11 files changed, 199 insertions, 14 deletions

diff --git a/configs/configs_root_dir/etc/NetworkManager/dispatcher.d/70-wifi-wired-exclusive b/configs/configs_root_dir/etc/NetworkManager/dispatcher.d/70-wifi-wired-exclusive
new file mode 100755
index 0000000..a0f0c4c
--- /dev/null
+++ b/configs/configs_root_dir/etc/NetworkManager/dispatcher.d/70-wifi-wired-exclusive
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# https://wiki.archlinux.org/title/NetworkManager#Use_dispatcher_to_automatically_toggle_wireless_depending_on_LAN_cable_being_plugged_in
+
+if [ "$1" = "enp3s0" ]; then
+	case "$2" in
+		up)
+			nmcli radio wifi off
+			;;
+		down)
+			nmcli radio wifi on
+			;;
+	esac
+elif [ "$(nmcli -g GENERAL.STATE device show enp3s0)" = "20 (unavailable)" ]; then
+	nmcli radio wifi on
+fi
diff --git a/configs/configs_root_dir/etc/nftables_phantun_wg_server.conf b/configs/configs_root_dir/etc/nftables_phantun_wg_server.conf
index 4c7d084..0d803d8 100644
--- a/configs/configs_root_dir/etc/nftables_phantun_wg_server.conf
+++ b/configs/configs_root_dir/etc/nftables_phantun_wg_server.conf
@@ -74,8 +74,8 @@ table inet nat {
 	chain prerouting {
 		type nat hook prerouting priority dstnat
 		policy accept
-		iif $pub_iface tcp dport 59083 dnat ip to 10.0.2.2
-		iif $pub_iface tcp dport 59083 dnat ip6 to fdc9:281f:04d7:9eeb::2
+		iifname $pub_iface tcp dport 59083 dnat ip to 10.0.2.2
+		iifname $pub_iface tcp dport 59083 dnat ip6 to fdc9:281f:04d7:9eeb::2
 	}
 	# newer kernel no need for `chain prerouting { type nat hook prerouting priority -100; policy accept; }`, more see https://www.procustodibus.com/blog/2021/11/wireguard-nftables/
 	# for all packets to $pub_iface, after routing, replace source address with primary IP of $pub_iface interface
diff --git a/configs/configs_root_dir/etc/pacman.d/hooks/linux-megi-mkinitcpio.hook b/configs/configs_root_dir/etc/pacman.d/hooks/linux-megi-mkinitcpio.hook
new file mode 100644
index 0000000..109c2f0
--- /dev/null
+++ b/configs/configs_root_dir/etc/pacman.d/hooks/linux-megi-mkinitcpio.hook
@@ -0,0 +1,15 @@
+# Sometimes after linux-megi upgrade, reboot results into osk-sdl errors so I can't decrypt FDE.
+# Maybe it is because linux-megi does not have `/usr/lib/modules/*/vmlinuz`, this cause /usr/share/libalpm/hooks/90-mkinitcpio-install.hook to not run when linux-megi upgrade, which cause mkinitcpio not run.
+# Also, 90-linux-megi.hook does not set linux-megi as target and it seems cause it not running when linux-megi upgrade.
+# I'm not sure what's the cause of the issue. This pacman hook is just a dirty workaround, because it may cause mkinitcpio run twice.
+[Trigger]
+Type = Package
+Operation = Install
+Operation = Upgrade
+Target = linux-megi
+
+[Action]
+Description = My workaround to mkinitcpio after linux-megi upgrade...
+When = PostTransaction
+Exec = /usr/bin/mkinitcpio -P
+Depends = linux-megi
diff --git a/configs/configs_root_dir/etc/searxng/settings.yml b/configs/configs_root_dir/etc/searxng/settings.yml
new file mode 100644
index 0000000..f0139f9
--- /dev/null
+++ b/configs/configs_root_dir/etc/searxng/settings.yml
@@ -0,0 +1,86 @@
+use_default_settings: true
+server:
+    secret_key: "<secret_key>"
+checker:
+    scheduling:
+    start_after: [300, 1800]  # delay to start the first run of the checker
+    every: [86400, 90000]     # how often the checker runs
+
+ui:
+  results_on_new_tab: true
+  infinite_scroll: true
+  theme_args:
+    simple_style: dark
+
+outgoing:
+  request_timeout: 60
+
+enabled_plugins:
+  - 'Hash plugin'
+  - 'Search on category select'
+  - 'Self Informations'
+  - 'Tracker URL remover'
+  - 'Ahmia blacklist'
+  - 'Open Access DOI rewrite'
+
+engines:
+  # general/web
+  - name: brave
+    disabled: false
+  - name: bing
+    disabled: false
+  - name: duckduckgo
+    disabled: false
+  - name: gigablast
+    disabled: false
+  - name: yahoo
+    disabled: false
+  # general/others
+  - name: ddg definitions
+    disabled: false
+  # images/web
+  - name: duckduckgo images
+    disabled: false
+  # images/others
+  - name: imgur
+    disabled: false
+  # videos/others
+  - name: peertube
+    disabled: false
+  # news
+  - name: wikinews
+    disabled: false
+  # IT/packages
+  - name: lib.rs
+    disabled: false
+  - name: metacpan
+    disabled: false
+  - name: npm
+    disabled: false
+  - name: packagist
+    disabled: false
+  - name: pub.dev
+    disabled: false
+  - name: rubygems
+    disabled: false
+  # IT/repos
+  - name: bitbucket
+    disabled: false
+  - name: codeberg
+    disabled: false
+  - name: gitlab
+    disabled: false
+  - name: sourcehut
+    disabled: false
+  # IT/software wikis
+  - name: free software directory
+    disabled: false
+  # files/others
+  - name: 1337x
+    disabled: false
+  - name: library genesis
+    disabled: false
+  - name: nyaa
+    disabled: false
+  - name: tokyotoshokan
+    disabled: false
diff --git a/configs/configs_root_dir/etc/systemd/resolved.conf.d/resolved.conf b/configs/configs_root_dir/etc/systemd/resolved.conf.d/mdns.conf
index 314a2db..314a2db 100644
--- a/configs/configs_root_dir/etc/systemd/resolved.conf.d/resolved.conf
+++ b/configs/configs_root_dir/etc/systemd/resolved.conf.d/mdns.conf
diff --git a/configs/configs_root_dir/etc/systemd/system/phantun_client.service b/configs/configs_root_dir/etc/systemd/system/phantun_client.service
new file mode 100644
index 0000000..550bf39
--- /dev/null
+++ b/configs/configs_root_dir/etc/systemd/system/phantun_client.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=phantun client
+After=network.target
+
+[Service]
+Type=simple
+Environment=RUST_LOG=info
+ExecStart=/usr/bin/phantun_client --local [::1]:59083 --remote 104.224.159.210:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
+#ExecStart=/usr/bin/env RUST_LOG=info /usr/bin/phantun_client --local [::1]:59083 --remote 104.224.159.210:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/configs/configs_root_dir/etc/systemd/system/phantun_server.service b/configs/configs_root_dir/etc/systemd/system/phantun_server.service
new file mode 100644
index 0000000..67b24f9
--- /dev/null
+++ b/configs/configs_root_dir/etc/systemd/system/phantun_server.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=phantun client
+After=network.target
+
+[Service]
+Type=simple
+Environment=RUST_LOG=info
+ExecStart=/usr/bin/phantun_server --local 59083 --remote [::1]:54635 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
+#ExecStart=/usr/bin/env RUST_LOG=info /usr/bin/phantun_server --local 59083 --remote [::1]:54635 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/configs/configs_root_dir/etc/uwsgi/vassals/searxng.ini b/configs/configs_root_dir/etc/uwsgi/vassals/searxng.ini
new file mode 100644
index 0000000..403ffe1
--- /dev/null
+++ b/configs/configs_root_dir/etc/uwsgi/vassals/searxng.ini
@@ -0,0 +1,19 @@
+[uwsgi]

+uid = searxng

+gid = searxng

+env = LANG=C.UTF-8

+env = LANGUAGE=C.UTF-8

+env = LC_ALL=C.UTF-8

+env = SEARX_SETTINGS_PATH=/etc/searxng/settings.yml

+logger = systemd

+disable-logging = true

+chmod-socket = 666

+single-interpreter = true

+master = true

+lazy-apps = true

+plugin = python

+enable-threads = true

+module = searx.webapp

+chmod-socket = 666

+http = :49152

+cache2 = name=searxngcache,items=2000,blocks=2000,blocksize=4096,bitmap=1

diff --git a/pkgbuilds/remind/.nvchecker.toml b/pkgbuilds/remind/.nvchecker.toml
new file mode 100644
index 0000000..7f58eac
--- /dev/null
+++ b/pkgbuilds/remind/.nvchecker.toml
@@ -0,0 +1,23 @@
+[remind]
+source = 'regex'
+url = 'https://dianne.skoll.ca/projects/remind/'
+# Not sure why but test shows if use sth. like \. and \1, must use single quote
+# ' instead of double quote ", else error: "jq: parse error: Invalid literal at
+# line 1, column 7"; if want to use double quote ", must use sth. like \\. and
+# \\1
+regex = 'The current version of remind is <b>([0-9]+\.[0-9]+\.[0-9]+)</b>'
+# convert the version name from sth. like 06.00.01 to 6.0.1 to match PKGBUILD
+# version name, so `pkgctl version upgrade` can correctly upgrade PKGBUILD
+# version
+from_pattern = '0*([0-9]+)\.0*([0-9]+)\.0*([0-9]+)'
+to_pattern = '\1.\2.\3'
+
+# another way, not preferred because salsa.debian.org was down at 2025-09-14T09:52Z,
+# so this website seems less reliable
+#source = 'git'
+# not using https://git.skoll.ca/Skollsoft-Public/Remind because it requires
+# user and password "notabot"
+#git = 'https://salsa.debian.org/dskoll/remind'
+# tags in https://git.skoll.ca/Skollsoft-Public/Remind shows some tags in the
+# past used RC in the name
+#exclude_regex = '.*(BETA|feature|RC).*'
diff --git a/sh/phantun_wg_client b/sh/phantun_wg_client
index 3c9369c..32b1ad1 100755
--- a/sh/phantun_wg_client
+++ b/sh/phantun_wg_client
@@ -2,16 +2,16 @@
 
 # more see vc notes
 
-sudo env RUST_LOG=info phantun-client --local 127.0.0.1:59083 --remote 89.213.174.92:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
+sudo env RUST_LOG=info phantun_client --local 127.0.0.1:59083 --remote 89.213.174.92:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
 # ipv6
-#sudo env RUST_LOG=info phantun-client --local [::1]:59083 --remote [2a0f:9400:7e11:bce7::1]:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
+#sudo env RUST_LOG=info phantun_client --local [::1]:59083 --remote [2a0f:9400:7e11:bce7::1]:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
 
 # try single cpu
-#sudo env RUST_LOG=info firejail --noprofile --cpu=0 phantun-client --local 127.0.0.1:59083 --remote 89.213.174.92:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
+#sudo env RUST_LOG=info firejail --noprofile --cpu=0 phantun_client --local 127.0.0.1:59083 --remote 89.213.174.92:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2 --tun pt0
 
 # old
-#sudo env RUST_LOG=info phantun-client --local 127.0.0.1:59083 --remote ia.flylightning.xyz:59083
-#sudo env RUST_LOG=info phantun-client --local 127.0.0.1:59083 --remote 89.213.174.92:59083
-#sudo env RUST_LOG=info phantun-client --local 127.0.0.1:59083 --remote 89.213.174.92:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2
+#sudo env RUST_LOG=info phantun_client --local 127.0.0.1:59083 --remote ia.flylightning.xyz:59083
+#sudo env RUST_LOG=info phantun_client --local 127.0.0.1:59083 --remote 89.213.174.92:59083
+#sudo env RUST_LOG=info phantun_client --local 127.0.0.1:59083 --remote 89.213.174.92:59083 --tun-local 10.0.1.1 --tun-peer 10.0.1.2 --tun-local6 fdc9:281f:04d7:9eea::1 --tun-peer6 fdc9:281f:04d7:9eea::2
 
 # RUST_LOG=debug
diff --git a/sh/phantun_wg_server b/sh/phantun_wg_server
index b0693a5..37af569 100755
--- a/sh/phantun_wg_server
+++ b/sh/phantun_wg_server
@@ -3,16 +3,16 @@
 # more see vc notes
 
 # without udpspeeder
-sudo env RUST_LOG=info phantun-server --local 59083 --remote 127.0.0.1:49432 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
+sudo env RUST_LOG=info phantun_server --local 59083 --remote 127.0.0.1:49432 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
 # ipv6
-#sudo env RUST_LOG=info phantun-server --local 59083 --remote [::1]:49432 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
+#sudo env RUST_LOG=info phantun_server --local 59083 --remote [::1]:49432 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
 
 # old
-#sudo env RUST_LOG=info phantun-server --local 59083 --remote 127.0.0.1:49432
-#sudo env RUST_LOG=info phantun-server --local 59083 --remote 127.0.0.1:49432 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2
+#sudo env RUST_LOG=info phantun_server --local 59083 --remote 127.0.0.1:49432
+#sudo env RUST_LOG=info phantun_server --local 59083 --remote 127.0.0.1:49432 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2
 
 # try with udpspeeder
-#sudo env RUST_LOG=info phantun-server --local 59083 --remote 127.0.0.1:53365 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
+#sudo env RUST_LOG=info phantun_server --local 59083 --remote 127.0.0.1:53365 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
 
 # try with swgp
-#sudo env RUST_LOG=info phantun-server --local 59083 --remote 127.0.0.1:54637 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0
+#sudo env RUST_LOG=info phantun_server --local 59083 --remote 127.0.0.1:54637 --tun-local 10.0.2.1 --tun-peer 10.0.2.2 --tun-local6 fdc9:281f:04d7:9eeb::1 --tun-peer6 fdc9:281f:04d7:9eeb::2 --tun pt0