maintenance and OpenVPN

flake.lock

@@ -57,11 +57,11 @@
     "base16-helix": {
       "flake": false,
       "locked": {
-        "lastModified": 1748408240,
-        "narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
+        "lastModified": 1752979451,
+        "narHash": "sha256-0CQM+FkYy0fOO/sMGhOoNL80ftsAzYCg9VhIrodqusM=",
         "owner": "tinted-theming",
         "repo": "base16-helix",
-        "rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
+        "rev": "27cf1e66e50abc622fb76a3019012dc07c678fac",
         "type": "github"
       },
       "original": {
@@ -142,11 +142,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1751413152,
-        "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=",
+        "lastModified": 1753121425,
+        "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5",
+        "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e",
         "type": "github"
       },
       "original": {
@@ -234,11 +234,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1752814804,
-        "narHash": "sha256-irfg7lnfEpJY+3Cffkluzp2MTVw1Uq9QGxFp6qadcXI=",
+        "lastModified": 1753812716,
+        "narHash": "sha256-OjnjoalP00CyV34zg6T+Un2QoYiHCdRvMbqrweopyyY=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "d0300c8808e41da81d6edfc202f3d3833c157daf",
+        "rev": "2f588d275ebd8243be6c29e7bf3ec7409baa0aa7",
         "type": "github"
       },
       "original": {
@@ -298,11 +298,11 @@
     },
     "master": {
       "locked": {
-        "lastModified": 1752942963,
-        "narHash": "sha256-DAL+SEKV/jrvbwEcQabUwR+YTx7V09Gbf0zLJIfD4oc=",
+        "lastModified": 1753813715,
+        "narHash": "sha256-x9wSsl3rp/mLHhDkRGto+uAafcV1N0NAkZfIGd5Tdz4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "19331827f62c85e29ac14da62a5c26828f138517",
+        "rev": "ca1ed6f43ac3638c164e721977cc82964584337c",
         "type": "github"
       },
       "original": {
@@ -320,11 +320,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1751622568,
-        "narHash": "sha256-EE3NBsej517VRa1x+ylAghrvngftxf1KgfHlE9OYyXE=",
+        "lastModified": 1753175937,
+        "narHash": "sha256-DtDt87Gld0RCI2qHb7uUb1eWB16FFC4aNDfxZpic/Nw=",
         "owner": "tpwrules",
         "repo": "nixos-apple-silicon",
-        "rev": "eba4b40c816e5aff8951ae231ac237e8aab8ec1d",
+        "rev": "5ddfff8387edf7c92ce36effb06fb2c52624fece",
         "type": "github"
       },
       "original": {
@@ -358,11 +358,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1752687322,
-        "narHash": "sha256-RKwfXA4OZROjBTQAl9WOZQFm7L8Bo93FQwSJpAiSRvo=",
+        "lastModified": 1753694789,
+        "narHash": "sha256-cKgvtz6fKuK1Xr5LQW/zOUiAC0oSQoA9nOISB0pJZqM=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "6e987485eb2c77e5dcc5af4e3c70843711ef9251",
+        "rev": "dc9637876d0dcc8c9e5e22986b857632effeb727",
         "type": "github"
       },
       "original": {
@@ -413,11 +413,11 @@
         "systems": "systems_2"
       },
       "locked": {
-        "lastModified": 1752762787,
-        "narHash": "sha256-WZLSOR2Pei7C4nH/ntKUqOZOAa5rgvc2fVZl4RoEXmw=",
+        "lastModified": 1753805595,
+        "narHash": "sha256-5m0FqObrj/0/nfoaKlgpye4+SZzj1nMPnlxGxlIxKNg=",
         "owner": "nix-community",
         "repo": "nixvim",
-        "rev": "bc0555c8694d43fb63ae2c7afec08b6987431a04",
+        "rev": "fe0bcc92c8c593d5e2b45ffb0d1253c3aa55eb72",
         "type": "github"
       },
       "original": {
@@ -461,11 +461,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1749730855,
-        "narHash": "sha256-L3x2nSlFkXkM6tQPLJP3oCBMIsRifhIDPMQQdHO5xWo=",
+        "lastModified": 1753450833,
+        "narHash": "sha256-Pmpke0JtLRzgdlwDC5a+aiLVZ11JPUO5Bcqkj0nHE/k=",
         "owner": "NuschtOS",
         "repo": "search",
-        "rev": "8dfe5879dd009ff4742b668d9c699bc4b9761742",
+        "rev": "40987cc1a24feba378438d691f87c52819f7bd75",
         "type": "github"
       },
       "original": {
@@ -529,11 +529,11 @@
         "tinted-zed": "tinted-zed"
       },
       "locked": {
-        "lastModified": 1752750082,
-        "narHash": "sha256-NoVAqy+Wj4tgkvrYB8zWncl8Z6Hb80aX3t/TYGdsfaM=",
+        "lastModified": 1753731630,
+        "narHash": "sha256-8pyTksY2aYtLGmqP8u3xhs4ZfttsfzZXAQZXHKecLDo=",
         "owner": "danth",
         "repo": "stylix",
-        "rev": "03699ed214f6e8195bc7199d6ae3aeccf9732b08",
+        "rev": "57d036d92283fddc6ae080459e72e767144a1cda",
         "type": "github"
       },
       "original": {
@@ -674,11 +674,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1752809889,
-        "narHash": "sha256-oTIVrw7Cy2McAVqE7GCot5Fb8Wh4JBsUDKMX8u3DFlU=",
+        "lastModified": 1753674409,
+        "narHash": "sha256-jhBdIc802upDu3S/Nu0rgVlIJ39E8KWugQwm/a74MBY=",
         "owner": "0xc000022070",
         "repo": "zen-browser-flake",
-        "rev": "f19d2b6b18d4a2e8bf2d6a9f69c934d6726360c4",
+        "rev": "e1bf71a0eb5ff9fdcfe83f6e4676ce19dd87f468",
         "type": "github"
       },
       "original": {

hosts/mac-laptop/configuration.nix

@@ -8,6 +8,7 @@
   imports =
     [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
+      ../../modules/openvpn
     ];
   powerManagement.enable = true;
   hardware.asahi.extractPeripheralFirmware = true;
@@ -136,8 +137,11 @@
     description = "Joshua Elmasri";
     extraGroups = [ "networkmanager" "wheel" "adbusers" "dialout" ];
     packages = with pkgs; [];
+    shell = pkgs.fish;
   };
 
+  programs.fish.enable = true;
+
   programs.adb.enable = true;
 
   # Allow unfree packages
@@ -205,8 +209,9 @@
   # Open ports in the firewall.
   # networking.firewall.allowedTCPPorts = [ ... ];
   # networking.firewall.allowedUDPPorts = [ ... ];
+  # networking.firewall.allowedTCPPortRanges = [ { from = 42000; to = 420001; } ];
   # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
+   networking.firewall.enable = false;
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions

hosts/mac-laptop/home.nix

@@ -6,7 +6,7 @@
   home.username = "joshuaelm";
   home.homeDirectory = "/home/joshuaelm";
 
-  imports = [ ../../modules/nvim ../../modules/stylix.nix ../../modules/hypr/hyprland_laptop.nix ../../modules/ashell/default.nix  ];
+  imports = [ ../../modules/nvim ../../modules/stylix.nix ../../modules/hypr/hyprland_laptop.nix ../../modules/waybar/waybar.nix  ];
 
 
   home.packages = [

modules/hypr/hyprland_laptop.nix

@@ -15,8 +15,8 @@ monitor = eDP-1, highres@highrr, 0x0, 1.6
 exec-once = hyprctl dispatch workspace 1
 #exec-once = linux-wallpaperengine --screen-root HDMI-A-1 --silent --fps 60 3000562427
 exec-once = hyprlock
-# exec-once = waybar
-exec-once = WGPU_BACKEND=gl ashell 
+exec-once = waybar
+# exec-once = WGPU_BACKEND=gl ashell 
 exec-once = systemctl --user start hyprpolkitagent
 # See https://wiki.hyprland.org/Configuring/Keywords/ for more
 

modules/openvpn/default.nix

@@ -0,0 +1,7 @@
+{pkgs, ...}:
+
+{
+  services.openvpn.servers = {
+    homeVPN = { config = '' config ./modules/openvpn/homeVPN.ovpn ''; };
+  };
+}

modules/openvpn/homeVPN.ovpn

@@ -0,0 +1,134 @@
+client
+dev tun
+proto tcp
+remote 150.220.96.4 1194
+resolv-retry infinite
+nobind
+
+# Downgrade privileges after initialization (non-Windows only)
+user nobody
+group nogroup
+
+persist-key
+persist-tun
+
+auth-user-pass
+remote-cert-tls server
+cipher AES-256-CBC
+comp-lzo
+verb 3
+
+auth SHA1
+key-direction 1
+
+reneg-sec 0
+
+redirect-gateway def1
+
+<ca>
+-----BEGIN CERTIFICATE-----
+MIIEfDCCA2SgAwIBAgIIX7Vfn1rIEkQwDQYJKoZIhvcNAQELBQAwgYExCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhOZXcgWW9yazERMA8GA1UEBwwITmV3IFlvcmsxFjAU
+BgNVBAoMDVViaXF1aXRpIEluYy4xGTAXBgNVBAsMEFVuaUZpX09wZW5WUE5fQ0Ex
+GTAXBgNVBAMMEFVuaUZpX09wZW5WUE5fQ0EwHhcNMjUwNzAxMDAzNzE5WhcNNDAw
+NjI3MDAzNzE5WjCBgTELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREw
+DwYDVQQHDAhOZXcgWW9yazEWMBQGA1UECgwNVWJpcXVpdGkgSW5jLjEZMBcGA1UE
+CwwQVW5pRmlfT3BlblZQTl9DQTEZMBcGA1UEAwwQVW5pRmlfT3BlblZQTl9DQTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALj/Bc0DVwzWk5riE6vWcVqq
+iTz5GtoHFlrnm0fce2/UZpXkgVg4oMY3IrDOFBwsoKBOflJhdzfBL37tZ0uTCvvs
+9/ICF6EpuKH4Y7dqyV6lZOMJZ90rCZ0e+oX/VN8Z5hIN4fbatBsKeqA73oru+OMm
+vipWBfYxFlf5nZN0ky1hrckADf1dN+EEJ7v+Ggu9JK0Vq4tv3qsiAdEzOqq5ptGB
+uFOZaZZtOKyjnjoSlYdFku191SeVKUVlYqmaH3azokG9OUsfdLJGEGQ02fRInooi
+kbBHZq6hwMqVWpwDN6u37oOALVgAZLK/UGJP7tmEyypHN3nIBERpCCyg/vDaqR0C
+AwEAAaOB9TCB8jALBgNVHQ8EBAMCAQYwDAYDVR0TBAUwAwEB/zCBtQYDVR0jBIGt
+MIGqgBTPwX8miNgDvzHq8hfCfZw6ElH1AKGBh6SBhDCBgTELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhOZXcgWW9yazEWMBQGA1UECgwN
+VWJpcXVpdGkgSW5jLjEZMBcGA1UECwwQVW5pRmlfT3BlblZQTl9DQTEZMBcGA1UE
+AwwQVW5pRmlfT3BlblZQTl9DQYIIX7Vfn1rIEkQwHQYDVR0OBBYEFM/BfyaI2AO/
+MeryF8J9nDoSUfUAMA0GCSqGSIb3DQEBCwUAA4IBAQCMjde9YE2dh46lkzZEf+jF
+dm3oRi571XYM4vvlsN4IBGf6e9/mCsZZJO1x/P+f5+p1pkFao5bOCW4Mcyjh441T
+JrrWFneY4Rso0fa76K6ufBr/tg0BH/uZxCyn6XfqhNlZOvpjCfNPuEEKl3JcT7mB
+F8kCoBr4VBECo3QVOFpO+GUlbx90ah/eHg7Itjv4LRAR6nDwLcIdAw4xqD92n3hN
+HbaMGGQuPdPpQ1yBtiVBtBazWj/GJRoqwayuwhmpHqOezwF5wZWV2NGDUpJk6B8O
+N9kaWR7fuLhiWdDGO60vewasJzrJJ0FBs8p/nfA9YpEdJM6hyAAGtLHmFaRfI18c
+-----END CERTIFICATE-----
+</ca>
+<tls-auth>
+-----BEGIN OpenVPN Static key V1-----
+3f2a7bf46921701f5fd0d519811da303
+a400d24d06e0d715f30798f9761097e3
+c28ef206c9dc6a140b668db9f8d73381
+94b0518c10d32f899cf292709bd60385
+fb020cef3a31270b1f6c6b9169ab56f7
+12c2d2a1a3fb9d262fab2f3567d91372
+d03e98a71b123105923e043f5001af09
+88ae0e2a64e5ffba348c96eb29c7d4ff
+dabfa1b08441d9bdf3498708c798ef01
+71a8cb169f3b589ab1f6fb9b5478abb6
+4f86a6310f4b36363dba42352e5c1d1d
+b3f8c084a5c0ee98374ba3f62f3fe0bb
+8c74df88091676c7a942e97dac90edab
+b37356bf3e7de3d16e8d0e457de31430
+37cd2deaf503cee38032a1e94b4f6d57
+de4f5b7026693a1570439930f5662103
+-----END OpenVPN Static key V1-----
+</tls-auth>
+<cert>
+-----BEGIN CERTIFICATE-----
+MIIEmDCCA4CgAwIBAgIIYFQWWbVqsLUwDQYJKoZIhvcNAQELBQAwgYExCzAJBgNV
+BAYTAlVTMREwDwYDVQQIDAhOZXcgWW9yazERMA8GA1UEBwwITmV3IFlvcmsxFjAU
+BgNVBAoMDVViaXF1aXRpIEluYy4xGTAXBgNVBAsMEFVuaUZpX09wZW5WUE5fQ0Ex
+GTAXBgNVBAMMEFVuaUZpX09wZW5WUE5fQ0EwHhcNMjUwNzAxMDAzNzE5WhcNMzAw
+NjMwMDAzNzE5WjCBiTELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREw
+DwYDVQQHDAhOZXcgWW9yazEWMBQGA1UECgwNVWJpcXVpdGkgSW5jLjEdMBsGA1UE
+CwwUVW5pRmlfT3BlblZQTl9DbGllbnQxHTAbBgNVBAMMFFVuaUZpX09wZW5WUE5f
+Q2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcFu13VZPUC5
+HTLwGa/04hDeMIxLzb8r05LcgY4+6tvBl84ROtZByGW6Oe5ieL43AxolBhLPuqM0
+v3rg3DVXLCA59ICUS16HkjiQobZp35ruxKP4YxIHBVxs5BTgC93Q21bVbCHox9bz
+yTcGl4z+t3B6d3hrBqG46KAvPLQgxjaS3vSslSznfl92kA8drJskHELy6F4lFuV0
+Wkyj8BQ9E6guPaCAopbji91OW21XymtPu6tJLwQhLICosttL1W6lFfA3sT5WC2vc
+IuEhgPqa5UOTtoHvsBmbtFP7xc6L3+60cnmDjpKz7hEoK6iQg7V1aHZr0UmadGF2
+5S2glTrb4QIDAQABo4IBCDCCAQQwgbUGA1UdIwSBrTCBqoAUz8F/JojYA78x6vIX
+wn2cOhJR9QChgYekgYQwgYExCzAJBgNVBAYTAlVTMREwDwYDVQQIDAhOZXcgWW9y
+azERMA8GA1UEBwwITmV3IFlvcmsxFjAUBgNVBAoMDVViaXF1aXRpIEluYy4xGTAX
+BgNVBAsMEFVuaUZpX09wZW5WUE5fQ0ExGTAXBgNVBAMMEFVuaUZpX09wZW5WUE5f
+Q0GCCF+1X59ayBJEMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgeAMBMGA1UdJQQMMAoG
+CCsGAQUFBwMCMB0GA1UdDgQWBBStg+rBUt0PoaLZZwSUwyGlOGP2fTANBgkqhkiG
+9w0BAQsFAAOCAQEAamBemx+5wVyU82TreQ3dXIUAs+DndmHgL821Pmfo/G4n/rAO
+Uaj3Ba14XZXm1sei6bWgv383J+Skvi325HghMqtEdK1rrHy9UTFt2UwEndxUNXJd
++3x83QEykjyiHwTiQ0nOo5Q4OYG0Eg+Bpvh6sLpEtXNrZVNyo+8Zj5hz5DAhc1i4
+j6zv9Eg+lvaVQlH9Mld7fiVCIBB2173ThGSn9y5zH0BPHZZbCrKjc+Qj08An4HtX
+1QDMhBX4S+4iZFcBE7ZAJ0OtLcKjou16wPP1ECKd9FpIV6FxL/pjK5E1zCXsKmMe
+J4Z8W/RTTXqsZlHpri8LLCICBRkLjVF3g88MEw==
+-----END CERTIFICATE-----
+</cert>
+<key>
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCNwW7XdVk9QLkd
+MvAZr/TiEN4wjEvNvyvTktyBjj7q28GXzhE61kHIZbo57mJ4vjcDGiUGEs+6ozS/
+euDcNVcsIDn0gJRLXoeSOJChtmnfmu7Eo/hjEgcFXGzkFOAL3dDbVtVsIejH1vPJ
+NwaXjP63cHp3eGsGobjooC88tCDGNpLe9KyVLOd+X3aQDx2smyQcQvLoXiUW5XRa
+TKPwFD0TqC49oICiluOL3U5bbVfKa0+7q0kvBCEsgKiy20vVbqUV8DexPlYLa9wi
+4SGA+prlQ5O2ge+wGZu0U/vFzovf7rRyeYOOkrPuESgrqJCDtXVodmvRSZp0YXbl
+LaCVOtvhAgMBAAECggEAA6X3hKHd1s08VmuLfjKNbDOmvEiIFOoEJnEjreceztJl
+rgYDYuiSKQzkZf3kJYGW9REufcFsyW8BrW64rDVobz3/FkAohBreBPd7hXK/6jc/
+FbfqOlNQjSTe6pNwKe4FPffpc0IZW+qE1YHOI7otvhCt6wNu4bm2aOPig1hX2/7d
+Krrrpt8yrtXoBzCvX8qsl2wadanDpbBqzzMlY4N/pbbkNkyNgeQUwpImgHtfL0VT
+K+bGzEFrOaAVE/1z598OfPL1yrvIEGwlAX+0jWCySQA4LkepN+IoNYn6wZmMtc0u
+355i7xjfxjpzldnaludz0D0l9om7kS6Yin8t92uvDwKBgQC/f8HG4TWwhPxGdwFM
+l+p3HxUJLY6Hks2hupuCMGqAuE+Q/sg2MoSz434ZMUSJzSoYc14vPx8JNkgTHCAV
+M5+oatLQ5CTPtsXlGc1DVZLuIhMWOYewEzYyz8HuJlTiGFbT5xUZj+rnvtiMBDGD
+/GTfvbavEsheeVchPnfJxaEFFwKBgQC9gHwxRfN86ETO00u/IRkZlcKcQNsK3LxF
+m0Bsyu08f8BRio5QeMjizkisUaADqnWtqdcQw9T2eS/m+Z+mzkjWsXtrnQlQwNUp
+tO52axUo+d+cmjAhDby9CbJSShXaoOQ5XQQDaX02s0MUlnfBkq0qRZinnnsWK8vc
+N3SkUK2xxwKBgBbeGLO5HQIxPzbi6yLMWVFUQtzPtd92pluTvxIy2eT5HXdBFYNz
+UOlyVxKHEZorB8XXsP2PWhNtifnON/6QJZak+vu64rJzLvqGtD5AL8WECCd1Q0DB
+ao1yxcO8jBJbubKgO6LLzs9RuOYvcgJC14DoVLJfWdH+R2tO3FsZ4HqNAoGBAKSv
+Fj7T5ah1Sebb5YXyQ5fieD/GdRVZgxySsUhaihT7iKzUVp1Een/weWOXhBHrf10u
+rkJZjaes5Z467S3PM6mwj+uTi1bsXdNi86Fhqf/0NwonTRBMmetGk/vDen6HOA9J
+8ITuleyFmRQ5N1W4HFkSJnn01k8MPJvibbGmk2xdAoGAEgs01GX+sApfcMgFIgZO
+XGJoSHDnuoMxnvgqFxdV+ELrOtLlslc3/SoA2RfVfsg+aUX6gO2XndsS0a4u1wJj
+plp5pU0Yp7c2TdpCVsER3G9MLVkeA9cJj0XRPwNfR0sb5Qk/k1yQmvwwxveLWg0q
+D/XWJgkDwapdkhWyrnZ1fPU=
+-----END PRIVATE KEY-----
+</key>