diff --git a/flake.lock b/flake.lock index 8d887e8..e937319 100644 --- a/flake.lock +++ b/flake.lock @@ -876,6 +876,26 @@ "type": "github" } }, + "quickshell": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1751880110, + "narHash": "sha256-5fQ2cetL3rTHqXe2VM3puawL/8u5j6ujBr6Gdt7Iues=", + "ref": "refs/heads/master", + "rev": "5d7e07508ae3e5487edb1ac5a152120434f091d5", + "revCount": 607, + "type": "git", + "url": "https://git.outfoxxed.me/quickshell/quickshell" + }, + "original": { + "type": "git", + "url": "https://git.outfoxxed.me/quickshell/quickshell" + } + }, "root": { "inputs": { "determinate": "determinate", @@ -883,6 +903,7 @@ "impermanence": "impermanence", "lanzaboote": "lanzaboote", "nixpkgs": "nixpkgs_2", + "quickshell": "quickshell", "rust-overlay": "rust-overlay_2", "schizofox": "schizofox", "systems": "systems_2", diff --git a/flake.nix b/flake.nix index a20d88f..64f5561 100644 --- a/flake.nix +++ b/flake.nix @@ -67,6 +67,13 @@ inputs.systems.follows = "systems"; }; + quickshell = { + url = "git+https://git.outfoxxed.me/quickshell/quickshell"; + # THIS IS IMPORTANT + # Mismatched system dependencies will lead to crashes and other issues. + inputs.nixpkgs.follows = "nixpkgs"; + }; + # The things rust is making me do... rust-overlay = { url = "github:oxalica/rust-overlay"; diff --git a/modules/programs/gui/brave/module.nix b/modules/programs/gui/brave/module.nix index 38915f3..7f448bd 100644 --- a/modules/programs/gui/brave/module.nix +++ b/modules/programs/gui/brave/module.nix @@ -1,79 +1,13 @@ -{ - lib, - pkgs, - ... -}: let - inherit (lib.lists) map; - inherit (lib.strings) concatStringsSep; - - flags = concatStringsSep " " [ - "--no-first-run" - "--use-vulkan" - "--enable-features=Vulkan,UseOzonePlatform" - "--enable-gpu-rasterization" - "--force-dark-mode" - "--enable-smooth-scrolling" - "--enable-features=UseOzonePlatform" - "--ozone-platform=wayland" - "--user-agent='Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3'" - "--use-angle=vulkan" - ]; - brave-wrapped = pkgs.symlinkJoin { - name = "fish"; - paths = [ - ( - pkgs.brave.override {vulkanSupport = true;} - ) - ]; - nativeBuildInputs = [pkgs.makeWrapper]; - postBuild = '' - wrapProgram $out/bin/brave --append-flags "${flags}" - ''; - }; -in { - environment.systemPackages = [ - brave-wrapped - ]; +{pkgs, ...}: { programs.chromium = { enable = true; - - # This sets a bunch of flags to make Brave usable. - # This was made possible through several similar projects, - # which facilitated this process a lot: - # https://gist.github.com/yashgorana/869542b66d7188729716379abe7464e0 - # https://github.com/yashgorana/chrome-debloat extraOpts = { BraveRewardsDisabled = true; BraveWalletDisabled = true; - - # Setting the policy to False prevents Google Chrome from showing - # product promotional content. PromotionsEnabled = false; TorDisabled = true; BraveVPNDisabled = true; BraveAIChatEnabled = false; - SyncDisabled = true; - - # Setting the policy to False stops Google Chrome from ever checking if - # it's the default and turns user controls off for this option. - DefaultBrowserSettingEnabled = false; - - # In background mode, a Google Chrome process is started on OS sign-in and keeps - # running when the last browser window is closed, allowing background apps and - # the browsing session to remain active. - BackgroundModeEnabled = false; - - # By default the browser will show media recommendations that are personalized to the user. - # Setting this policy to Disabled will result in these recommendations being hidden from the user. - MediaRecommendationsEnabled = false; - - # This policy controls the availability of the shopping list feature. - # If enabled, users will be presented with UI to track the price of - # the product displayed on the current page. The tracked product will - # be shown in the bookmarks side panel. If this policy is set to Enabled - # or not set, the shopping list feature will be available to users. - # If this policy is set to Disabled, the shopping list feature will be unavailable. - ShoppingListEnabled = false; BraveSyncUrl = ""; PrivacySandboxFingerprintingProtectionEnabled = true; PrivacySandboxIpProtectionEnabled = true; @@ -83,88 +17,8 @@ in { DefaultSearchProviderNewTabURL = "https://kagi.com"; SearchSuggestEnabled = true; DefaultSearchProviderSuggestURL = "https://kagi.com/api/autosuggest?q={searchTerms}"; - - # Prevents webpage elements that aren't from the domain - # that's in the browser's address bar from setting cookies. - BlockThirdPartyCookies = true; - DnsOverHttpsMode = "automatic"; - MetricsReportingEnabled = false; - SafeBrowsingExtendedReportingEnabled = false; - # Setting the policy to Enabled means URL-keyed anonymized data collection, - # which sends URLs of pages the user visits to Google to make searches and - # browsing better, is always active. - # Setting the policy to Disabled results in no URL-keyed anonymized data collection. - UrlKeyedAnonymizedDataCollectionEnabled = false; - - # Google Chrome in-product surveys collect user feedback for the browser. - # Survey responses are not associated with user accounts. When this policy - # is Enabled or not set, in-product surveys may be shown to users. - # When this policy is Disabled, in-product surveys are not shown to users. - FeedbackSurveysEnabled = false; - PasswordManagerEnabled = false; - # Disable sharing user credentials with other users - PasswordSharingEnabled = false; - # Disable leak detection for entered credentials - PasswordLeakDetectionEnabled = false; - - AutofillAddressEnabled = false; - AutofillCreditCardEnabled = false; - ParcelTrackingEnabled = false; - - # Setting the policy to 2 denies sites tracking the users' physical locationing. - DefaultGeolocationSetting = 2; - DefaultNotificationsSetting = 2; - # Setting the policy to BlockLocalFonts (value 2) automatically denies the local fonts - # permission to sites by default. This will limit the ability of sites to see - # information about local fonts. - DefaultLocalFontsSetting = 2; - - # Setting the policy to 1 lets websites access and use sensors such as motion and light. - # Setting the policy to 2 denies access to sensors. - DefaultSensorsSetting = 2; - # Setting the policy to 3 lets websites ask for access to serial ports. - # Setting the policy to 2 denies access to serial ports. - DefaultSerialGuardSetting = 2; - # This policy allows to control the Related Website Sets feature enablement. - # This policy overrides the FirstPartySetsEnabled policy. - # When this policy is set to False, the Related Website Sets feature is disabled. - RelatedWebsiteSetsEnabled = false; - - # This policy controls the sign-in behavior of the browser. - # It allows you to specify if the user can sign in to Google Chrome with - # their account and use account related services like Google Chrome Sync. - BrowserSignin = 0; - - QuicAllowed = true; - - # Setting the policy to Enabled turns the internal PDF viewer off in Google Chrome, - # treats PDF files as a download, and lets users open PDFs with the default application. - AlwaysOpenPdfExternally = true; - - SpellcheckEnabled = false; - EnableDoNotTrack = true; - - # If this policy is set to Disabled, Google Chrome will not allow guest profiles to be started. - # Guest logins are Google Chrome profiles where all windows are in incognito mode. - BrowserGuestModeEnabled = false; - - # This policy controls which software stack is used to communicate with the DNS server: - # the Operating System DNS client, or Google Chrome's built-in DNS client. This policy - # does not affect which DNS servers are used: if, for example, the operating system is - # configured to use an enterprise DNS server, that same server would be used by the - # built-in DNS client. It also does not control if DNS-over-HTTPS is used; Google Chrome - # will always use the built-in resolver for DNS-over-HTTPS requests. - # If this policy is set to Disabled, the built-in DNS client will only be used when DNS-over-HTTPS is in use. - BuiltinDnsClientEnabled = false; - - # Control if Manifest v2 extensions can be used by browser. - ExtensionManifestV2Availability = 2; - - # Setting the policy to True means Google Chrome uses alternate error - # pages built into (such as "page not found"). Setting the policy to - # False means Google Chrome never uses alternate error pages. - AlternateErrorPagesEnabled = false; + BlockThirdPartyCookies = true; }; extensions = [ # NoScript @@ -175,37 +29,9 @@ in { "bkkmolkhemgaeaeggcmfbghljjjoofoh" # Dark Reader "eimadpbcbfnmbkopoojfekhnkhdbieeh" - # UBlock Origin - "cjpalhdlnbpafiamejdnhcphjbkeiagm" - # I still don't care about cookies - "edibdbjcniadpccecjdfdjjppcpchdlm" - # Sponsorblock - "mnjggcdmjocbbbhaepdhchncahnbgone" - # Decentraleyes - "ldpochfccmkkmhdbclfhpagapcfdljkj" ]; }; - - networking.extraHosts = - concatStringsSep "\n" - <| map (addr: "${addr} localhost") [ - "rewards.brave.com" - "api.rewards.brave.com" - "grant.rewards.brave.com" - "variations.brave.com" - "laptop-updates.brave.com" - "static.brave.com" - "static1.brave.com" - "crlsets.brave.com" - "ads.brave.com" - "ads-admin.brave.com" - "ads-help.brave.com" - "referrals.brave.com" - "analytics.brave.com" - "search.anonymous.ads.brave.com" - "p3a.brave.com" - "variations.brave.com" - "star-randsrv.bsg.brave.com" - "usage-ping.brave.com" - ]; + environment.systemPackages = [ + (pkgs.brave.override {vulkanSupport = true;}) + ]; } diff --git a/modules/style/quickshell/module.nix b/modules/style/quickshell/module.nix index c0635cc..9fa7a30 100644 --- a/modules/style/quickshell/module.nix +++ b/modules/style/quickshell/module.nix @@ -1,9 +1,12 @@ { config, lib, + inputs, pkgs, ... }: let + inherit (inputs) quickshell; + inherit (lib.modules) mkIf; inherit (lib.options) mkEnableOption; @@ -13,7 +16,7 @@ in { config = mkIf cfg.enable { environment.systemPackages = with pkgs; [ - quickshell + quickshell.packages.${pkgs.stdenv.system}.default qt6.qtimageformats qt6.qt5compat qt6.qtmultimedia