remove helix flake, add openwrt to router

hosts/falkenstein-1/default.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, helix, ... }:
+{ config, pkgs, ... }:
 {
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
   imports =
@@ -36,7 +36,7 @@
     vim
     wget
     htop-vim
-    helix.packages.x86_64-linux.default
+    helix
     lsof
     python3
   ];

hosts/iso/default.nix

@@ -1,4 +1,4 @@
-{ pkgs, config, modulesPath, ... }:
+{ lib, pkgs, config, modulesPath, ... }:
 {
   imports = [
     "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
@@ -16,6 +16,7 @@
 
   # in case we need to rescue a zfs machine
   boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+  boot.swraid.enable = lib.mkForce false;
 
 
 }

hosts/nuc/default.nix

@@ -1,4 +1,4 @@
-{ config, pkgs, lib, helix, ... }:
+{ config, pkgs, lib, ... }:
 {
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
   imports =
@@ -56,7 +56,7 @@
     vim
     wget
     htop-vim
-    helix.packages.x86_64-linux.default
+    helix
     lsof
     btdu
   ];

hosts/thinkpad/default.nix

@@ -39,12 +39,10 @@
       experimental-features = [ "nix-command" "flakes" ];
       auto-optimise-store = true;
       substituters = [
-        "https://helix.cachix.org"
         "ssh://nuc.lan"
       ];
       trusted-public-keys = [
         "nuc.lan:a9UkVw3AizAKCER1CfNGhx8UOMF4t4UGE3GJ9dmHwJc="
-        "helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
       ];
     };
     # distributedBuilds = true;
@@ -131,10 +129,6 @@
   sound.enable = true;
   #hardware.pulseaudio.enable = true;
   hardware.bluetooth.enable = true;
-  # hardware.opentabletdriver = {
-  #   enable = true;
-  #   daemon.enable = true;
-  # };
 
   security = {
     polkit.enable = true;
@@ -236,8 +230,12 @@
     sbctl
 
     deploy-rs
+    man-pages
+    man-pages-posix
   ];
   programs.java.enable = true;
+  documentation.dev.enable = true;
+
 
   system.stateVersion = "22.11";
 }

hosts/thinkpad/modules/networks/default.nix

@@ -39,7 +39,7 @@
         };
         "@DORM_SSID@" = {
           psk = "@DORM_PSK@";
-          authProtocols = [ "WPA-PSK" ];
+          authProtocols = [ "SAE" ];
         };
         "@PIXEL_SSID@" = {
           psk = "@PIXEL_PSK@";
@@ -50,6 +50,7 @@
   };
   systemd.network = {
     enable = true;
+    wait-online.anyInterface = true;
     networks."10-loopback" = {
       matchConfig.Name = "lo";
       linkConfig.RequiredForOnline = false;
@@ -114,10 +115,11 @@
       wireguardPeers = [
         {
           wireguardPeerConfig = {
-            PublicKey = "vUmworuJFHjB4KUdkucQ+nzqO2ysARLomq4UuK1n430=";
+            PublicKey = "Z5lwwHTCDr6OF4lfaCdSHNveunOn4RzuOQeyB+El9mQ=";
             PresharedKeyFile = config.sops.secrets."wireguard/dorm/preshared".path;
-            Endpoint = "dorm.vpn.rfive.de:51820";
-            AllowedIPs = "10.10.10.0/24, 192.168.10.0/24"; # seems to be broken, has no effect on routes
+            Endpoint = "141.30.227.6:51820";
+            # Endpoint = "dorm.vpn.rfive.de:51820";
+            AllowedIPs = "192.168.2.0/24, 192.168.1.0/24";
           };
         }
       ];
@@ -125,18 +127,19 @@
     networks."30-dorm" = {
       matchConfig.Name = "dorm";
       networkConfig = {
-        DNS = "192.168.10.1";
+        DNS = "192.168.1.1";
       };
       addresses = [
         {
           addressConfig = {
-            Address = "10.10.10.3/24";
+            Address = "192.168.2.3/24";
             RouteMetric = 30;
           };
         }
       ];
       routes = [
-        { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.10.0/24"; Metric = 30; }; }
+        # allowedIPs is somewhat broken
+        { routeConfig = { Gateway = "0.0.0.0"; Destination = "192.168.1.0/24"; Metric = 30; }; }
       ];
     };
   };