switch to ubuntu 26 with wayland and more ❄️

.claude/settings.local.json

@@ -2,8 +2,15 @@
   "permissions": {
     "allow": [
       "mcp__rime",
-      "mcp__plugin_context7_context7__get-library-docs",
-      "mcp__plugin_context7_context7__resolve-library-id"
+      "Bash(ssh pc \"ssh-add -l\" 2>&1)",
+      "Bash(ssh pc \"who -b\")",
+      "Bash(ssh pc \"systemctl --user list-timers --no-pager\" 2>&1)",
+      "Bash(tmux list-sessions 2>/dev/null)",
+      "Bash(ssh pc 'journalctl -b -u systemd-modules-load --no-pager' 2>&1)",
+      "Bash(ssh pc 'ip link show' 2>&1)",
+      "Bash(ssh pc 'cat /proc/cmdline' 2>&1)",
+      "Bash(ssh pc 'cat /var/log/boot-diag.log' 2>&1)",
+      "Bash(localectl status)"
     ]
   },
   "enableAllProjectMcpServers": true,

CLAUDE.md

@@ -51,14 +51,15 @@ tmux new-session -d -s "$SESSION" -x "$(tput cols)" -y "$(tput lines)"
 Structure:
 - `flake.nix` — defines all hosts. PC is a NixOS system (with HM as module); laptops are HM standalone.
 - `nix/home/common.nix` - CLI tools for all hosts (auto-included via mkHome)
-- `nix/home/desktop.nix` - GUI apps (vesktop, nemo, fonts) — workstation machines only
-- `nix/home/gnome.nix` - GNOME-specific (tiling-shell, dconf)
-- `nix/home/kitty.nix` - terminal emulator
+- `nix/home/desktop.nix` - GUI apps (vesktop, obsidian, etc.) — workstation machines only
+- `nix/home/firefox.nix` - Firefox: policies, search engines, about:config
+- `nix/home/ghostty.nix` - terminal emulator
+- `nix/home/gnome.nix` - GNOME keybindings, tiling-shell, dconf settings
 - `nix/home/newsboat.nix` - RSS reader with desktop notifications
 - `nix/home/tmux.nix` - tmux config
 - `nix/home/timers.nix` - systemd user timers, zephyrus only. Secrets via `EnvironmentFile` from `secrets/env/`
 - `nix/home/pc-timers.nix` - PC user timers (youtube backup, phone sync + backup, encrypted backup)
-- `nix/home/x11.nix` / `wayland.nix` - display server specific
+- `nix/home/wayland.nix` - Wayland clipboard (wl-clipboard)
 - `nix/home/hosts/` - per-machine configs (stateVersion + imports)
 - `nix/nixos/pc/` - NixOS system config for PC (configuration.nix, hardware-configuration.nix, youtube-download.nix)
 
@@ -69,7 +70,7 @@ Host tiers:
 
 Setup flow:
 - `./setup minimal` installs Nix
-- Laptops (HM standalone): `nix run home-manager/master -- switch --flake ~/.dotfiles#$NIX_HOST`, then `hmswitch`
+- Laptops (HM standalone): `./setup host <name>` (auto-runs first HM switch), then `hmswitch` for subsequent changes
 - PC (NixOS): `nswitch` (alias for `sudo nixos-rebuild switch --flake ...`) — rebuilds system + HM together
 
 ### Key Nix Concepts
@@ -107,8 +108,8 @@ See `agent/knowledge/nixos-new-machine.md` (disko + nixos-facter + nixos-anywher
 
 ## What stays outside Nix
 
-- Ubuntu-specific apt packages (pulseaudio-module-bluetooth) - system-level
-- GNOME keybindings - keybindings.pl works fine
+- Ubuntu-specific apt packages (libfuse2, ubuntu-drivers, ubuntu-restricted-extras) — system-level
+- NVIDIA drivers — `sudo ubuntu-drivers install` via `./setup ubuntu`
 
 # Rime MCP
 

README.md

@@ -12,16 +12,17 @@ Managed via [Nix Home Manager](https://github.com/nix-community/home-manager) 
 dotfiles
 ├── backup        # restic/rsync backup scripts (ntfy notifications)
 ├── bin           # custom scripts
-├── desktop       # desktop shortcuts, icons, discord theme
+├── desktop       # icons, discord theme
 ├── nix
 │   ├── home
 │   │   ├── common.nix     # CLI tools, git, zsh plugins (all hosts)
 │   │   ├── desktop.nix    # GUI apps (workstations)
-│   │   ├── gnome.nix      # GNOME extensions, dconf
+│   │   ├── firefox.nix    # Firefox config, policies, search engines
+│   │   ├── gnome.nix      # GNOME keybindings, extensions, dconf
 │   │   ├── tmux.nix       # tmux config + resurrect
 │   │   ├── timers.nix     # systemd timers (zephyrus)
 │   │   ├── pc-timers.nix  # backup/sync timers (pc)
-│   │   ├── x11.nix / wayland.nix
+│   │   ├── wayland.nix
 │   │   └── hosts/         # per-machine: imports + stateVersion
 │   └── nixos/             # NixOS system configs
 ├── nvim          # neovim config (lazy.nvim)
@@ -38,39 +39,70 @@ dotfiles
 
 ## Setup (Ubuntu)
 
+### Fresh install (LUKS + LVM)
+
+Boot a live USB, then:
+
 ```bash
-sudo apt-get update && sudo apt-get install -y git
-git clone https://github.com/MaxWolf-01/dotfiles.git ~/.dotfiles
-cd ~/.dotfiles && ./setup minimal
+sudo apt-get install -y curl debootstrap gdisk
+curl -sLO https://raw.githubusercontent.com/MaxWolf-01/dotfiles/master/bin/ubuntu-install
+sudo bash ubuntu-install
 ```
 
-Restart shell, then set host and run Home Manager:
+<details>
+<summary>If apt doesn't work (pre-release ISO)</summary>
 
 ```bash
-./setup host zephyrus
-nix run home-manager/master -- switch --flake ~/.dotfiles#$NIX_HOST
-gh auth login -w
+curl -Lo /tmp/debootstrap.deb http://archive.ubuntu.com/ubuntu/pool/main/d/debootstrap/debootstrap_1.0.142ubuntu1_all.deb
+curl -Lo /tmp/gdisk.deb http://archive.ubuntu.com/ubuntu/pool/main/g/gdisk/gdisk_1.0.10-2build1_amd64.deb
+sudo dpkg -i /tmp/debootstrap.deb /tmp/gdisk.deb
+curl -sLO https://raw.githubusercontent.com/MaxWolf-01/dotfiles/master/bin/ubuntu-install
+sudo bash ubuntu-install
+```
+</details>
+
+<details>
+<summary>CLI pastebin (send text between machines without login/git)</summary>
+
+```bash
+echo "commands here" | curl --data-binary @- https://paste.rs
+cat script.sh | curl --data-binary @- https://paste.rs
+```
+</details>
+
+Reboot, remove USB.
+
+### Post-install
+
+```bash
+sudo apt-get update && sudo apt-get install -y git
+git clone https://github.com/MaxWolf-01/dotfiles.git ~/.dotfiles
+cd ~/.dotfiles && ./setup host zephyrus   # dirs, symlinks, nix, HM switch
 ```
 
-After first run, use `hmswitch` to apply changes.
+Restart shell (nix needs it on first install), then re-run `./setup host zephyrus`.
 
-Place your age key at `~/.local/secrets/age-key.txt` (copy from another machine or backup), then:
 ```bash
-./setup secrets
-./setup ubuntu
-./setup get_claude
+./setup ubuntu                 # NVIDIA drivers, codecs, btop, cleanup
+sudo reboot
+./setup gpu                    # nix GPU driver symlinks
+gh auth login -w
+./setup secrets                # clones secrets repo, decrypts SSH key + secrets
+restore-working                # restore data from rsync.net backup
+./setup get_claude             # after restore to avoid .claude/ conflicts
 ```
 
+After first run, use `hmswitch` to apply HM changes.
+
 All `./setup` functions are idempotent — safe to re-run.
 
 <details>
-<summary>Other common setup functions for the daily driver</summary>
+<summary>Other setup functions</summary>
 
 ```bash
 ./setup docker
 ./setup nvidia_container_toolkit
 ./setup get_vibetyper
-./setup tiling_shell
 ```
 </details>
 

bin/migrate-firefox-snap

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+# Migrate Firefox profile from snap path to HM path
+#
+# snap/firefox/common/.mozilla/firefox → ~/.mozilla/firefox
+#
+# Run once after restoring a backup that has the snap-era Firefox profile.
+
+set -euo pipefail
+
+SNAP_DIR="$HOME/snap/firefox/common/.mozilla/firefox"
+HM_DIR="$HOME/.mozilla/firefox"
+
+die() { echo "Error: $*" >&2; exit 1; }
+
+[[ -d "$SNAP_DIR" ]] || die "No snap Firefox profile found at $SNAP_DIR"
+
+if [[ -d "$HM_DIR" ]]; then
+    echo "~/.mozilla/firefox already exists."
+    read -rp "Replace it with snap profile? [y/N] " response
+    [[ "$response" =~ ^[Yy]$ ]] || exit 0
+    rm -rf "$HM_DIR"
+fi
+
+mkdir -p "$HOME/.mozilla"
+mv "$SNAP_DIR" "$HM_DIR"
+
+# Clean up empty snap dirs
+rm -rf "$HOME/snap/firefox" 2>/dev/null || true
+rmdir "$HOME/snap" 2>/dev/null || true
+
+echo "Done. Firefox profile moved to ~/.mozilla/firefox"