diff --git a/apps.mod.nix b/apps.mod.nix index d757bb5..107014f 100644 --- a/apps.mod.nix +++ b/apps.mod.nix @@ -42,6 +42,11 @@ ( {pkgs, ...}: { users.users.emv.extraGroups = ["video"]; + nixpkgs.config.permittedInsecurePackages = [ + "fluffychat-linux-1.23.0" # it uses an insecure implementation of olm. but the devs are allegedly trying to move to vodozemac (which is an implementation that is not (at least publically announced as) insecure) . Using it instead of element because 1) i don't think the vulnerability is very relevant to our current threat model (as far as we're aware, it requires network or even hardware access, at which point you can already beat me with a baseball bat) and 2) out of the desktop clients, this seems to be one of the only ones with proper multi-account support?? + "olm-3.2.16" # tbh i still find it funny that a cryptographic library with a vuln known for several years before this is still used. + # "Note that these are not cryptographically secure implementations. They have no resistence to side-channel attacks and should not be used in contexts that need cryptographically secure implementations. These algorithms are not optimized for speed or space. They are primarily designed to be easy to read, although some basic optimization techniques have been employed." + ]; } ) ]; @@ -55,6 +60,7 @@ signal-desktop discord element-desktop + fluffychat obsidian mumble # calibre # still borked apparently, what the hell # still!!! diff --git a/flake.lock b/flake.lock index ce070b4..53c2e49 100644 --- a/flake.lock +++ b/flake.lock @@ -61,11 +61,11 @@ "base16-helix": { "flake": false, "locked": { - "lastModified": 1725860795, - "narHash": "sha256-Z2o8VBPW3I+KKTSfe25kskz0EUj7MpUh8u355Z1nVsU=", + "lastModified": 1736852337, + "narHash": "sha256-esD42YdgLlEh7koBrSqcT7p2fsMctPAcGl/+2sYJa2o=", "owner": "tinted-theming", "repo": "base16-helix", - "rev": "7f795bf75d38e0eea9fed287264067ca187b88a9", + "rev": "03860521c40b0b9c04818f2218d9cc9efc21e7a5", "type": "github" }, "original": { @@ -77,11 +77,11 @@ "base16-vim": { "flake": false, "locked": { - "lastModified": 1731949548, - "narHash": "sha256-XIDexXM66sSh5j/x70e054BnUsviibUShW7XhbDGhYo=", + "lastModified": 1735953590, + "narHash": "sha256-YbQwaApLFJobn/0lbpMKcJ8N5axKlW2QIGkDS5+xoSU=", "owner": "tinted-theming", "repo": "base16-vim", - "rev": "61165b1632409bd55e530f3dbdd4477f011cadc6", + "rev": "c2a1232aa2c0ed27dcbf005779bcfe0e0ab5e85d", "type": "github" }, "original": { @@ -178,11 +178,11 @@ "rocksdb": "rocksdb" }, "locked": { - "lastModified": 1736435929, - "narHash": "sha256-VIszlm7sNpzmzgM8nisOezoaFOzRyR+WpsLaF2D3BbA=", + "lastModified": 1736969690, + "narHash": "sha256-HQFweFT52Rkpued7WSq7htFwZ8bFBm0j3iqQESxqgzk=", "owner": "girlbossceo", "repo": "conduwuit", - "rev": "7526ba9d6fc4221a338056802f8456733da314d6", + "rev": "9ebb39ca4f35789e54b73cd33805943b362819ae", "type": "github" }, "original": { @@ -215,11 +215,11 @@ }, "crane_2": { "locked": { - "lastModified": 1734808813, - "narHash": "sha256-3aH/0Y6ajIlfy7j52FGZ+s4icVX0oHhqBzRdlOeztqg=", + "lastModified": 1736566337, + "narHash": "sha256-SC0eDcZPqISVt6R0UfGPyQLrI0+BppjjtQ3wcSlk0oI=", "owner": "ipetkov", "repo": "crane", - "rev": "72e2d02dbac80c8c86bf6bf3e785536acf8ee926", + "rev": "9172acc1ee6c7e1cbafc3044ff850c568c75a5a3", "type": "github" }, "original": { @@ -272,11 +272,11 @@ "rust-analyzer-src": "rust-analyzer-src" }, "locked": { - "lastModified": 1735799625, - "narHash": "sha256-lFadwWDvVIub11bwfZhsh2WUByf9LOi6yjsSUMmE0xk=", + "lastModified": 1736836313, + "narHash": "sha256-zdZ7/T6yG0/hzoVOiNpDiR/sW3zR6oSMrfIFJK2BrrE=", "owner": "nix-community", "repo": "fenix", - "rev": "a9d84a1545814910cb4ab0515ed6921e8b07ee95", + "rev": "056c9393c821a4df356df6ce7f14c722dc8717ec", "type": "github" }, "original": { @@ -289,11 +289,11 @@ "firefox-gnome-theme": { "flake": false, "locked": { - "lastModified": 1734969791, - "narHash": "sha256-A9PxLienMYJ/WUvqFie9qXrNC2MeRRYw7TG/q7DRjZg=", + "lastModified": 1736899990, + "narHash": "sha256-S79Hqn2EtSxU4kp99t8tRschSifWD4p/51++0xNWUxw=", "owner": "rafaelmardojai", "repo": "firefox-gnome-theme", - "rev": "92f4890bd150fc9d97b61b3583680c0524a8cafe", + "rev": "91ca1f82d717b02ceb03a3f423cbe8082ebbb26d", "type": "github" }, "original": { @@ -354,11 +354,11 @@ "flake-compat_4": { "flake": false, "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "lastModified": 1733328505, + "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", "owner": "edolstra", "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", "type": "github" }, "original": { @@ -526,19 +526,14 @@ "nixpkgs": [ "stylix", "nixpkgs" - ], - "nixpkgs-stable": [ - "stylix", - "git-hooks", - "nixpkgs" ] }, "locked": { - "lastModified": 1731363552, - "narHash": "sha256-vFta1uHnD29VUY4HJOO/D6p6rxyObnf+InnSMT4jlMU=", + "lastModified": 1735882644, + "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "cd1af27aa85026ac759d5d3fccf650abe7e1bbf0", + "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656", "type": "github" }, "original": { @@ -616,11 +611,11 @@ ] }, "locked": { - "lastModified": 1736508663, - "narHash": "sha256-ZOaGwa+WnB7Zn3YXimqjmIugAnHePdXCmNu+AHkq808=", + "lastModified": 1737120639, + "narHash": "sha256-p5e/45V41YD3tMELuiNIoVCa25/w4nhOTm0B9MtdHFI=", "owner": "nix-community", "repo": "home-manager", - "rev": "2532b500c3ed2b8940e831039dcec5a5ea093afc", + "rev": "a0046af169ce7b1da503974e1b22c48ef4d71887", "type": "github" }, "original": { @@ -637,11 +632,11 @@ ] }, "locked": { - "lastModified": 1735774425, - "narHash": "sha256-C73gLFnEh8ZI0uDijUgCDWCd21T6I6tsaWgIBHcfAXg=", + "lastModified": 1736785676, + "narHash": "sha256-TY0jUwR3EW0fnS0X5wXMAVy6h4Z7Y6a3m+Yq++C9AyE=", "owner": "nix-community", "repo": "home-manager", - "rev": "5f6aa268e419d053c3d5025da740e390b12ac936", + "rev": "fc52a210b60f2f52c74eac41a8647c1573d2071d", "type": "github" }, "original": { @@ -669,11 +664,11 @@ "liburing": { "flake": false, "locked": { - "lastModified": 1733603756, - "narHash": "sha256-eTKnZDZ1Ex++v+BI0DBcUBmCXAO/tE8hxK9MiyztZkU=", + "lastModified": 1736719310, + "narHash": "sha256-Turvx60THwzTiUHb49WV3upUgsPuktr7tVy2Lwu2xJg=", "owner": "axboe", "repo": "liburing", - "rev": "c3d5d6270cd5ed48d817fc1e8e95f7c8b222f2ff", + "rev": "3124a4619e4daf26b06d48ccf0186a947070c415", "type": "github" }, "original": { @@ -802,11 +797,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1736441705, - "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=", + "lastModified": 1736978406, + "narHash": "sha256-oMr3PVIQ8XPDI8/x6BHxsWEPBRU98Pam6KGVwUh8MPk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337", + "rev": "b678606690027913f3434dea3864e712b862dde5", "type": "github" }, "original": { @@ -865,11 +860,11 @@ }, "nixpkgs-stable_3": { "locked": { - "lastModified": 1736549401, - "narHash": "sha256-ibkQrMHxF/7TqAYcQE+tOnIsSEzXmMegzyBWza6uHKM=", + "lastModified": 1736916166, + "narHash": "sha256-puPDoVKxkuNmYIGMpMQiK8bEjaACcCksolsG36gdaNQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1dab772dd4a68a7bba5d9460685547ff8e17d899", + "rev": "e24b4c09e963677b1beea49d411cd315a024ad3a", "type": "github" }, "original": { @@ -943,11 +938,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1735685343, - "narHash": "sha256-h1CpBzdJDNtSUb5QMyfFHKHocTTky+4McgQEBQBM+xA=", + "lastModified": 1736817698, + "narHash": "sha256-1m+JP9RUsbeLVv/tF1DX3Ew9Vl/fatXnlh/g5k3jcSk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "81934660d6e9ea54d2f0cdee821e8533b10c221a", + "rev": "2b1fca3296ddd1602d2c4f104a4050e006f4b0cb", "type": "github" }, "original": { @@ -975,11 +970,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1736344531, - "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", + "lastModified": 1736883708, + "narHash": "sha256-uQ+NQ0/xYU0N1CnXsa2zghgNaOPxWpMJXSUJJ9W7140=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", + "rev": "eb62e6aa39ea67e0b8018ba8ea077efe65807dc8", "type": "github" }, "original": { @@ -1007,11 +1002,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1735648875, - "narHash": "sha256-fQ4k/hyQiH9RRPznztsA9kbcDajvwV1sRm01el6Sr3c=", + "lastModified": 1736798957, + "narHash": "sha256-qwpCtZhSsSNQtK4xYGzMiyEDhkNzOCz/Vfu4oL2ETsQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "47e29c20abef74c45322eca25ca1550cdf5c3b50", + "rev": "9abb87b552b7f55ac8916b6fc9e5cb486656a2f3", "type": "github" }, "original": { @@ -1055,11 +1050,11 @@ "rust-analyzer-src": { "flake": false, "locked": { - "lastModified": 1735742096, - "narHash": "sha256-q3a80h8Jf8wfmPURUgRR46nQCB3I5fhZ+/swulTF5HY=", + "lastModified": 1736690231, + "narHash": "sha256-g9gyxX+F6CrkT5gRIMKPnCPom0o9ZDzYnzzeNF86D6Q=", "owner": "rust-lang", "repo": "rust-analyzer", - "rev": "7e639ee3dda6ed9cecc79d41f6d38235121e483d", + "rev": "8364ef299790cb6ec22b9e09e873c97dbe9f2cb5", "type": "github" }, "original": { @@ -1074,11 +1069,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1736515725, - "narHash": "sha256-4P99yL8vGehwzytkpP87eklBePt6aqeEC5JFsIzhfUs=", + "lastModified": 1737107480, + "narHash": "sha256-GXUE9+FgxoZU8v0p6ilBJ8NH7k8nKmZjp/7dmMrCv3o=", "owner": "Mic92", "repo": "sops-nix", - "rev": "f214c1b76c347a4e9c8fb68c73d4293a6820d125", + "rev": "4c4fb93f18b9072c6fa1986221f9a3d7bf1fe4b6", "type": "github" }, "original": { @@ -1107,11 +1102,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1736530113, - "narHash": "sha256-a+IUtGdzESNSQEZkW99TXf5js8o4Oy9M4H2am+2ECp4=", + "lastModified": 1736993991, + "narHash": "sha256-kPDt3QgeIsct9f375LIGmSoZKl7Z4AVzXX+9U0VV5PI=", "owner": "danth", "repo": "stylix", - "rev": "f1e003194cb528bbd4eda50b781d1f703611782d", + "rev": "a88c4d264a4379b7fe5a9e75ed51bea96f8dd407", "type": "github" }, "original": { @@ -1202,11 +1197,11 @@ "tinted-tmux": { "flake": false, "locked": { - "lastModified": 1729501581, - "narHash": "sha256-1ohEFMC23elnl39kxWnjzH1l2DFWWx4DhFNNYDTYt54=", + "lastModified": 1735737224, + "narHash": "sha256-FO2hRBkZsjlIRqzNHCPc/52yxg11kHGA8MEtSun9RwE=", "owner": "tinted-theming", "repo": "tinted-tmux", - "rev": "f0e7f7974a6441033eb0a172a0342e96722b4f14", + "rev": "aead506a9930c717ebf81cc83a2126e9ca08fa64", "type": "github" }, "original": { diff --git a/fonts.mod.nix b/fonts.mod.nix index bacf0b8..5173a2a 100644 --- a/fonts.mod.nix +++ b/fonts.mod.nix @@ -3,6 +3,9 @@ ( {pkgs, ...}: { fonts.packages = with pkgs; [ + noto-fonts + noto-fonts-cjk-sans + noto-fonts-emoji dina-font wqy_zenhei # this is so that hanzi doesn't look like pixel art nerd-fonts.noto diff --git a/nerd.mod.nix b/nerd.mod.nix index 96abd40..38a6410 100644 --- a/nerd.mod.nix +++ b/nerd.mod.nix @@ -3,12 +3,12 @@ ( {pkgs, ...}: { home.packages = with pkgs; [ - geogebra6 # geogebra5 currently does not work? + # geogebra6 # geogebra5 currently does not work? gimp chemtool avogadro2 ]; - programs.sagemath.enable = true; + # programs.sagemath.enable = true; } ) ]; diff --git a/services/caddy/Caddyfile b/services/caddy/Caddyfile index 9b3fdca..161b0ce 100644 --- a/services/caddy/Caddyfile +++ b/services/caddy/Caddyfile @@ -20,7 +20,7 @@ https://collective-conciousness.monster, http://collective-conciousness.monster Strict-Transport-Security "max-age=31536001; includeSubdomains; preload" } - reverse_proxy /_matrix* 10.24.1.4:7893 + reverse_proxy /_matrix* 10.24.1.4:7893 # allegedly this might not be needed, but it doesn't seem to hurt so respond /.well-known/matrix/server "{\"m.server\": \"matrix.collective-conciousness.monster:443\"}" root * /var/www/public diff --git a/sway.mod.nix b/sway.mod.nix index 4a43175..ed7dded 100644 --- a/sway.mod.nix +++ b/sway.mod.nix @@ -110,7 +110,7 @@ ### TODO : Resize mode and automatic floating assigns = { - "1:说" = [{title = "^Signal$|Discord$";}]; + "1:说" = [{title = "^Signal$|Discord$|FluffyChat$";}]; "2:main" = [{title = "VSCodium$";}]; "3:browsing" = [{title = "LibreWolf$";}]; "4:misc" = []; @@ -122,12 +122,12 @@ "0:audio" = [{title = "pwvucontrol$|noisetorch$";}]; }; - /* + /* # commented out as they're automagically handled by stylix colors = { # should probably use a let ... in ... here background = "#212121"; focused = { - # border = "#2b83a6"; # test to see if stylix does magic + border = "#2b83a6"; background = "#2b83a6"; text = "#ffffff"; indicator = "#dddddd"; @@ -232,7 +232,7 @@ workspaceLayout = "tabbed"; }; }; - } + }Signal ) ]; }