diff --git a/configuration.nix b/configuration.nix index 898e1c4..e4974ee 100644 --- a/configuration.nix +++ b/configuration.nix @@ -364,6 +364,11 @@ services.irqbalance.enable = true; services.earlyoom.enable = true; + zramSwap = { + enable = true; + priority = 100; + }; + # Power management for laptop services.logind = { settings = { diff --git a/flake.lock b/flake.lock index f880af6..74626eb 100644 --- a/flake.lock +++ b/flake.lock @@ -107,11 +107,11 @@ "zon2nix": "zon2nix" }, "locked": { - "lastModified": 1779573072, - "narHash": "sha256-DgdXilZcUCEQdOcgt2+Aj77+up2OkdBFg5Q6En5PUB0=", + "lastModified": 1779812402, + "narHash": "sha256-gozJEyJHbaAyrbzODKeWJhxpUrGK6m4DIPDogfjz2BU=", "owner": "ghostty-org", "repo": "ghostty", - "rev": "d5d8cef4d3834cc8999eb9344066b0960b033f2d", + "rev": "2e5ad917eb4e325a3dbb161c3f41208a8cd35e44", "type": "github" }, "original": { @@ -362,11 +362,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1779580088, - "narHash": "sha256-oYEtJtyKegw8CO+OistcabbKDmhrRDrVmSbLcXT9mkw=", + "lastModified": 1779821945, + "narHash": "sha256-6NHOS9mQiUMEDqgnuQXhqgckQ9ZR03PPW3b6P7XdUYQ=", "owner": "anomalyco", "repo": "opencode", - "rev": "0b3a1c2fdf8032d7168d1a5103c460c84dfee882", + "rev": "fdfd0afed7fddbe852ea53b5a75ce1ea8ad725a2", "type": "github" }, "original": { @@ -470,11 +470,11 @@ ] }, "locked": { - "lastModified": 1779455631, - "narHash": "sha256-svU6Ro4xiMxMA1KJGwQ/nfKwz3yXE/SONCw2Z1qTXHA=", + "lastModified": 1779781734, + "narHash": "sha256-c2FZ7S/rhnCHcwPkc82GOxlCw88HKYBaJkLtMgi72p8=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "5bcdfcef664bf62831dcb4b947004d9c5fbf7201", + "rev": "ef7c137fea3d0d0624864db7aa1f068eed79b0fb", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 468d23e..d0330c8 100644 --- a/flake.nix +++ b/flake.nix @@ -63,13 +63,8 @@ inputs.nur.overlays.default inputs.ghostty.overlays.default inputs.helix.overlays.default - (_final: prev: { - opencode = opencode.packages.${prev.stdenv.hostPlatform.system}.opencode.overrideAttrs (old: { - postPatch = (old.postPatch or "") + '' - substituteInPlace package.json \ - --replace-fail '"packageManager": "bun@1.3.14"' '"packageManager": "bun@1.3.13"' - ''; - }); + (final: prev: { + opencode = opencode.packages.${prev.stdenv.hostPlatform.system}.opencode; }) ]; } diff --git a/home-modules/browser.nix b/home-modules/browser.nix index 1a6685b..d462ab3 100644 --- a/home-modules/browser.nix +++ b/home-modules/browser.nix @@ -1,6 +1,70 @@ -{ pkgs, ... }: +{ lib, pkgs, ... }: +let + firefoxApplicationId = "{ec8030f7-c20a-464f-9b0e-13a3a9e97384}"; + firefoxAddons = pkgs.nur.repos.rycee.firefox-addons; + zenQolExtensions = with firefoxAddons; [ + ublock-origin + onepassword-password-manager + sponsorblock + youtube-recommended-videos + darkreader + vimium + return-youtube-dislikes + react-devtools + firefox-color + pay-by-privacy + bypass-paywalls-clean + translate-web-pages + user-agent-string-switcher + wappalyzer + control-panel-for-twitter + copy-selected-tabs-to-clipboard + dearrow + violentmonkey + tst-indent-line + ]; + # Extra Tor extensions reduce anonymity; keep this to the selected subset. + torQolExtensions = with firefoxAddons; [ + ublock-origin + sponsorblock + youtube-recommended-videos + return-youtube-dislikes + dearrow + translate-web-pages + violentmonkey + bypass-paywalls-clean + react-devtools + wappalyzer + ]; + installTorExtension = + addon: + let + xpi = "${addon}/share/mozilla/extensions/${firefoxApplicationId}/${addon.addonId}.xpi"; + in + '' + install -Dm444 "${xpi}" \ + "$out/share/tor-browser/distribution/extensions/${addon.addonId}.xpi" + install -Dm444 "${xpi}" \ + "$out/share/tor-browser/TorBrowser/Data/Browser/profile.default/extensions/${addon.addonId}.xpi" + ''; + torBrowser = + (pkgs.tor-browser.override { + extraPrefs = '' + // Prefer Tor Browser's Safer mode by default without locking the UI. + defaultPref("browser.security_level.security_slider", 2); + defaultPref("browser.security_level.security_custom", false); + ''; + }).overrideAttrs + (old: { + installPhase = (old.installPhase or "") + '' + ${lib.concatMapStringsSep "\n" installTorExtension torQolExtensions} + ''; + }); +in { + home.packages = [ torBrowser ]; + programs.zen-browser = { enable = true; policies = { @@ -106,27 +170,7 @@ } } ''; - extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [ - ublock-origin - onepassword-password-manager - sponsorblock - youtube-recommended-videos - darkreader - vimium - return-youtube-dislikes - react-devtools - firefox-color - pay-by-privacy - bypass-paywalls-clean - translate-web-pages - user-agent-string-switcher - wappalyzer - control-panel-for-twitter - copy-selected-tabs-to-clipboard - dearrow - violentmonkey - tst-indent-line - ]; + extensions.packages = zenQolExtensions; search = { default = "SearXNG"; privateDefault = "SearXNG"; diff --git a/home-modules/opencode.nix b/home-modules/opencode.nix index dc37f8f..ce2adbd 100644 --- a/home-modules/opencode.nix +++ b/home-modules/opencode.nix @@ -24,6 +24,11 @@ url = "https://mcp.heytea.dev/mcp"; enabled = true; }; + mcp.cloudflare-api = { + type = "remote"; + url = "https://mcp.cloudflare.com/mcp"; + enabled = true; + }; mcp.chrome-devtools = { type = "local"; command = [ diff --git a/home-modules/packages.nix b/home-modules/packages.nix index ff29bef..6448364 100644 --- a/home-modules/packages.nix +++ b/home-modules/packages.nix @@ -164,7 +164,6 @@ in qbittorrent-enhanced signal-desktop slack - tor-browser vesktop vlc zulip diff --git a/hosts/framework-work/hardware-configuration.nix b/hosts/framework-work/hardware-configuration.nix index bea50bd..e0e2732 100644 --- a/hosts/framework-work/hardware-configuration.nix +++ b/hosts/framework-work/hardware-configuration.nix @@ -25,6 +25,7 @@ fileSystems."/" = { device = "/dev/disk/by-uuid/dfaa8624-c14f-4a72-8c5a-193d8294e5cb"; fsType = "ext4"; + options = [ "noatime" ]; }; fileSystems."/boot" = { @@ -39,6 +40,7 @@ swapDevices = [ { device = "/dev/disk/by-uuid/bd8d2630-7c9b-4ec1-8a00-b1a801003732"; + priority = -10; } ];