From d36071134c2579f09c8138fd2d793534a7fccc74 Mon Sep 17 00:00:00 2001
From: TrudeEH <ehtrude@gmail.com>
Date: Thu, 5 Feb 2026 22:06:04 +0000
Subject: [PATCH] V2

---
 nixos/configuration.nix | 59 +++++++++++++++++------------------------
 nixos/flake.lock        | 12 ++++-----
 nixos/home.nix          | 49 +++++++++++++++++++++++++++++-----
 3 files changed, 72 insertions(+), 48 deletions(-)

diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index 765857d0..64914079 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -4,7 +4,6 @@
 # man configuration.nix
 
 {
-  config,
   pkgs,
   inputs,
   ...
@@ -15,9 +14,15 @@
     inputs.home-manager.nixosModules.default
   ];
 
+  nix.settings.trusted-users = [
+    "root"
+    "trude"
+  ];
+
   # Bootloader
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
+  boot.initrd.kernelModules = [ "amdgpu" ];
 
   # Use latest kernel
   boot.kernelPackages = pkgs.linuxPackages_latest;
@@ -71,6 +76,7 @@
     extraGroups = [
       "networkmanager"
       "wheel"
+      "dialout"
     ];
     packages = with pkgs; [ ];
   };
@@ -80,9 +86,14 @@
     useGlobalPkgs = true;
     backupFileExtension = "~";
     extraSpecialArgs = { inherit inputs; };
-    users = {
-      "trude" = import ./home.nix;
-    };
+    users.trude.imports = [
+      ./home.nix
+    ];
+  };
+
+  hardware.graphics = {
+    enable = true;
+    enable32Bit = true;
   };
 
   # Packages
@@ -111,50 +122,28 @@
     "flakes"
   ];
 
+  services.tailscale.enable = true;
+
   # Steam and VR
   programs.steam = {
     enable = true;
-    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
-    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
+    remotePlay.openFirewall = true;
+    dedicatedServer.openFirewall = true;
   };
   services.wivrn = {
     enable = true;
     openFirewall = true;
-    # Write information to /etc/xdg/openxr/1/active_runtime.json, VR applications
-    # will automatically read this and work with WiVRn (Note: This does not currently
-    # apply for games run in Valve's Proton)
     defaultRuntime = true;
-    autoStart = true;
+    autoStart = false;
   };
-  # Kernel patch for SteamVR performance issues on AMD GPUs (recompiles the kernel)
-  boot.kernelPatches = [
-    {
-      name = "amdgpu-ignore-ctx-privileges";
-      patch = pkgs.fetchpatch {
-        name = "cap_sys_nice_begone.patch";
-        url = "https://github.com/Frogging-Family/community-patches/raw/master/linux61-tkg/cap_sys_nice_begone.mypatch";
-        hash = "sha256-Y3a0+x2xvHsfLax/uwycdJf3xLxvVfkfDVqjkxNaYEo=";
-      };
-    }
-  ];
 
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
+  # Set up virtualisation
+  virtualisation.libvirtd.enable = true;
 
   # Open ports in the firewall.
   networking.firewall.enable = true;
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
+  networking.firewall.allowedTCPPorts = [ 11434 ]; # LMStudio (must be manually configured)
+  networking.firewall.allowedUDPPorts = [ 6969 ]; # SlimeVR
 
   system.stateVersion = "25.11"; # Don't change after initial installation.
 
diff --git a/nixos/flake.lock b/nixos/flake.lock
index 0fd05d7d..d7c07f32 100644
--- a/nixos/flake.lock
+++ b/nixos/flake.lock
@@ -7,11 +7,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1769397130,
-        "narHash": "sha256-TTM4KV9IHwa181X7afBRbhLJIrgynpDjAXJFMUOWfyU=",
+        "lastModified": 1769622371,
+        "narHash": "sha256-Cs1/+P3ntxl9mOIL7/QtItBAzQJ2xjvTMHv7qw0nFV0=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "c37679d37bdbecf11bbe3c5eb238d89ca4f60641",
+        "rev": "02d763228d8aff317e6e5a319474b6d4d9d826a5",
         "type": "github"
       },
       "original": {
@@ -22,11 +22,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1769170682,
-        "narHash": "sha256-oMmN1lVQU0F0W2k6OI3bgdzp2YOHWYUAw79qzDSjenU=",
+        "lastModified": 1769461804,
+        "narHash": "sha256-msG8SU5WsBUfVVa/9RPLaymvi5bI8edTavbIq3vRlhI=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "c5296fdd05cfa2c187990dd909864da9658df755",
+        "rev": "bfc1b8a4574108ceef22f02bafcf6611380c100d",
         "type": "github"
       },
       "original": {
diff --git a/nixos/home.nix b/nixos/home.nix
index 11d9eccc..f09d1c30 100644
--- a/nixos/home.nix
+++ b/nixos/home.nix
@@ -21,14 +21,14 @@
     vesktop
     google-chrome
     localsend
-    tailscale
     #stremio
-    opencode
 
     # VR / Games
     bs-manager
     slimevr
     prismlauncher
+    protonup-qt
+    wayvr
 
     # Gnome Extensions
     gnomeExtensions.caffeine
@@ -49,6 +49,14 @@
     wordbook
     textpieces
 
+    # Virtualisation
+    gnome-boxes # VM management
+    dnsmasq # VM networking
+
+    # AI
+    lmstudio
+    nodejs
+
     # Scripts
     (pkgs.writeShellScriptBin "colors" ''
       #! /bin/bash
@@ -75,9 +83,8 @@
     '')
     (pkgs.writeShellScriptBin "rebuild" ''
       #! /bin/bash
-      set -e
 
-      # ANSI color codes
+      set -e
       GRAY='\e[90m'
       ORANGE='\e[38;5;214m'
       RESET='\e[0m'
@@ -85,15 +92,25 @@
       pushd ~/dotfiles > /dev/null
       git diff -U0 *.nix
       echo -e "''${ORANGE}NixOS Rebuilding...''${RESET}"
-      if ! sudo nixos-rebuild switch --flake ./nixos#TrudePC | tee ~/.nixos-rebuild.log; then
-        cat ~/.nixos-rebuild.log | grep --color error
+      if ! sudo nixos-rebuild switch --flake ./nixos#TrudePC; then
         exit 1
       fi
       echo
       echo -e "''${ORANGE}Cleaning up old generations...''${RESET}"
-      echo -e "''${GRAY}$(sudo nix-collect-garbage --delete-older-than 15d 2>&1)''${RESET}"
+      sudo nix-collect-garbage --delete-older-than 15d &> /dev/null
       popd > /dev/null
     '')
+    (pkgs.writeShellScriptBin "update" ''
+      set -e
+      ORANGE='\e[38;5;214m'
+      RESET='\e[0m'
+
+      pushd ~/dotfiles > /dev/null
+      echo -e "''${ORANGE}Updating Flake...''${RESET}"
+      sudo nix flake update --flake ./nixos
+      popd > /dev/null
+      rebuild
+    '')
   ];
 
   home.sessionVariables = {
@@ -136,6 +153,16 @@
         # Use keys from SSH agent instead of identity files
         identitiesOnly = false;
       };
+      server = {
+        hostname = "192.168.0.2";
+        user = "trude";
+        port = 6022;
+      };
+      work = {
+        hostname = "100.109.38.42"; # Tailscale IP
+        user = "trude";
+        port = 6022;
+      };
     };
   };
 
@@ -410,6 +437,14 @@
     };
   };
 
+  programs.opencode = {
+    enable = true;
+    settings = {
+      autoshare = false; # No telemetry
+    };
+  };
+
   # Let Home Manager install and manage itself.
   programs.home-manager.enable = true;
+
 }