3 files changed, 30 insertions, 38 deletions

diff --git a/nixos/configurations/adm-mpd.nix b/nixos/configurations/adm-mpd.nix
index ac3b4de..b2c7903 100644
--- a/nixos/configurations/adm-mpd.nix
+++ b/nixos/configurations/adm-mpd.nix
@@ -5,26 +5,16 @@
 }: let
   inherit (lib) filterAttrs;
 in {
-  nixpkgs.hostPlatform.system = "aarch64-linux";
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/mmcblk0p2";
-      options = ["compress=lzo" "subvol=@nix"];
-    };
-    "/home" = {
-      device = "/dev/mmcblk0p2";
-      options = ["compress=lzo" "subvol=@home"];
-    };
-    "/boot" = {
-      device = "/dev/mmcblk0p1";
-    };
+  cynerd.rpi = 3;
+  deploy = {
+    enable = true;
+    ssh.host = "nixos@mpd.adm";
   };
 
   networking.wireless = {
     enable = true;
     networks = filterAttrs (n: _: n == "Nela") config.secrets.wifiNetworks;
-    environmentFile = "/run/secrets/wifi.env";
+    secretsFile = "/run/secrets/wifi.secrets";
     userControlled.enable = true;
   };
 
@@ -33,24 +23,24 @@ in {
   #alsa.enable = true;
   #pulse.enable = true;
   #};
-  hardware.pulseaudio = {
-    enable = true;
-    systemWide = true;
-    zeroconf.publish.enable = true;
-  };
+  #hardware.pulseaudio = {
+  #  enable = true;
+  #  systemWide = true;
+  #  zeroconf.publish.enable = true;
+  #};
 
-  services.spotifyd = {
-    enable = true;
-    settings.global = {
-      device_name = "Adámkovi";
-      device = "sysdefault";
-      mixer = "Master";
-      bitrate = 320;
-      cache_path = "/var/cahe/spotify";
-      no_audio_cache = true;
-      volume_normalisation = true;
-      normalisation_pregain = -10;
-      initial_volume = 60;
-    };
-  };
+  #services.spotifyd = {
+  #  enable = true;
+  #  settings.global = {
+  #    device_name = "Adámkovi";
+  #    device = "sysdefault";
+  #    mixer = "Master";
+  #    bitrate = 320;
+  #    cache_path = "/var/cahe/spotify";
+  #    no_audio_cache = true;
+  #    volume_normalisation = true;
+  #    normalisation_pregain = -10;
+  #    initial_volume = 60;
+  #  };
+  #};
 }
diff --git a/nixos/configurations/adm-omnia.nix b/nixos/configurations/adm-omnia.nix
index b332cab..4683cf2 100644
--- a/nixos/configurations/adm-omnia.nix
+++ b/nixos/configurations/adm-omnia.nix
@@ -48,10 +48,12 @@ in {
     fileSystems = ["/"];
   };
 
-  networking = {
-    useNetworkd = true;
-    useDHCP = false;
+  services.fail2ban = {
+    enable = true;
+    ignoreIP = ["10.8.1.0/24" "10.8.2.0/24"];
   };
+
+  networking.useDHCP = false;
   systemd.network = {
     networks = {
       "end2" = {
diff --git a/nixos/configurations/spt-omnia.nix b/nixos/configurations/spt-omnia.nix
index e55e34f..f05d553 100644
--- a/nixos/configurations/spt-omnia.nix
+++ b/nixos/configurations/spt-omnia.nix
@@ -125,6 +125,6 @@ in {
   # TODO limit NSS clamping to just pppoe-wan
   networking.firewall.extraForwardRules = ''
     tcp flags syn tcp option maxseg size set rt mtu comment "Needed for PPPoE to fix IPv4"
-    iifname {"home", "personalvpn", "wg"} oifname {"home", "personalvpn", "wg"} accept
+    iifname {"home", "wg"} oifname {"home", "wg"} accept
   '';
 }