small cleanup

flake.nix

@@ -6,7 +6,6 @@
     nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
     nixpkgs-master.url = "github:nixos/nixpkgs/master";
     nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.05";
-    nix.url = "github:nixos/nix/2.17.0";
     flake-registry = {
       url = "github:nixos/flake-registry";
       flake = false;
@@ -114,8 +113,6 @@
     customRoles = import ./roles;
 
     sharedPatches = patchesPath [
-      "ivpn.patch"
-      "mullvad-exclude-containers.patch"
       "vaultwarden.patch"
       "webhooks.patch"
     ];

patches/ivpn.patch

@@ -1,46 +0,0 @@
-From 13a0c99ff5bed75f1991169ff5757936f0e39747 Mon Sep 17 00:00:00 2001
-From: Dmitriy Kholkin <ataraxiadev@ataraxiadev.com>
-Date: Tue, 16 May 2023 17:59:58 +0300
-Subject: [PATCH] ivpn{,-service}: 3.10.15 -> 3.10.23
-
----
- pkgs/tools/networking/ivpn/default.nix | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/pkgs/tools/networking/ivpn/default.nix b/pkgs/tools/networking/ivpn/default.nix
-index e8e33f3bc73..fe5d673286e 100644
---- a/pkgs/tools/networking/ivpn/default.nix
-+++ b/pkgs/tools/networking/ivpn/default.nix
-@@ -15,13 +15,13 @@
- 
- builtins.mapAttrs (pname: attrs: buildGoModule (attrs // rec {
-   inherit pname;
--  version = "3.10.15";
-+  version = "3.10.23";
- 
-   src = fetchFromGitHub {
-     owner = "ivpn";
-     repo = "desktop-app";
-     rev = "v${version}";
--    hash = "sha256-3yVRVM98tVjot3gIkUb/CDwmwKdOOBjBjzGL6htDtpk=";
-+    hash = "sha256-0XIATqidCQdERitYys7Gk0bENRZxdb/A9ieBNsWhbUM=";
-   };
- 
-   ldflags = [
-@@ -45,11 +45,11 @@ builtins.mapAttrs (pname: attrs: buildGoModule (attrs // rec {
- })) {
-   ivpn = {
-     modRoot = "cli";
--    vendorHash = "sha256-T49AE3SUmdP3Tu9Sp5C/QryKDto/NzEqRuUQ3+aJFL0=";
-+    vendorHash = "sha256-aD4QOudazSrsg10c1m6xZUfPkw/aCxYKPxBR46KUVAk=";
-   };
-   ivpn-service = {
-     modRoot = "daemon";
--    vendorHash = "sha256-9Rk6ruMpyWtQe+90kw4F8OLq7/JcDSrG6ufkfcrS4W8=";
-+    vendorHash = "sha256-1bGh3Yvou+xnQvhj5T3Z3yq0agvk8BCUX+M83f+5qOg=";
-     nativeBuildInputs = [ makeWrapper ];
-     buildInputs = [ wirelesstools ];
- 
--- 
-2.40.1
-

patches/mullvad-exclude-containers.patch

@@ -1,50 +0,0 @@
-diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix
-index e1e640c4474..1578f8680c8 100644
---- a/nixos/modules/virtualisation/nixos-containers.nix
-+++ b/nixos/modules/virtualisation/nixos-containers.nix
-@@ -445,6 +445,7 @@ let
-       localAddress = null;
-       localAddress6 = null;
-       tmpfs = null;
-+      mullvadExclude = false;
-     };
- 
- in
-@@ -691,6 +692,14 @@ in
-               '';
-             };
- 
-+            mullvadExclude = mkOption {
-+              type = types.bool;
-+              default = false;
-+              description = lib.mdDoc ''
-+                Start container with mullvad-exclude.
-+              '';
-+            };
-+
-             # Removed option. See `checkAssertion` below for the accompanying error message.
-             pkgs = mkOption { visible = false; };
-           } // networkOptions;
-@@ -767,6 +776,8 @@ in
- 
-       postStart = postStartScript dummyConfig;
- 
-+      postStop = mkIf dummyConfig.mullvadExclude "";
-+
-       restartIfChanged = false;
- 
-       serviceConfig = serviceDirectives dummyConfig;
-@@ -797,7 +808,12 @@ in
-           recursiveUpdate unit {
-             preStart = preStartScript containerConfig;
-             script = startScript containerConfig;
--            postStart = postStartScript containerConfig;
-+            postStart = (if containerConfig.mullvadExclude then ''
-+              ${config.services.mullvad-vpn.package}/bin/mullvad split-tunnel pid add $MAINPID
-+            '' else "") + postStartScript containerConfig;
-+            postStop = mkIf containerConfig.mullvadExclude ''
-+              ${config.services.mullvad-vpn.package}/bin/mullvad split-tunnel pid delete $MAINPID
-+            '';
-             serviceConfig = serviceDirectives containerConfig;
-             unitConfig.RequiresMountsFor = lib.optional (!containerConfig.ephemeral) "${stateDirectory}/%i";
-             environment.root = if containerConfig.ephemeral then "/run/nixos-containers/%i" else "${stateDirectory}/%i";

profiles/bluetooth.nix

@@ -9,11 +9,6 @@
       };
     };
 
-    # systemd.services.bluetooth.serviceConfig.ExecStart = lib.mkForce [
-    #   ""
-    #   "${pkgs.bluez}/libexec/bluetooth/bluetoothd -f /etc/bluetooth/main.conf -E"
-    # ];
-
     persist.state.directories = [ "/var/lib/bluetooth" ];
 
     home-manager.users.${config.mainuser}.programs.zsh.shellAliases = let

profiles/overlay.nix

@@ -32,7 +32,6 @@ with lib; {
         nix-index-update = inputs.nix-alien.packages.${system}.nix-index-update;
         prismlauncher = inputs.prismlauncher.packages.${system}.default;
         ripgrep-all = stable.ripgrep-all;
-        spotify = master.spotify;
         wine = prev.wineWowPackages.staging;
         xray = master.xray;
         youtube-to-mpv = prev.callPackage ./packages/youtube-to-mpv.nix { term = config.defaultApplications.term.cmd; };

profiles/workspace/proxy.nix

@@ -8,7 +8,6 @@
   };
 
   containers.tor = {
-    mullvadExclude = config.deviceSpecific.vpn.mullvad.enable;
     autoStart = false;
     ephemeral = true;
     # extraFlags = [ "-U" ]; # unprivileged