From bba10e1cd2992bb29dc4a1d4d652c2fb8e8bc113 Mon Sep 17 00:00:00 2001
From: Lukrecja <lusiaaa425@gmail.com>
Date: Thu, 15 Jan 2026 13:31:42 +0100
Subject: [PATCH] enable virtualization, add gnome-boxes, update vstech vpn

---
 .gitignore              |  2 ++
 home-manager/home.nix   |  1 +
 nixos/configuration.nix | 16 +++++++++-------
 3 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/.gitignore b/.gitignore
index 6a0b4b6..2258ab2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,6 +12,7 @@ forge/
 gdu/
 GIMP/
 git/
+gnome-boxes/
 gnuradio/
 go/
 gpu-screen-recorder/
@@ -22,6 +23,7 @@ inkscape/
 hypr/
 lazygit/
 libreoffice/
+libvirt/
 matplotlib/
 matugen/
 monero-project/
diff --git a/home-manager/home.nix b/home-manager/home.nix
index 16a80b0..217e823 100644
--- a/home-manager/home.nix
+++ b/home-manager/home.nix
@@ -78,6 +78,7 @@
     probe-rs-tools
     elf2uf2-rs
     dbeaver-bin
+    gnome-boxes
 
     # AI development tools
     claude-code
diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index 5ed249d..8437f22 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -83,7 +83,7 @@
   # Trust the Tailscale interface
   networking.firewall.trustedInterfaces = [ "tailscale0" ];
 
-  # Disable reverse path filtering for Tailscale                                                                                                 ╎│
+  # Disable reverse path filtering for Tailscale
   boot.kernel.sysctl."net.ipv4.conf.tailscale0.rp_filter" = 0; 
 
   # Enable resolved
@@ -101,7 +101,7 @@
       topology subnet
       ca /home/lusia/VSTech-vpn/ca.crt
       cert /home/lusia/VSTech-vpn/Klient251.crt
-      key /home/lusia/VSTech-vpn/Klient251.key
+      key /home/lusia/VSTech-vpn/Klient251.inline
       tls-crypt /home/lusia/VSTech-vpn/ta.key
 
       auth sha512
@@ -155,9 +155,6 @@
     keyMap = "pl";
   };
 
-  # Enable niri
-  # programs.niri.enable = true;
-
   # Enable fish
   programs.fish.enable = true;
 
@@ -198,7 +195,7 @@
   users.users.lusia = {
     isNormalUser = true;
     description = "Lukrecja";
-    extraGroups = [ "wheel" "networkmanager" "docker" "plugdev" "scanner" "lp" "wireshark" ];
+    extraGroups = [ "wheel" "networkmanager" "docker" "plugdev" "scanner" "lp" "wireshark" "libvirtd" "kvm" ];
     initialPassword = "pass";
     shell = pkgs.fish;
   };
@@ -216,6 +213,9 @@
   services.openssh.enable = true;
   security.sudo.enable = true;
 
+  # Enable virtualisation
+  virtualisation.libvirtd.enable = true;
+
   # Enable xwayland
   programs.xwayland.enable = true;
 
@@ -301,7 +301,9 @@
   # Enable OpenTabletDriver
   hardware.opentabletdriver.enable = true;
   hardware.uinput.enable = true;
-  boot.kernelModules = [ "uinput" "usbmon" ];
+
+  # Enable kernel modules
+  boot.kernelModules = [ "uinput" "usbmon" "kvm-amd" ];
 
   # Enable PPD for power options
   services.power-profiles-daemon.enable = true;