CA363.service + + vpn1: + sudo systemctl start wg-quick-Proton-CA220.service + + vpn2: + sudo systemctl start wg-quick-Proton-CA358.service + + vpn3: + sudo systemctl start wg-quick-Proton-CA627.service vpnoff: - sudo protonvpn d + sudo systemctl stop wg-quick-Proton-*.service rebuild: nixos-rebuild switch --use-remote-sudo --flake ~/Files/Projects/dotfiles#${hostname} --show-trace diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index be2263f..f6bfdf6 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -30,6 +30,10 @@ nextcloud-user2: ENC[AES256_GCM,data:axrWMmouq5gwqdGL,iv:BPHEn47z2g7gocKO4g5vV4Z nextcloud-user3: ENC[AES256_GCM,data:g6ldEdtBuEmPAQYAQfaO,iv:6fElE2vZh9l/KgJuNevklpIlZZdqGHgwhnOzq1n3ojE=,tag:T0Q1IkdVTeW2T1FmGnjz8A==,type:str] claude-api-key: ENC[AES256_GCM,data:QzGJPBnqx4PrDjNvGeyjl0B/W9pkBS4YWK/lrDK4sx0/eBbwMk2qvi03wOhVfvz71UVRpDIZ0F3eVtB8h8Nr94Ha/8IlFQtKxrh60XIzUs/GLB2jKZursZny8IjqZMrt9YHFOphqAWawB33g,iv:XKPqQ0sGukhy0bPXATYwjJMAfSkXdeanc4kULb5TWmA=,tag:vmH+pzU5qoOF5W0fhVfhDA==,type:str] searx-key: ENC[AES256_GCM,data:kzKWa4xCKDEWocyMmK8FWyAqHM7BuJ1f63XFfO8Dtig=,iv:Vs27/ri4nBzJ/A0LnxsCZD/kYraFZ6tD63VhUqYFwx8=,tag:8gx+j7RenuRzjj0AY5v8uQ==,type:str] +wireguard-CA363: ENC[AES256_GCM,data:iGiAjP5Dbw0kXR3iM50YTS8jBXODNr//W/0OPMAiu1GVC5m8StgsC5uaYEU=,iv:wffyNFWZ36vUjUVMCwo7w16pWWDvnPOUli3tIa/M3S4=,tag:yu7Xl+Ehg1uhzQ3rONSCbA==,type:str] +wireguard-CA220: ENC[AES256_GCM,data:rNy/IMKqAOsgMUu5r8BZsjTCu0L5fDDDV3/g+pkhW1y44Y2rqhhsZgcXG5M=,iv:onyHBn4npqiwC/v37SOMJLLhdfcrtvPmKbMVTgxaSQg=,tag:OmXDL3oYCDPwH1yBsKAYKQ==,type:str] +wireguard-CA358: ENC[AES256_GCM,data:/VewmiNfRc9/wSE7TT+z1F9LLIvr/5wPsQZ/zBwAh3dEi9yswOGyde2b/XQ=,iv:7U5dmqFiwhCoL1moGSfHprv85o5TdMr6T2sNk5gH82I=,tag:T1hqh8CiO2iBa+ksaiKCtA==,type:str] +wireguard-CA627: ENC[AES256_GCM,data:chmDsH2nE0nagjFRZWuxX08/Ykt+rIgCHYkMHd+7nIqihK5SebF7MJlrp84=,iv:NVOlGE7W70nQ0UM/i5WixJvDULO3Y4cLf8h+OAGHhQQ=,tag:L123ShCnr9+kIg1itIoqBA==,type:str] sops: kms: [] gcp_kms: [] @@ -45,8 +49,8 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-03-08T06:46:18Z" - mac: ENC[AES256_GCM,data:bFmkUxQE7Jl6I/FdpsWzbAu5/g9rLYH5C9jRRwY0ln+ZAANXaxfEYj5oeMZA0lDdgCJ07Hnt0RZdyYp/jyNzY+om16qKqRxv6qpqE89jfK937LsMxc6HJcuGQQcA/1QgSCU9OLWqdbDZxik3twemQd3aPAaHLF1ZEM7tx0gCOgQ=,iv:NizgZd2mb5sXm7oxRcpVKRAIyw75dASuP0eGzhBKOM8=,tag:K0rzvjQFB++gioKobt1Sow==,type:str] + lastmodified: "2025-04-01T03:33:13Z" + mac: ENC[AES256_GCM,data:zGnWN7U7d2+REQ1Iy2JEY92hWtS3Lxl6uqG4/kVGwE5fxj65gv1cv/38ulNUhCGY9BEiOpDzQBgoAy9WmvsKathHb7z9NEXrHpVtvNgRJVfVjuduZgGvrAFRLFXV1iLfQXk8wl64/e5YXD1Cbs80+ky9kmA4nl/rM0rlEkK+WOo=,iv:YL+Jv6yfe7/EASfDNkdFhOw29iXRS3rdPAplEE3i1hE=,tag:7NLlenTFk0hIyf+FEa3oJg==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.4