feat: bump flakes, enable Steam, update kernel/NVIDIA, refine net+security

2025-08-28 14:09:53 -03:00 · 2025-08-28 14:09:53 -03:00 · f7e34c54d6
commit f7e34c54d6
parent 4cf9e1efac
6 changed files with 61 additions and 101 deletions
--- a/hosts/Nixstation/default.nix
+++ b/hosts/Nixstation/default.nix
@ -12,7 +12,7 @@
  boot = {
    loader.systemd-boot.enable = true;
    loader.efi.canTouchEfiVariables = true;
-    # kernelPackages = pkgs.linuxPackages_6_16;
+    kernelPackages = pkgs.linuxPackages_latest;
  };

  environment = {
@ -20,9 +20,6 @@
      act
      btrfs-progs
      cudatoolkit
-      networkmanagerapplet
-      libwacom
-      wacomtablet
    ];
  };

@ -62,18 +59,21 @@
  };

  programs = {
-    # steam = {
-    #   enable = true;
-    #   remotePlay.openFirewall = true;
-    #   dedicatedServer.openFirewall = true;
-    #   localNetworkGameTransfers.openFirewall = true;
-
-    # };
    dconf.enable = true;
    virt-manager.enable = true;
  };
-  security.pam.services.gdm.enableGnomeKeyring = true;
-  security.rtkit.enable = true;
+  security = {
+    pam.services.gdm.enableGnomeKeyring = true;
+    polkit.enable = true;
+    polkit.extraConfig = ''
+      polkit.addRule(function(action, subject) {
+        if (action.id == "org.bluez.GattProfile1.Release") {
+          return polkit.Result.YES;
+        }
+      });
+    '';
+    rtkit.enable = true;
+  };
  services = {
    xserver = {
      xkb = {
@ -82,7 +82,6 @@
      };
    };
    desktopManager.gnome.enable = true;
-
    displayManager = {
      gdm.enable = true;
      gdm.wayland = true;