diff --git a/nix/home-manager/programs/chromium.nix b/nix/home-manager/programs/chromium.nix index be021d5..e48456e 100644 --- a/nix/home-manager/programs/chromium.nix +++ b/nix/home-manager/programs/chromium.nix @@ -42,22 +42,29 @@ # unhook {id = "khncfooichmfjbepaaaebmommgaepoid";} - - # polkadotjs - {id = "mopnmbcafieddcagagdcbnhejhlodfdd";} ] ++ (lib.lists.optionals ((builtins.match "^steveej.*" name) != null) [ + # polkadotjs + {id = "mopnmbcafieddcagagdcbnhejhlodfdd";} + + # rabby wallet + {id = "acmacodkjbdgmoleebolmdjonilkdbch";} + # Vimium C {id = "hfjbmagddngcpeloejdejnfgbamkjaeg";} # always right {id = "npjpaghfnndnnmjiliibnkmdfgbojokj";} + + # shazam music + {id = "mmioliijnhnoblpgimnlajmefafdfilb";} ]); in { programs.chromium = { enable = true; inherit extensions; - package = pkgs.ungoogled-chromium; + # TODO: extensions currently don't work with ungoogled-chromium + package = pkgs.chromium; }; programs.brave = { @@ -67,6 +74,4 @@ in { && !pkgs.stdenv.targetPlatform.isAarch64; inherit extensions; }; - - programs.browserpass = {browsers = ["chromium" "brave"];}; } diff --git a/nix/os/devices/router0-dmz0/configuration.nix b/nix/os/devices/router0-dmz0/configuration.nix index 1486713..0691c01 100644 --- a/nix/os/devices/router0-dmz0/configuration.nix +++ b/nix/os/devices/router0-dmz0/configuration.nix @@ -909,7 +909,7 @@ in { channel = 0; # 0 would mean Automatic Channel Selection settings = { - # TODO: with 1 the x13s on windows can't connect, however this slows the AP down. + # TODO: this would be faster but x13s on windows can't connect when it's enabled. # ieee80211n = 1; # Exclude DFS channels from ACS @@ -921,6 +921,11 @@ in { # indications of connection loss. This depends on the driver capabilities and # may not be available with all drivers. disassoc_low_ack = 0; + + skip_inactivity_poll = 1; + + # TODO: check if this is required. multicast can be more efficient so it'd be nice to disable this. + multicast_to_unicast = 1; }; # use 'iw phy#1 info' to determine your VHT capabilities @@ -1038,7 +1043,8 @@ in { wmm_enabled = 1; # IEEE 802.11i (authentication) related configuration - # Encrypt management frames to protect against deauthentication and similar attacks + # Encrypt management frames to protect against deauthentication and similar attacks. + # 0 := disabled; 1 := optional; 2 := required ieee80211w = 1; # sae_require_mfp = 1; # sae_groups = "19 20 21"; @@ -1046,147 +1052,12 @@ in { # [ENABLE-TLSv1.3] = enable TLSv1.3 (experimental - disabled by default) tls_flags = "[ENABLE-TLSv1.3]"; - ieee8021x = 1; - eap_server = 1; - - multicast_to_unicast = 0; - - skip_inactivity_poll = 0; - disassoc_low_ack = 0; + ieee8021x = 0; + eap_server = 0; }; }; - - # wlan0-1 = { - # ssid = "mlsia-testing"; - # authentication = { - # mode = "wpa3-sae-transition"; - # }; - - # bssid = mkBssid 1; - # settings = { - # bridge = bridgeInterfaceName; - # }; - # }; - - # wlan0-1 = { - # ssid = "justtestingwifi-wpa3"; - # authentication = { - # mode = "wpa3-sae"; - # saePasswordsFile = config.sops.secrets.wlan0_1_saePasswordFile.path; - # }; - - # bssid = mkBssid 1; - # settings = { - # bridge = bridgeInterfaceName; - # }; - # }; - - # Uncomment when needed otherwise remove - # wlan0-1 = { - # ssid = "koteczkowo3"; - # authentication = { - # mode = "none"; # this is overriden by settings - # }; - # managementFrameProtection = "optional"; - # bssid = "e6:02:43:07:00:00"; - # settings = { - # bridge = bridgeInterfaceName; - # wpa = lib.mkForce 2; - # wpa_key_mgmt = "WPA-PSK"; - # wpa_pairwise = "CCMP"; - # wpa_psk_file = config.sops.secrets.legacyWifiPassword.path; - # }; - # }; }; }; - - # wlan1 = { - # band = "5g"; - # # channels with 160 MHz width in Poland: 36, 52, 100 i 116 - # channel = 0; # ACS - # countryCode = "PL"; - - # # use 'iw phy#1 info' to determine your VHT capabilities - # wifi4 = { - # enable = true; - # capabilities = ["HT40+" "LDPC" "SHORT-GI-20" "SHORT-GI-40" "TX-STBC" "RX-STBC1" "MAX-AMSDU-7935"]; - # }; - # wifi5 = { - # enable = true; - # operatingChannelWidth = "160"; - # capabilities = ["RXLDPC" "SHORT-GI-80" "SHORT-GI-160" "TX-STBC-2BY1" "SU-BEAMFORMER" "SU-BEAMFORMEE" "MU-BEAMFORMER" "MU-BEAMFORMEE" "RX-ANTENNA-PATTERN" "TX-ANTENNA-PATTERN" "RX-STBC-1" "SOUNDING-DIMENSION-4" "BF-ANTENNA-4" "VHT160" "MAX-MPDU-11454" "MAX-A-MPDU-LEN-EXP7"]; - # }; - # wifi6 = { - # enable = true; - # singleUserBeamformer = true; - # singleUserBeamformee = true; - # multiUserBeamformer = true; - # operatingChannelWidth = "160"; - # }; - # settings = { - # # these two are mandatory for wifi 5 & 6 to work - # vht_oper_centr_freq_seg0_idx = 50; - # he_oper_centr_freq_seg0_idx = 50; - - # # The "tx_queue_data2_burst" parameter in Linux refers to the burst size for - # # transmitting data packets from the second data queue of a network interface. - # # It determines the number of packets that can be sent in a burst. - # # Adjusting this parameter can impact network throughput and latency. - # tx_queue_data2_burst = 2; - - # # The "he_bss_color" parameter in Wi-Fi 6 (802.11ax) refers to the BSS Color field in the HE (High Efficiency) MAC header. - # # BSS Color is a mechanism introduced in Wi-Fi 6 to mitigate interference and improve network efficiency in dense deployment scenarios. - # # It allows multiple overlapping Basic Service Sets (BSS) to differentiate and coexist in the same area without causing excessive interference. - # he_bss_color = 63; # was set to 128 by openwrt but range of possible values in 2.10 is 1-63 - - # # Magic values that were set by openwrt but I didn't bother inspecting every single one - # he_spr_sr_control = 3; - # he_default_pe_duration = 4; - # he_rts_threshold = 1023; - - # he_mu_edca_qos_info_param_count = 0; - # he_mu_edca_qos_info_q_ack = 0; - # he_mu_edca_qos_info_queue_request = 0; - # he_mu_edca_qos_info_txop_request = 0; - - # # he_mu_edca_ac_be_aci=0; missing in 2.10 - # he_mu_edca_ac_be_aifsn = 8; - # he_mu_edca_ac_be_ecwmin = 9; - # he_mu_edca_ac_be_ecwmax = 10; - # he_mu_edca_ac_be_timer = 255; - - # he_mu_edca_ac_bk_aifsn = 15; - # he_mu_edca_ac_bk_aci = 1; - # he_mu_edca_ac_bk_ecwmin = 9; - # he_mu_edca_ac_bk_ecwmax = 10; - # he_mu_edca_ac_bk_timer = 255; - - # he_mu_edca_ac_vi_ecwmin = 5; - # he_mu_edca_ac_vi_ecwmax = 7; - # he_mu_edca_ac_vi_aifsn = 5; - # he_mu_edca_ac_vi_aci = 2; - # he_mu_edca_ac_vi_timer = 255; - - # he_mu_edca_ac_vo_aifsn = 5; - # he_mu_edca_ac_vo_aci = 3; - # he_mu_edca_ac_vo_ecwmin = 5; - # he_mu_edca_ac_vo_ecwmax = 7; - # he_mu_edca_ac_vo_timer = 255; - # }; - # networks = { - # wlan1 = { - # ssid = "koteczkowo5"; - # authentication = { - # mode = "wpa3-sae"; - # saePasswordsFile = config.sops.secrets.wifiPassword.path; # Use saePasswordsFile if possible. - # }; - # bssid = "36:b9:02:21:08:a2"; - # settings = { - # bridge = bridgeInterfaceName; - # }; - # }; - # }; - # }; }; }; diff --git a/nix/os/devices/steveej-x13s/configuration.nix b/nix/os/devices/steveej-x13s/configuration.nix index 5ecc54b..16727f0 100644 --- a/nix/os/devices/steveej-x13s/configuration.nix +++ b/nix/os/devices/steveej-x13s/configuration.nix @@ -156,6 +156,7 @@ ../../snippets/holo-zerotier.nix + # experiment with k3s, nix-snapshotter, and nixos images { # (1) Import nixos module. imports = [ @@ -218,8 +219,6 @@ ../../../home-manager/configuration/graphical-fullblown.nix ]; - services.syncthing.enable = lib.mkForce false; - home.sessionVariables = {}; home.packages = with pkgs; [ @@ -227,7 +226,6 @@ # TODO: currently unsupported services.gammastep.enable = lib.mkForce false; - # programs.chromium.enable = lib.mkForce false; }; boot = { @@ -235,23 +233,6 @@ loader.efi.canTouchEfiVariables = lib.mkForce false; loader.efi.efiSysMountPoint = "/boot"; blacklistedKernelModules = ["wwan"]; - - # kernelParams = let - # dtbName = "sc8280xp-lenovo-thinkpad-x13s.dtb"; - # in lib.mkForce [ - # # needed to boot - # "dtb=${dtbName}" - - # # jhovold recommended - # "efi=noruntime" - # "clk_ignore_unused" - # "pd_ignore_unused" - # # "regulator_ignore_unused" - # "arm64.nopauth" - - # # blacklist graphics in initrd so the firmware can load from disk - # "rd.driver.blacklist=msm" - # ]; }; hardware.firmware = lib.mkBefore [ diff --git a/nix/os/devices/steveej-x13s/flake.lock b/nix/os/devices/steveej-x13s/flake.lock index 4cb431c..dcad237 100644 --- a/nix/os/devices/steveej-x13s/flake.lock +++ b/nix/os/devices/steveej-x13s/flake.lock @@ -44,11 +44,11 @@ ] }, "locked": { - "lastModified": 1721266288, - "narHash": "sha256-MsyTzXu9CJVcBr44ct8ILKF/Ro7VlF+tVZTylzAoXSs=", + "lastModified": 1722476845, + "narHash": "sha256-7gZ8uf3qOox8Vrwd+p9EhUHHLhhK8lis/5KcXGmIaow=", "owner": "nix-community", "repo": "disko", - "rev": "e8e8d9a3a9c1d0e654ccda7834bf0288a9d15c47", + "rev": "7e1b215a0a96efb306ad6440bf706d2b307dc267", "type": "github" }, "original": { @@ -181,11 +181,11 @@ "mobile-nixos": { "flake": false, "locked": { - "lastModified": 1721250279, - "narHash": "sha256-S47+MFnArDvR7OFCXU0BQoyLCBwSZws+t+bany7Ol6w=", + "lastModified": 1722056346, + "narHash": "sha256-50fcuCppaLMfSOTFO4IkCBs4folToCwlhTgc6IdZFHg=", "owner": "NixOS", "repo": "mobile-nixos", - "rev": "472073a51745cca03257cf625582252cdd04ec21", + "rev": "717ce90cfadffa449480bae2e155185c651e9993", "type": "github" }, "original": { @@ -203,11 +203,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1721210676, - "narHash": "sha256-6hwlFcRPbfW+tOrKnnx3AL/yWjXqkXHoiIpbFsPMEAg=", + "lastModified": 1722421086, + "narHash": "sha256-Po8GvfDt4O646w1IDIcRdiRIxnqVLv/OwBhr5nOazLw=", "owner": "threefoldtech", "repo": "mycelium", - "rev": "767060eb8bd5abcc8e375bdb8f0984bcb27936da", + "rev": "e4d7be8556b259a2204f19d6a0537da3aa7d7a3e", "type": "github" }, "original": { @@ -259,11 +259,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1721131656, - "narHash": "sha256-0EoouVAaS8GHZJitpzQ9S4s4Gps4hkzr8yQcgYkLxwo=", + "lastModified": 1722396240, + "narHash": "sha256-t4C/I1CttOGFLYzzjd6zNOPvPleykqbPwO0YT19S6jI=", "ref": "refs/heads/main", - "rev": "f1a2bace41471300aa2b0c5c98e6e37087532e16", - "revCount": 91, + "rev": "a59ae21e47538cecddadc220ea16a7b8e2485f66", + "revCount": 97, "type": "git", "url": "https://codeberg.org/adamcstephens/nixos-x13s" }, @@ -302,11 +302,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1720957393, - "narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=", + "lastModified": 1722421184, + "narHash": "sha256-/DJBI6trCeVnasdjUo9pbnodCLZcFqnVZiLUfqLH4jA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "693bc46d169f5af9c992095736e82c3488bf7dbb", + "rev": "9f918d616c5321ad374ae6cb5ea89c9e04bf3e58", "type": "github" }, "original": { @@ -318,11 +318,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1720957393, - "narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=", + "lastModified": 1722062969, + "narHash": "sha256-QOS0ykELUmPbrrUGmegAUlpmUFznDQeR4q7rFhl8eQg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "693bc46d169f5af9c992095736e82c3488bf7dbb", + "rev": "b73c2221a46c13557b1b3be9c2070cc42cf01eb3", "type": "github" }, "original": { @@ -334,11 +334,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1720954236, - "narHash": "sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs=", + "lastModified": 1722372011, + "narHash": "sha256-B2xRiC3NEJy/82ugtareBkRqEkPGpMyjaLxaR8LBxNs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "53e81e790209e41f0c1efa9ff26ff2fd7ab35e27", + "rev": "cf05eeada35e122770c5c14add958790fcfcbef5", "type": "github" }, "original": { diff --git a/nix/os/devices/steveej-x13s/flake.nix b/nix/os/devices/steveej-x13s/flake.nix index 251ff89..4e3f1a9 100644 --- a/nix/os/devices/steveej-x13s/flake.nix +++ b/nix/os/devices/steveej-x13s/flake.nix @@ -9,9 +9,6 @@ disko.inputs.nixpkgs.follows = "nixpkgs"; - mobile-nixos.url = "github:NixOS/mobile-nixos"; - mobile-nixos.flake = false; - home-manager = { url = "github:nix-community/home-manager/release-24.05"; inputs.nixpkgs.follows = "nixpkgs";