Regenerated

Droidnix/generated/modules/traveldroid/system/avahi.nix

@@ -0,0 +1,12 @@
+# --- This file has been auto-generated. For permanent changes alter the appropriate block in the README.org. ---
+{ ... }:
+{
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    publish = {
+      enable = true;
+      addresses = true;
+    };
+  };
+}

Droidnix/generated/modules/traveldroid/system/firewall.nix

@@ -0,0 +1,68 @@
+# --- This file has been auto-generated. For permanent changes alter the appropriate block in the README.org. ---
+{ pkgs, ... }:
+
+{
+  # Use nftables as the firewall backend
+  networking.nftables.enable = true;
+
+  networking.firewall = {
+    enable = true;
+
+    # LAN-only ports — Wi-Fi interface
+    interfaces."wlan0" = {
+      allowedTCPPorts = [
+        631    # CUPS / IPP network printing
+        9100   # AppSocket/JetDirect printing
+        6566   # SANE network scanner
+        57621  # Spotify Connect
+        57622  # Spotify local file sync
+      ];
+      allowedTCPPortRanges = [
+        { from = 1714; to = 1764; }  # KDE Connect
+      ];
+      allowedUDPPorts = [
+        5353   # mDNS / Avahi (printer + device discovery)
+        631    # CUPS / IPP
+        67     # DHCP
+        123    # NTP time sync
+        1900   # UPnP device discovery
+        57621  # Spotify Connect
+      ];
+      allowedUDPPortRanges = [
+        { from = 1714; to = 1764; }  # KDE Connect
+      ];
+    };
+
+    # LAN-only ports — ethernet (ready for when you plug in)
+    interfaces."enp0s31f6" = {
+      allowedTCPPorts = [
+        631    # CUPS / IPP network printing
+        9100   # AppSocket/JetDirect printing
+        6566   # SANE network scanner
+        57621  # Spotify Connect
+        57622  # Spotify local file sync
+      ];
+      allowedTCPPortRanges = [
+        { from = 1714; to = 1764; }  # KDE Connect
+      ];
+      allowedUDPPorts = [
+        5353   # mDNS / Avahi (printer + device discovery)
+        631    # CUPS / IPP
+        67     # DHCP
+        123    # NTP time sync
+        1900   # UPnP device discovery
+        57621  # Spotify Connect
+      ];
+      allowedUDPPortRanges = [
+        { from = 1714; to = 1764; }  # KDE Connect
+      ];
+    };
+  };
+
+  # Firewall management tools
+  environment.systemPackages = with pkgs; [
+    nixos-firewall-tool  # CLI: sudo nixos-firewall-tool open tcp 8080
+    firewall-config      # GUI: graphical firewall manager (Wayland-compatible)
+  ];
+  services.firewalld.enable = true;
+}

Droidnix/generated/modules/traveldroid/system/networking.nix

@@ -9,8 +9,6 @@
     # Let DHCP be default unless overridden elsewhere
     useDHCP = lib.mkDefault true;
 
-    # Hostname comes from host.nix, do NOT redefine here
-
     #################################
     # NetworkManager (primary stack)
     #################################
@@ -28,20 +26,6 @@
       # Allow user control via NM / CLI
       settings.General.EnableNetworkConfiguration = true;
     };
-
-    #################################
-    # Firewall
-    #################################
-    firewall = {
-      enable = true;
-      # KDE Connect support
-      allowedTCPPortRanges = [
-        { from = 1714; to = 1764; }
-      ];
-      allowedUDPPortRanges = [
-        { from = 1714; to = 1764; }
-      ];
-    };
   };
 
   #################################