flake.lock

certs/tinternet.crt

@@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE-----
+MIIB0DCCAXagAwIBAgIRAKk5OC0K/5fULwXrMQuONpIwCgYIKoZIzj0EAwIwRjEd
+MBsGA1UEChMUQ2VydGlmaWNhdGVBdXRob3JpdHkxJTAjBgNVBAMTHENlcnRpZmlj
+YXRlQXV0aG9yaXR5IFJvb3QgQ0EwHhcNMjMxMTA0MDIwMzU1WhcNMzMxMTAxMDIw
+MzU1WjBGMR0wGwYDVQQKExRDZXJ0aWZpY2F0ZUF1dGhvcml0eTElMCMGA1UEAxMc
+Q2VydGlmaWNhdGVBdXRob3JpdHkgUm9vdCBDQTBZMBMGByqGSM49AgEGCCqGSM49
+AwEHA0IABKZzRX5AdjTTzkPr3tUw4SiTYI85sDsrvh7qWCSY70htRk/ldo3q1C3+
+Y1h11ZHha9niYPFEQbAyvupM8nw2hrejRTBDMA4GA1UdDwEB/wQEAwIBBjASBgNV
+HRMBAf8ECDAGAQH/AgEBMB0GA1UdDgQWBBRPy7zJUi60Mx1uvJVL9rD8+XK+3jAK
+BggqhkjOPQQDAgNIADBFAiEAsA5ha5E/pv4UBdIX0XmYqk905hch9YkM0aM1idXK
+2/QCIDQMv88O698/domTyYnIHi2qoSyEl3aKTbntgGE/CNHj
+-----END CERTIFICATE-----
+

home/config/hypr/config.d/keybinds.conf

@@ -7,7 +7,7 @@ bind = $mod, J, togglesplit
 bind = $mod, F, fullscreen
 
 bind = $mod, L, exec, hyprlock
-bind = $mod SHIFT, L, exec, killall Hyprland
+bind = $mod SHIFT, L, exec, killall dbus-run-session
 
 bind = $mod SHIFT, Q, killactive
 bind = $mod, F5, exec, sh -c 'killall waybar; waybar --config ~/.config/waybar/config.hypr'

home/config/hypr/hyprland.conf

@@ -9,7 +9,7 @@ $scale = 1.25
 $radius = 5
 $border = 2
 
-$browser = librewolf
+$browser = firefox
 
 source = ~/.config/hypr/config.d/plugins.conf
 source = ~/.config/hypr/config.d/colors.conf

home/config/hypr/scripts.d/autostart.sh

@@ -15,3 +15,13 @@ gtk-launch thunderbird &
 
 hyprpaper &
 hypridle &
+
+sleep 0.5
+killall -e xdg-desktop-portal-hyprland
+killall xdg-desktop-portal-gtk
+killall xdk-desktop-portal
+sleep 0.5
+$GUIX_PROFILE/libexec/xdg-desktop-portal-gtk &
+$GUIX_PROFILE/libexec/xdg-desktop-portal-hyprland &
+sleep 2
+$GUIX_PROFILE/libexec/xdg-desktop-portal &

home/config/hypr/scripts.d/systemd.sh

@@ -1,16 +0,0 @@
-#!/bin/sh
-
-systemctl --user set-environment XDG_CURRENT_DESKTOP=Hyprland
-systemctl --user import-environment DISPLAY \
-									WAYLAND_DISPLAY \
-									XDG_CURRENT_DESKTOP \
-									GTK_THEME \
-									QT_QPA_PLATFORMTHEME
-
-
-hash dbus-update-activation-environment 2>/dev/null && \
-	 dbus-update-activation-environment --systemd DISPLAY \
-												  XDG_CURRENT_DESKTOP=Hyprland \
-												  WAYLAND_DISPLAY \
-												  GTK_THEME \
-												  QT_QPA_PLATFORMTHEME

home/config/sway/config

@@ -26,7 +26,7 @@ set $blur_radius 10
 set $blur_passes 3
 
 # Set browser
-set $browser librewolf
+set $browser firefox
 
 # System configs
 include /etc/sway/config.d/*

home/config/xdg/mimeapps.list

@@ -1,5 +1,5 @@
 [Default Applications]
-text/html=librewolf.desktop
+text/html=firefox.desktop
 image/png=imv.desktop
 image/jpeg=imv.desktop
 image/webp=imv.desktop
@@ -14,10 +14,10 @@ audio/mp3=mpv.desktop
 audio/wav=mpv.desktop
 application/pdf=org.pwmt.zathura.desktop
 application/x-shellscript=nvim.desktop
-x-scheme-handler/http=librewolf.desktop
+x-scheme-handler/http=firefox.desktop
-x-scheme-handler/https=librewolf.desktop
+x-scheme-handler/https=firefox.desktop
-x-scheme-handler/about=librewolf.desktop
+x-scheme-handler/about=firefox.desktop
-x-scheme-handler/unknown=librewolf.desktop
+x-scheme-handler/unknown=firefox.desktop
 x-scheme-handler/mspa=unofficial-homestuck-collection.desktop
 
 [Added Associations]

home/home.nix

@@ -1,37 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-  # Home Manager needs a bit of information about you and the paths it should
-  # manage.
-  home.username = "freya";
-  home.homeDirectory = "/home/freya";
-  home.stateVersion = "24.05"; # Please read the comment before changing.
-
-  # This value will set some environment variables to allow home-manager to
-  # function better outside of NixOS
-  nixpkgs.config.allowUnfree = true;
-  targets.genericLinux.enable = true;
-  fonts.fontconfig.enable = true;
-
-  # The home.packages option allows you to install Nix packages into your
-  # environment.
-  home.packages = with pkgs; [
-    # Main packages
-    starship
-    discord
-    thunderbird
-    cider
-
-    # Rust
-    rustup
-    gcc-unwrapped
-    openssl
-
-    # Java
-    jdk
-  ];
-
-  # Let Home Manager install and manage itself.
-  programs.home-manager.enable = true;
-}
-

home/home.scm

@@ -58,7 +58,6 @@
                                                     "network-manager-applet"
                                                     "wl-clip-persist"
                                                     "easyeffects"
-                                                    "librewolf-wrapped"
                                                     "gamescope"
                                                     "overskride"
 
@@ -67,8 +66,11 @@
                                                     "lavanda-gtk-theme"
                                                     "mint-themes"
 
+                                                    ;qt
+                                                    "qtbase"
+                                                    "qtwayland"
+
                                                     ; terminal
-                                                    "alacritty"
                                                     "kitty"
                                                     "neovim"
 
@@ -97,7 +99,6 @@
                                                     "gcc-toolchain"
                                                     "clang-toolchain"
                                                     "rust"
-                                                    "racket"
                                                     "python"
 
                                                     ; social
@@ -162,7 +163,9 @@
                     ("user-dirs.dirs" ,(local-file "config/xdg/user-dirs.dirs" #:recursive? #t))
                     ("xdg-desktop-portal/portals.conf" ,(local-file "config/xdg/portals.conf"))
                     ("starship.toml" ,(local-file "config/starship/starship.toml" #:recursive? #t))
-                    ("home-manager/home.nix" ,(local-file "home.nix" #:recursive? #t)) ))
+                    ("home-manager" ,(local-file "nix" #:recursive? #t))
+                    ("nix/nix.conf" ,(local-file "nix/nix.conf"))
+                    ))
 
          (service home-files-service-type
                   `((".local/share/nvim/site/autoload/plug.vim" ,(file-append vim-plug "/share/vim/plug.vim"))
@@ -172,7 +175,7 @@
                     (".local/share/applications" ,(local-file "local/applications" #:recursive? #t))
                     (".local/share/icons" ,(local-file "local/icons" #:recursive? #t))
                     (".local/share/dbus-1/services" ,(local-file "local/dbus/services" #:recursive? #t))
-                    (".nix-channels" ,(local-file "nix-channels"))
+                    (".nix-channels" ,(local-file "nix/nix-channels"))
                     (".gitconfig" ,(local-file "config/git/gitconfig"))))
 
          (service home-syncthing-service-type

home/nix/flake.lock

@@ -0,0 +1,49 @@
+{
+  "nodes": {
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1726989464,
+        "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-24.05",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1730651795,
+        "narHash": "sha256-XGYmN3WdyGU8FasWLPjL1Yvm9L9GJ0h62fMgCOPyvo0=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "5012ef7926747f739c65bd2e1ceff96da30fb3b8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "release-24.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "home-manager": "home-manager",
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

home/nix/flake.nix

@@ -0,0 +1,30 @@
+{
+  description = "Freya Nix Flake";
+
+  inputs = {
+    # nixpkgs
+    nixpkgs.url = "github:nixos/nixpkgs/release-24.05";
+
+    # home manager
+    home-manager.url = "github:nix-community/home-manager/release-24.05";
+    home-manager.inputs.nixpkgs.follows = "nixpkgs";
+  };
+
+  outputs = {
+    self,
+    nixpkgs,
+    home-manager,
+    ...
+  } @ inputs: let
+    inherit (self) outputs;
+    system = "x86_64-linux";
+    pkgs = nixpkgs.legacyPackages.${system};
+  in {
+    homeConfigurations."freya" =
+      home-manager.lib.homeManagerConfiguration {
+        inherit pkgs;
+        extraSpecialArgs = {inherit inputs outputs;};
+        modules = [./home.nix];
+      };
+  };
+}

home/nix/home.nix

@@ -0,0 +1,31 @@
+{ config, pkgs, ... }: {
+
+  imports = [
+    ./programs
+  ];
+
+  news.display = "silent";
+  fonts.fontconfig.enable = true;
+  nixpkgs.config.allowUnfree = true;
+  programs.home-manager.enable = true;
+
+  home = {
+    username = "freya";
+    homeDirectory = "/home/freya";
+    stateVersion = "24.05";
+
+    packages = with pkgs; [
+      # desktop
+      starship
+      discord
+      thunderbird
+
+      # devlopment
+      rustup
+      gcc
+      openssl
+    ];
+
+  };
+}
+

home/nix/nix-channels

@@ -1,4 +1,3 @@
 https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager
-https://github.com/nix-community/nixGL/archive/main.tar.gz nixgl
 https://nixos.org/channels/nixpkgs-unstable nixpkgs
 

home/nix/nix.conf

@@ -0,0 +1 @@
+experimental-features = nix-command flakes

home/nix/programs/default.nix

@@ -0,0 +1,5 @@
+{
+  imports = [
+    ./firefox.nix
+  ];
+}

home/nix/programs/firefox.nix

@@ -0,0 +1,172 @@
+{ config, pkgs, ... }:
+  let
+    lock-false = {
+      Value = false;
+      Status = "locked";
+    };
+    lock-true = {
+      Value = true;
+      Status = "locked";
+    };
+  in
+{
+  programs.firefox = {
+    enable = true;
+
+    policies = {
+      EnableTrackingProtection = {
+        Value = true;
+        Locked = true;
+        Cryptomining = true;
+        Fingerprinting = true;
+      };
+
+      # Certificates
+      Certificates = {
+        ImportEnterpriseRoots = true;
+      };
+
+      # Cookies
+      Cookies = {
+        Behavior = "reject-foreign";
+        Locked = true;
+      };
+
+      # DNS
+      DNSOverHTTPS = {
+        Enabled = false;
+        Locked = true;
+      };
+
+      # Disable Bad
+      DisableAppUpdate = true;
+      DisableAccounts = true;
+      DisableFirefoxAccounts = true;
+      DisableFirefoxScreenshots = true;
+      DisableFirefoxStudies = true;
+      DisablePoket = true;
+      DisableTelemetry = true;
+      AutofillAddressEnabled = false;
+      AutofillCreditCardEnabled = false;
+
+      # Disable Certain Messages
+      UserMessaging = {
+        WhatsNew = false;
+        ExtensionRecommendations = false;
+        FeatureRecommendations = false;
+        UrlbarInterventions = false;
+        SkipOnboarding = true;
+        MoreFromMozilla = false;
+        Locked = true;
+      };
+
+      # Disable Password Manager
+      PasswordManagerEnabled = false;
+      OfferToSaveLogins = false;
+      OfferToSaveLoginsDefault = false;
+
+      # Remove Special Pages
+      OverrideFirstRunPage = "";
+      OverridePostUpdatePage = "";
+
+      # Start Page
+      Homepage = {
+        StartPage = "previous-session";
+        Loked = true;
+      };
+
+      # Home Page
+      FirefoxHome = {
+        Search = true;
+        TopSites = false;
+        SponsoredTopSites = false;
+        Highlights = false;
+        Pocket = false;
+        SponsoredPocket = false;
+        Snippets = false;
+        Locked = true;
+      };
+
+      # Search Suggestions
+      FirefoxSuggest = {
+        WebSuggestions = false;
+        SponsoredSuggestions = false;
+        ImproveSuggest = false;
+        Locked = true;
+      };
+
+      # Save All on Shutdown
+      SanitizeOnShutdown = {
+        Cache = false;
+        Cookies = false;
+        Downloads = false;
+        Histroy = false;
+        Sessions = false;
+        SiteSettings = false;
+        OfflineApps = false;
+        Locked = true;
+      };
+
+      # Miscellaneous
+      SearchBar = "unified";
+      DisplayMenuBar = "default-off";
+      DisplayBookmarksToolbar = "newtab";
+      NoDefaultBookmarks = true;
+      HardwareAcceleration = true;
+      DontCheckDefaultBrowser = true;
+      PromptForDownloadLocation = false;
+
+      # Extensions
+      ExtensionSettings = {
+        "*".installation_mode = "blocked";
+        # uBlock Origin
+        "uBlock0@raymondhill.net" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
+          installation_mode = "force_installed";
+        };
+        # Bitwarden
+        "{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
+          install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
+          installation_mode = "force_installed";
+        };
+      };
+
+      # about:config Preferences
+      Preferences = {
+        # theme
+        "toolkit.legacyUserProfileCustomizations.stylesheets" = lock-true;
+        "extensions.activeThemeID" = "firefox-compact-dark@mozilla.org";
+        # privacy
+        "privacy.donottrack.enabled" = lock-true;
+        "privacy.fingerprintingProtection" = lock-false;
+        "privacy.globalprivacycontrol.enabled" = lock-true;
+        # security
+        "security.OCSP.enabled" = {
+          Value = 0;
+          Status = "locked";
+        };
+        "browser.contentblocking.category" = {
+          Value = "strict";
+          Status = "locked";
+        };
+        # graphics
+        "webgl.disable" = lock-false;
+        "dom.webgpu.enabled" = lock-true;
+        "media.eme.enabled" = lock-true;
+        # tabs
+        "browser.tabs.warnOnClose" = lock-true;
+        "browser.tabs.firefox-view" = lock-false;
+        # user messaging
+        "browser.newtabpage.activity-stream.feeds.section.topstories" = lock-false;
+        "browser.newtabpage.activity-stream.feeds.snippets" = lock-false;
+        "browser.newtabpage.activity-stream.section.highlights.includePocket" = lock-false;
+        "browser.newtabpage.activity-stream.section.highlights.includeBookmarks" = lock-false;
+        "browser.newtabpage.activity-stream.section.highlights.includeDownloads" = lock-false;
+        "browser.newtabpage.activity-stream.section.highlights.includeVisited" = lock-false;
+        "browser.newtabpage.activity-stream.showSponsored" = lock-false;
+        "browser.newtabpage.activity-stream.system.showSponsored" = lock-false;
+        "browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
+      };
+    };
+  };
+}

modules/freya/system.scm

@@ -273,7 +273,8 @@
           (service bluetooth-service-type
                    (bluetooth-configuration
                      (experimental #t)
-                     (fast-connectable? #t)))
+                     (fast-connectable? #t)
+                     (auto-enable? #t)))
           ; yubikey
           (service pcscd-service-type)
           (udev-rules-service 'fido2 libfido2 #:groups '("plugdev"))