diff --git a/modules/home/librewolf.nix b/modules/home/librewolf.nix
index 4561e86..3d07f6d 100755
--- a/modules/home/librewolf.nix
+++ b/modules/home/librewolf.nix
@@ -37,7 +37,6 @@
(extension "enhancer-for-youtube" "enhancerforyoutube@maximerf.addons.mozilla.org")
(extension "indie-wiki-buddy" "{cb31ec5d-c49a-4e5a-b240-16c767444f62}")
(extension "libredirect" "7esoorv3@alefvanoon.anonaddy.me")
- (extension "new-tab-override" "newtaboverride@agenedia.com")
(extension "privacy-badger17" "jid1-MnnxcxisBPnSXQ@jetpack")
(extension "return-youtube-dislikes" "{762f9885-5a13-4abd-9c77-433dcd38b8fd}")
(extension "ublock-origin" "uBlock0@raymondhill.net")
@@ -46,15 +45,8 @@
profiles.wo2w = {
search = {
force = true;
- default = "searxng";
- privateDefault = "searxng";
- engines = {
- searxng = {
- name = "SearXNG";
- iconMapObj."16" = "https://searxng.taild5f7e6.ts.net/favicon.ico";
- urls = [{ template = "https://searxng.taild5f7e6.ts.net/search?q={searchTerms}"; }];
- };
- };
+ default = "ddg";
+ privateDefault = "ddg";
};
settings = {
"browser.urlbar.suggest.history" = true;
@@ -62,10 +54,8 @@
"browser.urlbar.suggest.openpage" = false;
"browser.urlbar.suggest.topsites" = false;
"browser.urlbar.suggest.recentsearches" = false;
-
# remember tabs on startup
"browser.startup.page" = 3;
- "browser.startup.homepage" = "https://glance.taild5f7e6.ts.net";
# encrypted dns
"network.trr.mode" = 2;
@@ -77,7 +67,8 @@
"privacy.clearOnShutdown.cache" = false;
"privacy.clearOnShutdown.cookies" = false;
"privacy.clearOnShutdown.sessions" = false;
- "privacy.globalprivacycontrol.enabled" = true;
+ "privacy.donottrackheader.enabled" = true;
+
# use xdg file picker instead of builtin browser picker
"widget.use-xdg-desktop-portal.file-picker" = 1;
};
diff --git a/modules/nixos/services/homeserver/caddy.nix b/modules/nixos/services/homeserver/caddy.nix
index d0565be..1f6c8fe 100755
--- a/modules/nixos/services/homeserver/caddy.nix
+++ b/modules/nixos/services/homeserver/caddy.nix
@@ -29,9 +29,11 @@
enableReload = false;
extraConfig = ''
- (default-settings) {
- import httpcat-errors
+ (cloudflare-tls) {
+ tls ${config.sops.secrets."caddy/wo2wz.fyi.crt".path} ${config.sops.secrets."caddy/wo2wz.fyi.key".path}
+ }
+ (default-settings) {
encode
header {
@@ -43,26 +45,6 @@
-X-Powered-By
}
}
-
- (cloudflare-tls) {
- tls ${config.sops.secrets."caddy/wo2wz.fyi.crt".path} ${config.sops.secrets."caddy/wo2wz.fyi.key".path}
- }
-
- (httpcat-errors) {
- handle_errors {
- header Content-Type text/html
- respond <
-
- {err.status_code} {err.status_text}
-
- 
- shit
error id: {err.id}
-
-
- HTML
- }
- }
'';
# have to specify node tags here because if there are two tailscale blocks it just dont work
globalConfig = ''
@@ -85,9 +67,6 @@
tags tag:drone
- glance {
- tags tag:drone tag:glance
- }
grafana {
tags tag:drone tag:grafana
}
diff --git a/modules/nixos/services/homeserver/default.nix b/modules/nixos/services/homeserver/default.nix
index 22df8a8..0ed971d 100755
--- a/modules/nixos/services/homeserver/default.nix
+++ b/modules/nixos/services/homeserver/default.nix
@@ -9,7 +9,6 @@
./continuwuity.nix
./forgejo.nix
./gameserver-caddy.nix
- ./glance.nix
./jellyfin.nix
./kanidm.nix
./nextcloud.nix
diff --git a/modules/nixos/services/homeserver/glance.nix b/modules/nixos/services/homeserver/glance.nix
deleted file mode 100644
index be9ef49..0000000
--- a/modules/nixos/services/homeserver/glance.nix
+++ /dev/null
@@ -1,176 +0,0 @@
-{ config, ... }:
-
-{
- sops.secrets."glance/secrets.env" = {};
-
- services.caddy.virtualHosts."glance.taild5f7e6.ts.net".extraConfig = ''
- import default-settings
-
- bind tailscale/glance
-
- reverse_proxy localhost:${toString config.services.glance.settings.server.port}
- '';
-
- services.glance = {
- enable = true;
- environmentFile = config.sops.secrets."glance/secrets.env".path;
- settings = {
- server = {
- host = "127.0.0.1";
- port = 8008;
- proxied = true;
- };
-
- pages =
- let
- domain = "wo2wz.fyi";
- tsDomain = "taild5f7e6.ts.net";
- in [
- {
- name = "Home";
- columns = [
- {
- size = "small";
- widgets = [
- {
- # xkcd
- type = "custom-api";
- cache = "1h";
- title = "XKCD";
- title-url = "https://xkcd.com";
-
- url = "https://xkcd.com/info.0.json";
- template = ''
- {{ .JSON.String "title" }}
- 
- '';
- }
- {
- type = "hacker-news";
- cache = "30m";
- limit = 10;
- collapse-after = 5;
- }
- ];
- }
- {
- size = "full";
- widgets = [
- {
- type = "search";
- title-url = "https://searxng.${tsDomain}";
- search-engine = "https://searxng.${tsDomain}/search?q={QUERY}";
- autofocus = true;
- }
- {
- type = "bookmarks";
- same-tab = true;
- groups = [
- {
- title = "Services";
- links = [
- {
- title = "Proton Mail";
- icon = "sh:proton-mail";
- url = "https://mail.proton.me";
- }
- {
- title = "Cloudflare Dashboard";
- icon = "sh:cloudflare";
- url = "https://dash.cloudflare.com";
- }
- {
- title = "Tailscale Dashboard";
- icon = "sh:tailscale";
- url = "https://login.tailscale.com/admin";
- }
- ];
- }
- {
- title = "Self Hosted (Public)";
- links = [
- {
- title = "Nextcloud";
- icon = "sh:nextcloud";
- url = "https://nextcloud.${domain}/index.php";
- }
- {
- title = "Forgejo";
- icon = "sh:forgejo";
- url = "https://git.${domain}";
- }
- ];
- }
- {
- title = "Self Hosted (Private)";
- links = [
- {
- title = "Vaultwarden";
- icon = "sh:vaultwarden";
- url = "https://vaultwarden.${tsDomain}";
- }
- {
- title = "Jellyfin";
- icon = "sh:jellyfin";
- url = "https://jellyfin.${tsDomain}";
- }
- ];
- }
- {
- title = "Self Hosted (Monitoring)";
- links = [
- {
- title = "Grafana";
- icon = "sh:grafana";
- url = "https://grafana.${tsDomain}";
- }
- {
- title = "Uptime Kuma";
- icon = "sh:uptime-kuma";
- url = "https://uptime-kuma.${domain}";
- }
- ];
- }
- ];
- }
- ];
- }
- {
- size = "small";
- widgets = [
- {
- type = "clock";
- title = "Time and Weather";
- hour-format = "24h";
- timezones = [
- {
- timezone = "America/New_York";
- label = "New York";
- }
- {
- timezone = "Etc/UTC";
- label = "UTC";
- }
- ];
- }
- {
- type = "calendar";
- hide-header = true;
- first-day-of-week = "sunday";
- }
- {
- type = "weather";
- hide-header = true;
- location = "\${GLANCE_WEATHER_LOCATION}";
- units = "imperial";
- hour-format = "24h";
- hide-location = true;
- }
- ];
- }
- ];
- }
- ];
- };
- };
-}
\ No newline at end of file
diff --git a/modules/nixos/services/homeserver/vaultwarden.nix b/modules/nixos/services/homeserver/vaultwarden.nix
index ad71f08..e788729 100755
--- a/modules/nixos/services/homeserver/vaultwarden.nix
+++ b/modules/nixos/services/homeserver/vaultwarden.nix
@@ -14,8 +14,7 @@
bind tailscale/vaultwarden
# block connections to admin login
- @admin path /admin /admin/*
- respond @admin 403
+ respond /admin/* 403
reverse_proxy localhost:8000
'';
diff --git a/secrets/drone.yaml b/secrets/drone.yaml
index d20344a..ff5f1b2 100755
--- a/secrets/drone.yaml
+++ b/secrets/drone.yaml
@@ -9,8 +9,6 @@ cloudflared:
forgejo:
secret-key: ENC[AES256_GCM,data:KFKTo9Qy6rLOmZmSfTIpJ7RLI+MEhttH9W9Orv6KJhoWG+7mzKNg8SK8ejcj4xVakerFd6XwOITTcmS+xQdpVg==,iv:KAJvvg0DfzF2aQPciCQyhZBlKPx4YNPSCX78Bqh3BGQ=,tag:kCeA8DqOtDPUUjRL4aAt9g==,type:str]
internal-token: ENC[AES256_GCM,data:OQYevugICOaLCQxSleATN1cKVDRvfV5paAas8Opzb1qOu+VmXCcJnoJEd7z0oswQo4Tar0ps9KvuYvOsCcJGChb9U2drFjRRpNQaVWZYG5uIZY2QHzA+Ak/a88JGu025czsAFxLbg5Uj,iv:xglBQ+pqoGZcRPu6GJLxSYs9f+G/CgZUze+hPkdn80Y=,tag:hvMdcV6yX1NjpD7zxRFNLA==,type:str]
-glance:
- secrets.env: ENC[AES256_GCM,data:GuSXJuflDiLszoqUCZV/c4ynsYCmaNJGFMFqIWBVTaVG/+HnPmaBQ2LF+C1x+AgwiiszQEV1JXQfPzfgPmqcLpgjTw==,iv:L6gwfqwkLyo38KQwvsMLs0G37dmt1Y6oIXNfKAqRnhU=,tag:EfRlAqy7rUZBwuD38ELV8w==,type:str]
grafana:
secrets.env: ENC[AES256_GCM,data:yv7u5+8l7M4PJ4BzCUlTGX8PeFxxVMtS2Pi4yKnvAeZf+4tcz6NFNRjyPeqTFinqmZ8yq+iYA1tBS5Gy9DTHo8TzmhoaWBPI/ZUXQgl5Y7lnGBOyZ6wHlllsP8zbC+zEWW+gRssaXj6yYBuvQTTzfSqSlmZdB7VwhUegiVxMs722jbys1Rl+NE8TKDc384IbwPRAIi6ZO+UH,iv:M/dgcJ++gMH5/sNQDUQvkiJW2n+fSkPCEDZBcFRXWuE=,tag:SocmiehkaCzl9ZB8dNZPZQ==,type:str]
kanidm:
@@ -47,7 +45,7 @@ sops:
N0U5bkt4aXJOS3N0Z2N4YTg4TDVUVncKCQLUTMmdM/IPzV3NDRhPdta1tvXxy/6P
RYbLzlUryw+tqfTp8nDrdxyOWScLNzPOswAq0Qf7VMcEQ5bJEkAOhQ==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2026-02-16T22:07:49Z"
- mac: ENC[AES256_GCM,data:eBcRGioZ1oIPOljdmY/o3lR5UIkm6H9QggE9uPXrJO5hHfi0CBsVkpHACFcd/H5qBd29LUGajHB5m3xbIJErPStsrl5lo32+QNW8sYybxf9MchqZuB7U2H7qfCGrS6TB82FoTc4WKkwWxcbJlLzrtp8cF/jY+xOpB6KisBTyrFg=,iv:r63ELQTJ006K5b8muq1hKHyCKhvW7CxeAlIDSbM39ac=,tag:cs2tyb+Ti4Gjz00AfivrLQ==,type:str]
+ lastmodified: "2026-02-05T14:48:03Z"
+ mac: ENC[AES256_GCM,data:4xjci10r/reABYCATMOay5VGn/lhLLpojgSQ2QjVkgxyKM2zcJleJjOwbxdj+D55ntlxlJSEEhxBZ/Ie8BujqQv/01FQrdUwRWEFqD/aHtAhFkUjsEFlpHhN2mzXQpqFB4WQDrjkqKkPpcw9PmrNlf9TOjPrl4CS+9b2HtDnYmw=,iv:L/3c+amIPkP9n8A3ECLewi8NlsiVr9GCQOKs1N0jK+c=,tag:TS/wqMF+n8Sux7k4ANv6NA==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0