Szymon Kaliski

  1. Main
  2. Projects
  3. Notes
  4. Music
  5. Bio

Migrating to the Basement, Smart Home Setup, and Nix on macOS


A lot has happened this quarter; actually, seems like a lot is happening every quarter. Maybe three months is just a long time?

This time I write about moving my studio to the basement, our "smart" home setup, and give you a short experience report from setting up Nix on macOS.

Moving To The Basement

Ever since properly joining the workforce, I've been always working from home, which I acknowledge is a privilege, but not without its downsides. I've heard multiple people struggling with "the couch is right there", but I had the opposite problem: "the work is right there", and there's always something more to do. It was always hard to finish my workday, and the timezone shift to the west coast doesn't really help either (all my coworkers are only just starting their day). Also, home can be distracting sometimes.

For a long while, I dreamed of having my own separate space, one that I can lock up and leave at the end of the day, one that's quiet when I need it, one where I can be noisy when I want to, and one where I can be messy — where I don't have to worry about dropping a screwdriver on the floor, or having to immediately clean up when I drill into an aluminum extrusion.

At the beginning of March, this dream came through. The building we live in had a small doctor's office, which has been unoccupied for a good couple of years now. We managed to rent it, and spent the last year renovating: first demolition and clearing up everything we could, and then light polishing pass — new floor, new bathroom — and finally two weekends of running up and down the stairs to move from here:

To here:

It's only been a month since I've moved, so definitely not enough time for any sort of long-term reflection, but I definitely feel a clearer separation between when I'm "at work" and when I'm not, which is great.

Smart Home Setup

Moving to the basement is a good segue into talking a bit about the minimally-smart home setup we have, as the move allowed me to add some fun automations.

My general philosophy here is that the IoT stuff should have no access to the outside world (internet blocked on the router), and that the automations, if any, should be as straight-forward as possible.

The setup consists of:

Everything is wired with Node-RED, and the state is kept in MQTT, so even if I restart the Node-RED process, the current state stays alive, and I can monitor and access it in multiple ways. We also have a very basic Node-RED Dashboard so we can toggle stuff manually when we're at home (and I can do so while I'm away too, thanks to the magic of Tailscale; I wasn't so cruel as to force my wife to deal with this though).

The only automations we have set up at home are turning the LED on at dusk if anyone is present in the living room, and turning it off at specified time at night.

The studio automations are bit more fun, since I'm the only one having to deal with them if they misbehave:

Going back to our home, the cameras we have in our living room have access to the internet only if we flip a switch in the Node-RED dashboard. We basically "turn them on" only when we know we'll leave our dog inside for a while, or if we're going on holidays. It would be great to automate this, but I can't come up with a way that wouldn't be annoying to my wife, so here we are, flipping virtual switches like cavemen.

This is all done just for additional peace-of-mind, we have a proper alarm that has nothing to do with this system (so I don't break it when I'm messing around with things).

The internet access is blocked on a router, by SSH-ing into it from Node-RED, executing some nvram commands, and restarting the firewall service, it's terrible, but it works (SSH is enabled, of course, for LAN access only). For those of you who are very curious, we have ASUS RT-AX86U (actually two of them, one in our apartment, and one in the studio, hard-wired with an ethernet cable), and the relevant commands are:

nvram set MULTIFILTER_MAC="MAC_1>MAC_2>..." # yes, ">" is the separator
nvram set MULTIFILTER_ENABLE="2>2>..."      # yes, "2" means "blocked"
nvram commit
rc rc_service restart_firewall

I got these keys by running nvram show, changing some options in the UI, running it again, and diffing the output.

The important part is that everything still works even if our internet connection is not working, and even if the local network drops, the only thing we lose is being able to control the IKEA led, everything else is done through Wi-Fi sockets, which have physical buttons on them (though sometimes hard to reach).

Setting up Nix on macOS

Continuing with the nerdiness, working at Replit was a forcing function for taking a closer look at Nix (since the Repls, and our repos, both use it for package management), which, turns out, is actually pretty nice.

I got double-encouraged by Homebrew breaking some Python stuff (again), and one weekend I sat down and migrated to Nix on macOS which was surprisingly painless:

The "developer experience" of direnv combined with Nix flakes is great: you just cd into the project, and all of the necessary dependencies are not only auto-installed, but also persisted in a fully reproducible way (well, provided you wrote the flake.nix for them, which really doesn't have to be that complicated).

I can now have different pinned Python versions for different projects, which solves my original issue. I also got rid of nvm since I can get specific Node versions from Nix too, and it just feels nice to have all of that taken care of by a single system.

If you're curious about my pretty straight-forward configuration, you can browse through my dotfiles repository.

Worth Checking Out

What I've been reading lately:

On the web:


As always, let me know if you have any thoughts about anything. You can reply to this email directly, or reach out to

And in the meantime, have a great spring, and see you in three months!

1836 words published on Q1 2024newsletter, rss