Standardize networking, add more Librewolf configs, standardize synatxing for Waybar, generalize app usage

2024-12-01 01:44:12 -05:00 · 2024-12-01 01:44:12 -05:00 · 0042da23be
commit 0042da23be
parent f4acc6c10d
17 changed files with 90 additions and 114 deletions
--- a/hosts/extern/default.nix
+++ b/hosts/extern/default.nix
@ -9,12 +9,8 @@
    ../../modules/system
  ];

-  system.wireless.enable = false;
-
  system.wireguard.client.enable = true;
  networking.wireguard.interfaces.wgc.ips = [ "10.100.0.21/24" ];

-  boot.binfmt.emulatedSystems = [ "x86_64-linux" ];
-
  networking.hostName = "extern";
 }
--- a/hosts/extern/hardware/default.nix
+++ b/hosts/extern/hardware/default.nix
@ -5,6 +5,6 @@
  boot.initrd.kernelModules = [ "dm-snapshot" ];

  networking.useDHCP = lib.mkDefault true;
-  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/extern/modules/default.nix
+++ b/hosts/extern/modules/default.nix
@ -1,4 +1,7 @@
 { modulesPath, ... }:
 {
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  imports = [
+    (modulesPath + "/profiles/all-hardware.nix")
+    #(modulesPath + "/profiles/qemu-guest.nix")
+  ];
 }
--- a/hosts/kitty/firewall/default.nix
+++ b/hosts/kitty/firewall/default.nix
@ -1,13 +1,10 @@
 { lib, config, ... }:
 {
  networking = {
-    firewall = {
-      allowPing = false;
-      extraInputRules = ''
-        ip saddr { ${config.ips.localSpan}.0/24, 10.100.0.0/24 } tcp dport 2049 accept comment "Accept NFS"
-        ip saddr { ${config.ips.pc}, ${config.secrets.lunaIP}, ${config.secrets.cornIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
-      '';
-    };
+    firewall.extraInputRules = ''
+      ip saddr { ${config.ips.localSpan}.0/24, 10.100.0.0/24 } tcp dport 2049 accept comment "Accept NFS"
+      ip saddr { ${config.ips.pc}, ${config.secrets.lunaIP}, ${config.secrets.cornIP} } tcp dport { 1935, 1945 } accept comment "Accept RTMP"
+    '';

    # Nftables configuration only if server is enabled
    nftables.tables.forwarding = {
--- a/hosts/tower/disko/default.nix
+++ b/hosts/tower/disko/default.nix
@ -51,7 +51,7 @@
              subvolumes = {
                "/root" = {
                  mountpoint = "/";
-                  mountOptions = [ "compress=zstd" "noatime" "ssd" "noexec" ];
+                  mountOptions = [ "compress=zstd" "noatime" "ssd" ];
                };
                "/prev" = {
                  mountpoint = "/prev";