From 3982d9bb675517ce42c6f01a368fc56f70074ec6 Mon Sep 17 00:00:00 2001
From: Larra Emily Sarah <larra.vanloon@gmail.com>
Date: Tue, 6 Jan 2026 18:49:57 +0100
Subject: [PATCH] "92 2026-01-06 18:49:55 26.05.20260102.fb7944c 6.18.3"

---
 configuration.nix |  6 ++++--
 flake.lock        |  6 +++---
 packet-tracer.nix | 42 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 49 insertions(+), 5 deletions(-)
 create mode 100644 packet-tracer.nix

diff --git a/configuration.nix b/configuration.nix
index b4bc5eb..1f0de0e 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -10,6 +10,7 @@
   imports = [
     # Include the results of the hardware scan.
     /etc/nixos/hardware-configuration.nix
+    ./packet-tracer.nix
   ];
 
   # Bootloader.
@@ -152,7 +153,7 @@
   environment.systemPackages = with pkgs; [
     # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget steam alacritty
     libva-utils
-    vesktop
+    pkgs-stable.vesktop
     git
     tealdeer
     bat
@@ -210,7 +211,7 @@
     yt-dlp
     strawberry
     gamemode
-    xfce.thunar
+    thunar
     alejandra
     wineWowPackages.stagingFull
     winetricks
@@ -220,6 +221,7 @@
     jq
     python313Packages.ipython
     geogebra
+    ciscoPacketTracer8
   ];
 
   fonts.enableDefaultPackages = true;
diff --git a/flake.lock b/flake.lock
index 3d5890c..6dbe7a0 100644
--- a/flake.lock
+++ b/flake.lock
@@ -23,11 +23,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1767116409,
-        "narHash": "sha256-5vKw92l1GyTnjoLzEagJy5V5mDFck72LiQWZSOnSicw=",
+        "lastModified": 1767379071,
+        "narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "cad22e7d996aea55ecab064e84834289143e44a0",
+        "rev": "fb7944c166a3b630f177938e478f0378e64ce108",
         "type": "github"
       },
       "original": {
diff --git a/packet-tracer.nix b/packet-tracer.nix
new file mode 100644
index 0000000..382490d
--- /dev/null
+++ b/packet-tracer.nix
@@ -0,0 +1,42 @@
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  nixpkgs.config.packageOverrides = pkgs: {
+    ciscoPacketTracer8 = pkgs.ciscoPacketTracer8.override {
+      packetTracerSource = /home/sarah/CiscoPacketTracer822_amd64_signed.deb;
+    };
+  };
+
+  nixpkgs.config.permittedInsecurePackages = [
+    "ciscoPacketTracer8-8.2.2"
+  ];
+
+  # Packet tracer log in can be subverted if there is no internet connection
+  # so use firejail to isolate packet tracer into its own network namespace
+  # when running
+  programs.firejail = {
+    enable = true;
+    wrappedBinaries = {
+      packettracer8 = {
+        executable = lib.getExe pkgs.ciscoPacketTracer8;
+
+        # Will still want a .desktop entry as the package is not directly added
+        desktop = "${pkgs.ciscoPacketTracer8}/share/applications/cisco-pt8.desktop.desktop";
+
+        extraArgs = [
+          # This should make it run in isolated netns, preventing internet access
+          "--net=none"
+
+          # firejail is only needed for network isolation so no futher profile is needed
+          "--noprofile"
+
+          # Packet tracer doesn't play nice with dark QT themes so this
+          # should unset the theme. Uncomment if you have this issue.
+          ''--env=QT_STYLE_OVERRIDE=""''
+        ];
+      };
+    };
+  };
+}