cleanup

hosts/default.nix

@@ -11,8 +11,8 @@ in
   # Enable nix flakes and nix-command tools
   nix = {
     settings = {
-      warn-dirty = false;
-      experimental-features = [
+      warn-dirty = lib.mkForce false;
+      experimental-features = lib.mkForce [
         "nix-command"
         "flakes"
       ];
@@ -20,7 +20,7 @@ in
 
     # Garbage collect automatically every week
     gc.automatic = lib.mkDefault true;
-    gc.options = "--delete-older-than 30d";
+    gc.options = lib.mkDefault "--delete-older-than 30d";
 
     optimise.automatic = lib.mkDefault true;
   };
@@ -38,7 +38,7 @@ in
     enableAllFirmware = lib.mkForce true;
 
     # Disable pulse audio in favor of pipewire
-    pulseaudio.enable = false;
+    pulseaudio.enable = lib.mkDefault false;
   };
 
   # Services configs

hosts/desktop/configuration.nix

@@ -223,8 +223,6 @@ in
       wineWowPackages.waylandFull
     ];
 
-    sessionVariables = lib.mkDefault { STEAM_FORCE_DESKTOPUI_SCALING = "1"; };
-
      etc."lact/config.yaml".text = ''
       daemon:
         log_level: info

hosts/desktop/home.nix

@@ -16,7 +16,7 @@ let
     s = "status";
     st = "status";
     b = "branch";
-    # p = "pull --rebase";
+    p = "pull --rebase";
     pu = "push";
   };
 in

hosts/desktop/hyprland/home.nix

@@ -15,8 +15,8 @@ let
     themeVariants = [ gtkThemeAccent ];
     tweaks = [ gtkThemeVariant ];
   };
-  iconThemeColor = "dark"; # "" "light" "dark"
-  iconThemeVariant = ""; # "" "purple" "pink" "red" "orange" "yellow" "green" "teal" "grey"
+  # iconThemeColor = "dark"; # "" "light" "dark"
+  # iconThemeVariant = ""; # "" "purple" "pink" "red" "orange" "yellow" "green" "teal" "grey"
   iconThemeScheme = "nord"; # "" "nord" "dracula" "gruvbox" "everforest" "catppuccin"
   iconTheme = "Colloid-Nord";
   iconThemePkg = pkgs.colloid-icon-theme.override {

hosts/nas/configuration.nix

@@ -173,6 +173,7 @@ in
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
       ];
       packages = with pkgs; [
+        cachix
         fastfetch
         git
         parted

hosts/nas/filesystems.nix

@@ -105,6 +105,16 @@ in
     options = [ "subvol=timemachine" ] ++ defaultOptions;
   };
 
+  fileSystems."/run/mount/ssd" = {
+    device = "/dev/mapper/ssd1";
+    fsType = "btrfs";
+  };
+
+  fileSystems."/run/mount/main" = {
+    device = "/dev/mapper/hdd1";
+    fsType = "btrfs";
+  };
+
   # fileSystems."/media/nas/junk/nextcloud-backup" = {
   #   device = "/dev/disk/by-uuid/11948951106919390044";
   #   fsType = "btrfs";

hosts/nas/home.nix

@@ -42,7 +42,7 @@
       s = "status";
       st = "status";
       b = "branch";
-      # p = "pull --rebase";
+      p = "pull --rebase";
       pu = "push";
     };
   };

hosts/nas/impermanence.nix

@@ -1,4 +1,4 @@
-{ ... }@args:
+{ ... }:
 {
   # Set up impernance configuration for things like bluetooth
   # In this configuration with /etc and /var/log being persistent, only directories outside of that need to be done here. See hardware configuration for all mountpoints.
@@ -34,4 +34,9 @@
       "/etc/machine-id"
     ];
   };
+
+  security.sudo.extraConfig = ''
+    # rollback results in sudo lectures after each reboot
+    Defaults lecture = never
+  '';
 }

hosts/nas/networking.nix

@@ -2,25 +2,19 @@
 let
   hostname = "jallen-nas";
   ipAddress = "10.0.1.18";
+  ipAddress2 = "10.0.1.19";
   gateway = "10.0.1.1";
-  allowedPorts = [
-    2342
-    3493
-    61208
-    9090
-    9000
-    #    config.services.tailscale.port
-    #    22
-  ];
 in
 {
-  # Networking configs wlp7s0
+  # Networking configs
   networking = {
     hostName = hostname;
 
+    useNetworkd = true;
+
     hostId = "4b501480";
 
-    # Enable Network Manager
+    # Disable Network Manager
     networkmanager.enable = false;
 
     interfaces = {
@@ -33,25 +27,23 @@ in
           }
         ];
       };
-
-      # br0 = {
-      #   useDHCP = false;
-      #   ipv4.addresses = [
-      #     {
-      #       address = ipAddress;
-      #       prefixLength = 24;
-      #     }
-      #   ];
-      # };
+      wlp6s0 = {
+        useDHCP = true;
+        ipv4.addresses = [
+          {
+            address = ipAddress2;
+            prefixLength = 24;
+          }
+        ];
+      };
     };
 
-    # bridges = {
-    #   br0 = {
-    #     interfaces = [ "wlp6s0" ];
-    #   };
-    # };
+    defaultGateway = {
+      interface = "wlp7s0";
+      address = gateway;
+      metric = 1;
+    };
 
-    defaultGateway.address = gateway;
     nameservers = [ gateway ];
 
     wireless = {
@@ -60,42 +52,32 @@ in
       secretsFile = config.sops.secrets."wifi".path;
       allowAuxiliaryImperativeNetworks = true;
       interfaces = [
+        "wlp6s0"
         "wlp7s0"
       ];
       networks = {
         "Joey's Jungle 6G" = {
-#          pskRaw = "ext:PSK";
-#          priority = 1000;
+          # pskRaw = "ext:PSK";
+          priority = 1000;
           psk = "kR8v&3Qd";
           extraConfig = ''
             key_mgmt=SAE
             ieee80211w=2
           '';
         };
-#        "Joey's Jungle 5G" = {
-#          pskRaw = "ext:PSK";
-#          priority = 1;
-#        };
+        "Joey's Jungle 5G" = {
+          pskRaw = "ext:PSK";
+          priority = -100;
+        };
       };
     };
 
     firewall = {
       enable = true;
       allowPing = true;
-      extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
-      allowedTCPPorts = allowedPorts;
-      allowedUDPPorts = allowedPorts;
 
       # always allow traffic from your Tailscale network
       trustedInterfaces = [ "tailscale0" ];
     };
-
-    # nat = {
-    #   enable = true;
-    #   internalInterfaces = ["ve-+"];
-    #   externalInterface = "wlp9s0";
-    #   # Lazy IPv6 connectivity for the container
-    #   enableIPv6 = true;
-    # };
   };
 }