From 8a53ddb890f82f7e2f0e7d2c480d0b2804822a79 Mon Sep 17 00:00:00 2001
From: Vinzenz Schroeter <vinzenz.f.s@gmail.com>
Date: Sun, 27 Oct 2024 10:42:23 +0100
Subject: [PATCH] rename unfree option, open firewall for steam local network
 transfer

---
 common/nixpkgs.nix              |  5 ++--
 home/vinzenz/vscode.nix         |  1 +
 hosts/hetzner-vpn1/nginx.nix    |  6 ++++-
 hosts/vinzenz-pc2/hardware.nix  |  2 +-
 modules/desktop-environment.nix | 13 ----------
 modules/gaming.nix              | 42 +++++++++++++++++++++++++++++----
 modules/intel-graphics.nix      |  2 +-
 users/vinzenz.nix               | 12 ++++++++++
 8 files changed, 60 insertions(+), 23 deletions(-)

diff --git a/common/nixpkgs.nix b/common/nixpkgs.nix
index 8f5a12b..9bb9184 100644
--- a/common/nixpkgs.nix
+++ b/common/nixpkgs.nix
@@ -3,7 +3,7 @@
   lib,
   ...
 }: {
-  options.my.allowUnfreePackages = lib.mkOption {
+  options.allowedUnfreePackages = lib.mkOption {
     type = lib.types.listOf lib.types.str;
     default = [];
     example = ["steam"];
@@ -11,7 +11,7 @@
   config = {
     nixpkgs.config = {
       # https://github.com/NixOS/nixpkgs/issues/197325#issuecomment-1579420085
-      allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.my.allowUnfreePackages;
+      allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) config.allowedUnfreePackages;
     };
 
     nix = {
@@ -25,6 +25,7 @@
         dates = "daily";
         options = "--delete-older-than 7d";
       };
+      optimise.automatic = true;
     };
 
     system = {
diff --git a/home/vinzenz/vscode.nix b/home/vinzenz/vscode.nix
index e88cef4..b19d1cc 100644
--- a/home/vinzenz/vscode.nix
+++ b/home/vinzenz/vscode.nix
@@ -17,6 +17,7 @@
     mkhl.direnv
     vadimcn.vscode-lldb
     ms-dotnettools.csharp
+    ms-vscode-remote.remote-ssh
   ];
   userSettings = {
     "git.autofetch" = true;
diff --git a/hosts/hetzner-vpn1/nginx.nix b/hosts/hetzner-vpn1/nginx.nix
index 17b141a..3db30bf 100644
--- a/hosts/hetzner-vpn1/nginx.nix
+++ b/hosts/hetzner-vpn1/nginx.nix
@@ -1,4 +1,8 @@
-{pkgs, lib, ...}: {
+{
+  pkgs,
+  lib,
+  ...
+}: {
   security.acme = {
     acceptTerms = true;
     defaults.email = "acme@zerforschen.plus";
diff --git a/hosts/vinzenz-pc2/hardware.nix b/hosts/vinzenz-pc2/hardware.nix
index 6893194..30661dc 100644
--- a/hosts/vinzenz-pc2/hardware.nix
+++ b/hosts/vinzenz-pc2/hardware.nix
@@ -15,6 +15,6 @@
     fileSystems = import ./fstab.nix;
     swapDevices = [];
 
-    interfaces.eno1.wakeOnLan.enable = true;
+    networking.interfaces.eno1.wakeOnLan.enable = true;
   };
 }
diff --git a/modules/desktop-environment.nix b/modules/desktop-environment.nix
index fa0e1b9..b0df118 100644
--- a/modules/desktop-environment.nix
+++ b/modules/desktop-environment.nix
@@ -100,19 +100,6 @@
       hunspellDicts.en-us-large
     ];
 
-    nixpkgs.config.permittedInsecurePackages = [];
-
-    my.allowUnfreePackages = [
-      "insync"
-      "insync-pkg"
-
-      "rider"
-      "pycharm-professional"
-      "jetbrains-toolbox"
-
-      "anydesk"
-    ];
-
     fonts = {
       enableDefaultPackages = true;
       fontconfig.defaultFonts.monospace = ["FiraCode Nerd Font"];
diff --git a/modules/gaming.nix b/modules/gaming.nix
index 2154d0f..19f46c3 100644
--- a/modules/gaming.nix
+++ b/modules/gaming.nix
@@ -34,16 +34,48 @@
         enable = true;
         remotePlay.openFirewall = true;
         dedicatedServer.openFirewall = true;
+        localNetworkGameTransfers.openFirewall = true;
+        gamescopeSession.enable = true;
       };
       gamemode.enable = true;
     };
 
-    networking.firewall.allowedUDPPorts = [
-      # Factorio
-      34197
-    ];
+    networking.firewall = {
+      allowedUDPPorts = [
+        # Factorio
+        34197
 
-    my.allowUnfreePackages = [
+        # steam network transfer
+        3478
+      ];
+
+      allowedTCPPorts = [
+        # steam network transfer
+        24070
+      ];
+
+      allowedTCPPortRanges = [
+        # steam network transfer
+        {
+          from = 27015;
+          to = 27050;
+        }
+      ];
+
+      allowedUDPPortRanges = [
+        # steam network transfer
+        {
+          from = 4379;
+          to = 4380;
+        }
+        {
+          from = 27000;
+          to = 27100;
+        }
+      ];
+    };
+
+    allowedUnfreePackages = [
       "steam"
       "steam-original"
       "steam-run"
diff --git a/modules/intel-graphics.nix b/modules/intel-graphics.nix
index 35decc0..4ac5f82 100644
--- a/modules/intel-graphics.nix
+++ b/modules/intel-graphics.nix
@@ -23,6 +23,6 @@
     environment.systemPackages = with pkgs; [
       nvtopPackages.intel
     ];
-    my.allowUnfreePackages = ["intel-ocl"];
+    allowedUnfreePackages = ["intel-ocl"];
   };
 }
diff --git a/users/vinzenz.nix b/users/vinzenz.nix
index d4bbde4..e965602 100644
--- a/users/vinzenz.nix
+++ b/users/vinzenz.nix
@@ -9,5 +9,17 @@
       shell = pkgs.zsh;
       autoSubUidGidRange = true;
     };
+
+    allowedUnfreePackages = [
+      "vscode-extension-ms-vscode-remote-remote-ssh"
+      "insync"
+      "insync-pkg"
+
+      "rider"
+      "pycharm-professional"
+      "jetbrains-toolbox"
+
+      "anydesk"
+    ];
   };
 }