From cd981587a64c1ef2947afc6363d16fc1aabf624e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= <cyplo@cyplo.dev>
Date: Thu, 13 Jun 2024 13:15:58 +0100
Subject: [PATCH] fix tailscale boot

---
 nixos/gnome/system.nix         | 32 +++++++++++++++++++++++++++-----
 nixos/tailscale/default.nix    |  1 +
 nixos/tailscale/keys.sops.yaml |  6 +++---
 3 files changed, 31 insertions(+), 8 deletions(-)

diff --git a/nixos/gnome/system.nix b/nixos/gnome/system.nix
index 8194dc0b..5fda2fc2 100644
--- a/nixos/gnome/system.nix
+++ b/nixos/gnome/system.nix
@@ -1,4 +1,10 @@
-{ config, pkgs, inputs, system, ... }: {
+{
+  config,
+  pkgs,
+  inputs,
+  system,
+  ...
+}: {
   services.xserver = {
     enable = true;
     displayManager.gdm.enable = true;
@@ -6,9 +12,25 @@
     desktopManager.gnome.enable = true;
   };
   services.flatpak.enable = true;
-  networking.firewall.trustedInterfaces = [ "p2p-dev-wl+" "p2p-wl+" ];
-
+  networking.firewall.trustedInterfaces = ["p2p-dev-wl+" "p2p-wl+" "wlp+"];
+  environment.sessionVariables = {
+    NETWORK_DISPLAYS_H264_ENC = "openh264enc";
+  };
+  services.dbus.packages = [
+    pkgs.miraclecast
+  ];
   environment.systemPackages =
-    with inputs.nixpkgs-nixos-unstable.legacyPackages."${system}".pkgs;
-    [ gnome-network-displays ];
+    (with inputs.nixpkgs-nixos-unstable.legacyPackages."${system}".pkgs; [gnome-network-displays miraclecast])
+    ++ (with pkgs; [
+      iw
+      gst_all_1.gstreamer
+      gst_all_1.gst-plugins-base
+      gst_all_1.gst-plugins-good
+      gst_all_1.gst-plugins-bad
+      gst_all_1.gst-plugins-ugly
+      gst_all_1.gst-libav
+      gst_all_1.gst-vaapi
+      gst_all_1.gst-rtsp-server
+      avahi.dev
+    ]);
 }
diff --git a/nixos/tailscale/default.nix b/nixos/tailscale/default.nix
index a9628191..d12cbc0d 100644
--- a/nixos/tailscale/default.nix
+++ b/nixos/tailscale/default.nix
@@ -15,6 +15,7 @@ in {
     enable = true;
     package = tailscale;
     authKeyFile = "/run/secrets/tailscale-key-${config.networking.hostName}";
+    extraUpFlags = ["--stateful-filtering"];
   };
   systemd.services.tailscaled = {
     serviceConfig.LogLevelMax = "notice";
diff --git a/nixos/tailscale/keys.sops.yaml b/nixos/tailscale/keys.sops.yaml
index 7ceea831..c50b34b2 100644
--- a/nixos/tailscale/keys.sops.yaml
+++ b/nixos/tailscale/keys.sops.yaml
@@ -1,5 +1,5 @@
 tailscale-key-foureighty: ENC[AES256_GCM,data:XL7c47YiOnjQuSrTfmHZlbJD3ZM45Tl1YmDX2EnBlJ2+TuXR02vQTms1bpJDnvUdpy832iparB4=,iv:2Sq25zysjc2gS7SLi7QeFaIOtvKuBbNwADVyj7Hil50=,tag:F2MDrFJEPh6r0yHtu5ztTg==,type:str]
-tailscale-key-foryog: ENC[AES256_GCM,data:x2CszX2CMspG8b9T+d7H7rOlPzV1Nd6qEboWC/o0XxSeLqNIcYRL0tHHCv4YSfI/0F2upRAYfnuv,iv:S4pPIIs6x3vwtTljKOqvM+OS/bEbxeRc5H6YoZjPPt0=,tag:aRlrqYfSKJpfpkYBwoJsJg==,type:str]
+tailscale-key-foryog: ENC[AES256_GCM,data:GKg/yfdMrSH4r540tKT1IrqRKhNOs3yKDGKhzLjLBaKFuPABEnZbifg5MaFKJ8B5sSA0tN3ERBZ2MjVfpYA=,iv:kw+6ZEOBlJMA3/69/zPWxxpJf14Ho0THY1xZ5dSeeYc=,tag:aai0JmXUHNnrGZ4R8okknQ==,type:str]
 tailscale-key-bolty: ENC[AES256_GCM,data:UUMmX+uzFhkZpT7GwCKvsr65JejhcIJm6v7U0MunZg7sPqzdo0psk0Ywuyvw2ytkL+n18l5v/5g=,iv:ggHG+RJx8RkU+y48XzSsxeKgzUKQS7QPqwx0/k64ZyM=,tag:j4cMVrDBTlu+OhAd1vig4w==,type:str]
 tailscale-key-vpsfree1: ENC[AES256_GCM,data:dAMjw+54wr6oBO7+ttnGrpXRMVhmYTbnMIsPa91+Mkf6llDP+Y7QIGIqyAAhqbb0H11tuoH7/FpU,iv:q+0ZwAyurjBfcaAKuQI7VAXVqCsnm/EZf03JNBs1Ce8=,tag:XaUt4V60nS54LyhP6Wk1rQ==,type:str]
 tailscale-key-vultr1: ENC[AES256_GCM,data:8otHa84Yx7sdMfnK6CBWGY5aEEk7ebNwP3Vgv9N5lAMdiOlAF2Vw6Hx9lX17StKhIlUjWkD1Vi+m,iv:mbzfc98kHKJYAd/mWelRlLFH+WDj1C1P/h1+uKoPOpw=,tag:aKkftniw4XNkPrBT+eqjhg==,type:str]
@@ -122,8 +122,8 @@ sops:
             K1hCdUZHdTNHQWVqM1dMTWNXbCtCUlEKG5axHkD1MF4+ASHOSb+hVupkrIb9XHdI
             RW27aWl/BfbgsipoacjzbvNBn8SMV2ERyFl8QdYpitjxbEbDsXzP4Q==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-01-01T16:20:32Z"
-    mac: ENC[AES256_GCM,data:H8DEq83OJkENl2UbIJ+Jcu4/2vW3+PJaOQn6uJSH1sVC+AaXH1TexyWyvhyACD+ZsshVHl/P+I5znUyRq05fpyzkqv1sKDtv0JEQCw2yf2douv+qcxp2VASZ84FUyeqx2ME8VvaG43jQPy1CjEco7mRJGeQfkd9iEFaMkZ9tzG0=,iv:dXOtCeyv4DUxmprdX8ZtUke8hXWII8idaQukPre16L8=,tag:GBuhxFQ+7ClPV0KgtIbUOA==,type:str]
+    lastmodified: "2024-06-13T12:04:57Z"
+    mac: ENC[AES256_GCM,data:EL5b28lmQ7UUubD3zMJMAKV1f1YYqL85eqtU+cBQ1tOGvHp8BcRB0H5IGPnt2nd+ggKSuJUqB3KHd539ra5NRqCFEfp3UiIJLwpklsIg4rUJJgkTKBZp5Y7RnzGXqXORS7AyhuQ+Uvy9XsmvuFlOCa4dVWAXKlaP+jWZ7eNY7gQ=,iv:z24MMIgdSG5lmrV8krRvcDIDxdeDFO4nKsxVLhLefSg=,tag:5Ou7wmOGBYsaPAAc+woO7Q==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1