Add basic mycelium, change some hardware and browser stuff

2025-05-29 22:15:35 -04:00 · 2025-05-29 22:15:35 -04:00 · 200bf7e711
commit 200bf7e711
parent f49316e600
6 changed files with 64 additions and 63 deletions
--- a/hosts/kitty/network/default.nix
+++ b/hosts/kitty/network/default.nix
@ -9,14 +9,5 @@
      address = "10.1.0.1";
      interface = "eno1";
    };
    vlans.internal = {
      id=100;
      interface="eno1";
    };
    interfaces.internal.ipv4.addresses = [{
      address = "11.0.0.2";
      prefixLength = 8;
    }];
  };
 }
--- a/hosts/midas/network/default.nix
+++ b/hosts/midas/network/default.nix
@ -9,33 +9,6 @@
      address = "10.1.0.1";
      interface = "enp0s31f6";
    };
    vlans.internal = {
      id=100;
      interface="enp0s31f6";
    };
    interfaces.internal.ipv4.addresses = [{
      address = "11.0.0.1";
      prefixLength = 8;
    }];
    nftables.tables.forwarding = {
      family = "inet";
      content = ''
        chain incoming {
          type nat hook prerouting priority dstnat; policy accept;
          tcp dport 2211 dnat ip to 11.0.0.100:22 comment "Tower SSH"
          tcp dport 2222 dnat ip to 11.0.0.2:22 comment "Kitty SSH"
          udp dport { 27005, 27015 } dnat ip to 11.0.0.100 comment "PC Hosted Games"
        }
        chain forward {
          type nat hook postrouting priority 100; policy accept;
          masquerade
        }
      '';
    };
  };
  # Enable IP forwarding for the server configuration
--- a/hosts/tower/network/default.nix
+++ b/hosts/tower/network/default.nix
@ -10,15 +10,6 @@
      interface = "enp42s0";
    };
    vlans.internal = {
      id=100;
      interface="enp42s0";
    };
    interfaces.internal.ipv4.addresses = [{
      address = "11.0.0.100";
      prefixLength = 8;
    }];
    firewall.allowedUDPPorts = [ 27015 ];
  };
 }
--- a/modules/home/programs/gui/librewolf/default.nix
+++ b/modules/home/programs/gui/librewolf/default.nix
@ -6,8 +6,8 @@
      package = pkgs.librewolf;
      profiles.default = {
        isDefault = true;
        containersForce = true;
        containersForce = true;
        containers = {
          home = {
            color = "purple";
@ -21,26 +21,56 @@
          };
        };
-        extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [
+        bookmarks = {
-          bitwarden
+          force = true;
-          darkreader
+          settings = [
-          return-youtube-dislikes
+            {
-          simple-tab-groups
+              name = "NixFox";
-          sponsorblock
+              url = "https://www.nixfox.ca";
-          ublock-origin
+            }
-          violentmonkey
+            {
-        ];
+              name = "Luna";
              url = "https://www.lunamoonlight.xyz";
            }
            {
              name = "Freecorn";
              url = "https://freecorn1854.win";
            }
            {
              name = "Bloxelcom";
              url = "https://www.bloxelcom.net";
            }
            {
              name = "YouTube";
              url = "https://www.kernel.org";
            }
            {
              name = "NixOS Wiki";
              url = "https://nixos.wiki";
            }
            {
              name = "Kernel";
              url = "https://www.kernel.org";
            }
          ];
        };
        extensions = {
          force = true;
          packages = with pkgs.nur.repos.rycee.firefox-addons; [
            bitwarden
            darkreader
            return-youtube-dislikes
            simple-tab-groups
            sponsorblock
            ublock-origin
            violentmonkey
          ];
        };
        search = {
          force = true;
          default = "ecosia";
          order = [
            "ecosia"
            "nixpkgs"
            "mynixos"
            "youtube"
            "spotify"
          ];
          engines = {
            "ecosia" = {
              urls = [{
@ -166,7 +196,6 @@
          "privacy.clearOnShutdown.cookies" = false;
          "privacy.clearOnShutdown_v2.cookiesAndStorage" = false;
          "privacy.fingerprintingProtection" = true;
          "privacy.firstparty.isolate" = true;
          "privacy.globalprivacycontrol.enabled" = true;
          "privacy.globalprivacycontrol.functionality.enabled" = true;
          "privacy.resistFingerprinting" = true;
--- a/modules/system/devices/networking/default.nix
+++ b/modules/system/devices/networking/default.nix
@ -1,6 +1,7 @@
 { config, ... }:
 {
  imports = [
    ./mycelium
    ./nameservers
    ./wireless
  ];
--- a/modules/system/devices/networking/mycelium/default.nix
+++ b/modules/system/devices/networking/mycelium/default.nix
@ -0,0 +1,16 @@
 { ... }:
 {
  services.mycelium = {
    enable = true;
    openFirewall = true;
    addHostedPublicNodes = false;
    peers = [
      "quic://[2607:fea8:431d:cba5:16bf:db31:5797:4170]:9651"
      "quic://[2607:fea8:431d:cba5:d104:b60a:c847:9797]:9651"
      "quic://[2607:fea8:431d:cba5:1963:58fa:50f4:f841]:9651"
      "quic://150.230.26.224:9651"
    ];
  };
  environment.persistence."/persist".directories = [ "/var/lib/private/mycelium" ];
 }