diff options
| author | polwex <polwex@sortug.com> | 2025-05-17 07:24:14 +0000 |
|---|---|---|
| committer | polwex <polwex@sortug.com> | 2025-05-17 07:24:14 +0000 |
| commit | 9d89a55dff02122ebef9d8c7b388707084bac2fa (patch) | |
| tree | 015a6a49ddc1f484960e7977e624d1d971a45453 /hosts | |
| parent | bb5002c60d57600ecb812720106a88df80d07362 (diff) | |
| parent | 3efdd55d5cc2e784c6934e9d133f16844c324aad (diff) | |
Merge branch 'master' of mygit:/polwex/nixconf
Diffstat (limited to 'hosts')
| -rw-r--r-- | hosts/cloud/bkk/nginx.nix | 36 | ||||
| -rw-r--r-- | hosts/cloud/sortug/nginx.nix | 37 | ||||
| -rw-r--r-- | hosts/cloud/sortug/packages.nix | 20 | ||||
| -rw-r--r-- | hosts/editors.nix | 12 | ||||
| -rw-r--r-- | hosts/local/gui.nix | 7 | ||||
| -rw-r--r-- | hosts/local/i3.nix | 18 | ||||
| -rw-r--r-- | hosts/local/master/configuration.nix | 51 | ||||
| -rw-r--r-- | hosts/local/master/hardware-configuration.nix | 48 | ||||
| -rw-r--r-- | hosts/local/master/keyboard.nix | 4 | ||||
| -rw-r--r-- | hosts/local/master/rgb.nix | 15 | ||||
| -rw-r--r-- | hosts/local/master/rtl8188gu.nix | 56 | ||||
| -rw-r--r-- | hosts/local/nvidia.nix | 2 | ||||
| -rw-r--r-- | hosts/local/wayland.nix | 4 | ||||
| -rw-r--r-- | hosts/pkgs.nix | 8 |
14 files changed, 240 insertions, 78 deletions
diff --git a/hosts/cloud/bkk/nginx.nix b/hosts/cloud/bkk/nginx.nix index 3314674..7de02ee 100644 --- a/hosts/cloud/bkk/nginx.nix +++ b/hosts/cloud/bkk/nginx.nix @@ -85,23 +85,23 @@ proxy_cache off; ''; }; - # virtualHosts."t.urbit.men" = { - # enableACME = true; - # forceSSL = true; - # locations."/" = { - # proxyPass = "http://127.0.0.1:8081"; - # # proxyWebsockets = true; # needed if you need to use WebSocket - # extraConfig = '' - # proxy_set_header Host $host; - # proxy_set_header Forwarded $proxy_add_x_forwarded_for; - # ''; - # }; - # extraConfig = '' - # chunked_transfer_encoding off; - # proxy_http_version 1.1; - # proxy_buffering off; - # proxy_cache off; - # ''; - # }; + virtualHosts."t.urbit.men" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3000"; + # proxyWebsockets = true; # needed if you need to use WebSocket + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header Forwarded $proxy_add_x_forwarded_for; + ''; + }; + extraConfig = '' + chunked_transfer_encoding off; + proxy_http_version 1.1; + proxy_buffering off; + proxy_cache off; + ''; + }; }; } diff --git a/hosts/cloud/sortug/nginx.nix b/hosts/cloud/sortug/nginx.nix index 68a0c5b..5c129fb 100644 --- a/hosts/cloud/sortug/nginx.nix +++ b/hosts/cloud/sortug/nginx.nix @@ -58,6 +58,25 @@ proxyWebsockets = true; # needed if you need to use WebSocket }; }; + # polwex + virtualHosts."pw.sortug.com" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:8091"; + # proxyWebsockets = true; # needed if you need to use WebSocket + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header Forwarded $proxy_add_x_forwarded_for; + ''; + }; + extraConfig = '' + proxy_http_version 1.1; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; + }; virtualHosts."p.sortug.com" = { enableACME = true; forceSSL = true; @@ -76,6 +95,24 @@ proxy_cache off; ''; }; + virtualHosts."papa.sortug.com" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:8924"; + # proxyWebsockets = true; # needed if you need to use WebSocket + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header Forwarded $proxy_add_x_forwarded_for; + ''; + }; + extraConfig = '' + proxy_http_version 1.1; + chunked_transfer_encoding off; + proxy_buffering off; + proxy_cache off; + ''; + }; virtualHosts."mcp.sortug.com" = { enableACME = true; forceSSL = true; diff --git a/hosts/cloud/sortug/packages.nix b/hosts/cloud/sortug/packages.nix index 6985acb..72ce5c4 100644 --- a/hosts/cloud/sortug/packages.nix +++ b/hosts/cloud/sortug/packages.nix @@ -1,9 +1,11 @@ -{ config, pkgs, ... }: - { - nixpkgs.config = { - allowUnfree = true; - }; + config, + pkgs, + ... +}: { + nixpkgs.config = { + allowUnfree = true; + }; environment.systemPackages = with pkgs; [ neovim @@ -31,7 +33,6 @@ testdisk tokei # Handy tool to see lines of code by language watchexec # Fileystem watcher/executor useful for speedy development - xsv # CSV file parsing utility just # Intriguing new make replacement mdcat # Markdown converter/reader for the CLI tree @@ -42,12 +43,11 @@ curl caddy # simple web server made with go innernet - + # s3 minio # databases - # postgresql - # sqlite + # postgresql + # sqlite ]; } - diff --git a/hosts/editors.nix b/hosts/editors.nix index 241ea57..78d0fdd 100644 --- a/hosts/editors.nix +++ b/hosts/editors.nix @@ -5,10 +5,14 @@ }: { environment.variables.EDITOR = "hx"; environment.variables.F = "hx"; - environment.systemPackages = [ - pkgs.neovim + environment.systemPackages = with pkgs; [ + neovim #inputs.helix.packages.${pkgs.system}.helix - pkgs.nodePackages.prettier - pkgs.helix + nodePackages.prettier + helix + vscode-langservers-extracted + nil + alejandra + superhtml ]; } diff --git a/hosts/local/gui.nix b/hosts/local/gui.nix index 82d78b1..d783f28 100644 --- a/hosts/local/gui.nix +++ b/hosts/local/gui.nix @@ -12,7 +12,7 @@ foot # messaging - signal-desktop + signal-desktop-bin tdesktop # video mpv @@ -25,7 +25,7 @@ #browsers brave firefox - librewolf + # librewolf vivaldi chromium # mail @@ -36,7 +36,7 @@ xfce.thunar # libreoffice - digikam + # digikam gimp qbittorrent zathura # pdf @@ -46,5 +46,6 @@ ryujinx wineWowPackages.staging dosbox + siyuan ]; } diff --git a/hosts/local/i3.nix b/hosts/local/i3.nix index f955c56..b9e67a7 100644 --- a/hosts/local/i3.nix +++ b/hosts/local/i3.nix @@ -1,10 +1,14 @@ {pkgs, ...}: { environment.pathsToLink = ["/libexec"]; services.xserver = { - xkb.layout = "us"; - xkb.variant = ""; + xkb.options = "compose:ralt"; + # xkb.layout = "us"; + # xkb.variant = ""; enable = true; autorun = false; + # displayManager = { + # startx.enable = true; + # }; desktopManager = { xterm.enable = false; }; @@ -45,6 +49,7 @@ # screenshots flameshot shutter + maim xclip pavucontrol # icons @@ -111,7 +116,14 @@ # screen capture # - xdg.portal.enable = true; + xdg.portal = { + enable = true; + xdgOpenUsePortal = true; + extraPortals = [ + pkgs.xdg-desktop-portal-gtk + pkgs.xdg-desktop-portal-gnome + ]; + }; xdg.portal.config.common.default = "*"; xdg.portal.wlr.enable = true; services.dbus.enable = true; diff --git a/hosts/local/master/configuration.nix b/hosts/local/master/configuration.nix index 375c10b..83de833 100644 --- a/hosts/local/master/configuration.nix +++ b/hosts/local/master/configuration.nix @@ -9,18 +9,19 @@ ../../unfree.nix #../../android.nix ../gui.nix - ../i3.nix + # ../i3.nix # ../gnome.nix - # ../wayland.nix + ../wayland.nix ../nvidia.nix ./keyboard.nix - ./rgb.nix + # ./rgb.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelPackages = pkgs.linuxPackages_zen; boot.kernelParams = ["intel_pstate=active"]; # boot.supportedFilesystems = ["ntfs"]; services.fprintd.enable = true; @@ -34,8 +35,14 @@ time.timeZone = "Asia/Bangkok"; # Enable the OpenSSH daemon. - # services.openssh.enable = true; - # services.openssh.ports = [5555]; + services.openssh = { + enable = true; + ports = [5555]; + settings.PasswordAuthentication = false; + }; + services.tailscale = { + enable = true; + }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions @@ -46,11 +53,13 @@ # # environment.systemPackages = [ - pkgs.nodejs - pkgs.python312 + # for AI IDE shit + # pkgs.nodejs + # pkgs.python312 # pkgs.openrgb-with-all-plugins ]; - + environment.etc."X11/xorg.conf.d/20-nvidia.conf".source = ./xorg.conf; + services.xserver.displayManager.xserverArgs = ["-config ${./xorg.conf}"]; system.stateVersion = "23.11"; # Did you read the comment? #debugging segfaults @@ -71,4 +80,30 @@ # Ensure the script is copied to the system # environment.etc."startup.sh".source = ./startup.sh; + # temp! + # run vllm through docker (its broken in nixpkgs, but this may be better anyway?) + # virtualisation.oci-containers = { + # backend = "podman"; + # containers = { + # vllm = { + # autoStart = false; + # image = "vllm/vllm-openai:latest"; + # ports = ["5000:5000"]; + # extraOptions = [ + # "--runtime" + # "nvidia" + # "--gpus" + # "all" + # "--ipc" + # "host" + # "--pull=always" + # "--network=host" + # ]; + # cmd = [ + # "--model" + # "mistralai/Mistral-7B-v0.1" + # ]; + # }; + # }; + # }; } diff --git a/hosts/local/master/hardware-configuration.nix b/hosts/local/master/hardware-configuration.nix index 6e2ed9f..8439f01 100644 --- a/hosts/local/master/hardware-configuration.nix +++ b/hosts/local/master/hardware-configuration.nix @@ -1,32 +1,38 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + config, + lib, + pkgs, + modulesPath, + ... +}: let + rtl8188gu = config.boot.kernelPackages.callPackage ./rtl8188gu.nix {}; +in { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-intel"]; + boot.extraModulePackages = []; - fileSystems."/" = - { device = "/dev/disk/by-uuid/3f1343f2-1ba3-4c57-b95e-bb808d3dffd3"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/3f1343f2-1ba3-4c57-b95e-bb808d3dffd3"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/C676-FD24"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/C676-FD24"; + fsType = "vfat"; + options = ["fmask=0077" "dmask=0077"]; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/e34d7981-458b-462a-b551-007bce4f40f9"; } - ]; + swapDevices = [ + {device = "/dev/disk/by-uuid/e34d7981-458b-462a-b551-007bce4f40f9";} + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/local/master/keyboard.nix b/hosts/local/master/keyboard.nix index d6ba135..f148d74 100644 --- a/hosts/local/master/keyboard.nix +++ b/hosts/local/master/keyboard.nix @@ -31,10 +31,10 @@ keyboards = { wirelessThinkpad = { device = "/dev/input/by-id/usb-Lenovo_TrackPoint_Keyboard_II-event-kbd"; - config = builtins.readFile ./thinkpad2.kbd; + config = builtins.readFile ./thinkpad.kbd; }; wiredThinkpad = { - device = "/dev/input/by-id/usb-Lenovo_ThinkPad_Compact_USB_Keyboard_with_TrackPoint-event-kbd"; + device = "/dev/input/by-id/usb-Lenovo_ThinkPad_Compact_usb_Keyboard_with_TrackPoint-event-kbd"; config = builtins.readFile ./thinkpad.kbd; }; }; diff --git a/hosts/local/master/rgb.nix b/hosts/local/master/rgb.nix index 66dbbfb..cd5ffae 100644 --- a/hosts/local/master/rgb.nix +++ b/hosts/local/master/rgb.nix @@ -14,9 +14,18 @@ in { # config = { # services.udev.packages = [pkgs.openrgb]; - services.hardware.openrgb.enable = true; - # boot.kernelModules = ["i2c-dev"]; - # hardware.i2c.enable = true; + services.hardware.openrgb = { + enable = true; + motherboard = "intel"; + package = pkgs.openrgb-with-all-plugins; + }; + boot.kernelParams = ["acpi_enforce_resources=lax"]; + boot.kernelModules = ["i2c-dev" "i2c-pii4"]; + hardware.i2c.enable = true; + environment.systemPackages = with pkgs; [ + i2c-tools + liquidctl + ]; # systemd.services.no-rgb = { # description = "no-rgb"; diff --git a/hosts/local/master/rtl8188gu.nix b/hosts/local/master/rtl8188gu.nix new file mode 100644 index 0000000..74aa78a --- /dev/null +++ b/hosts/local/master/rtl8188gu.nix @@ -0,0 +1,56 @@ +{ + stdenv, + lib, + fetchFromGitHub, + kernel, + bc, +}: let + modDestDir = "$out/lib/modules/${kernel.modDirVersion}/kernel/drivers/net/wireless/realtek/rtl8188gu"; +in + stdenv.mkDerivation rec { + name = "r8188gu-${kernel.version}-${version}"; + # on update please verify that the source matches the realtek version + version = "1.0"; + + src = fetchFromGitHub { + owner = "McMCCRU"; + repo = "rtl8188gu"; + rev = "bb3292dbb72ba6675b5465245eee0e69912f6e76"; + hash = "sha256-ixu8v3ikTdqlNBEp6YrvuoDWKyi0RxjySXr+fTuO77Q="; + }; + + hardeningDisable = ["pic"]; + + nativeBuildInputs = kernel.moduleBuildDependencies ++ [bc]; + + preBuild = + '' + makeFlagsArray+=("KVER=${kernel.modDirVersion}") + makeFlagsArray+=("KSRC=${kernel.dev}/lib/modules/${kernel.modDirVersion}/build") + makeFlagsArray+=("modules") + + # try to make it work for v5.8 - but update_mgmt_frame_registrations is too different + #find -type f -exec sed -i 's/sha256_/rtl_sha256_/g ; s/timespec/timespec64/ ; s/getboottime/getboottime64/ ; s/mgmt_frame_register/update_mgmt_frame_registrations/g' {} \+ + find -type f -exec sed -i 's/timespec/timespec64/ ; s/getboottime/getboottime64/ ; s/entry = proc_create_data.*/entry = NULL;/' {} \+ + '' + + lib.optionalString stdenv.hostPlatform.isAarch64 '' + makeFlagsArray+=("ARCH=arm64") + ''; + + enableParallelBuilding = true; + + installPhase = '' + mkdir -p ${modDestDir} + find . -name '*.ko' -exec cp --parents '{}' ${modDestDir} \; + find ${modDestDir} -name '*.ko' -exec xz -f '{}' \; + ''; + + meta = with lib; { + description = "Realtek RTL8188GU driver"; + longDescription = '' + A kernel module for Realtek 8188 network cards. + ''; + license = licenses.gpl2Plus; + platforms = platforms.linux; + }; + } diff --git a/hosts/local/nvidia.nix b/hosts/local/nvidia.nix index 295d05d..40217ac 100644 --- a/hosts/local/nvidia.nix +++ b/hosts/local/nvidia.nix @@ -12,6 +12,7 @@ else config.boot.kernelPackages.nvidiaPackages.beta; in { boot.kernelModules = ["nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm"]; + environment.systemPackages = [pkgs.nvitop]; # boot.kernelPackages = lib.mkForce unfreePkgs.linuxKernel.packages.linux_xanmod_latest; # boot.kernelParams = ["video=HDMI-A-1:1920x1080"]; # @@ -51,6 +52,7 @@ in { modesetting.enable = true; powerManagement.enable = false; powerManagement.finegrained = false; + # forceFullCompositionPipeline = true; # nvidiaSettings = true; open = false; }; diff --git a/hosts/local/wayland.nix b/hosts/local/wayland.nix index 5c191fe..8de0450 100644 --- a/hosts/local/wayland.nix +++ b/hosts/local/wayland.nix @@ -19,7 +19,7 @@ programs.sway = { enable = true; wrapperFeatures.gtk = true; - extraOptions = ["unsupported-gpu" "--verbose" "--debug"]; + # extraOptions = ["unsupported-gpu" "--verbose" "--debug"]; extraPackages = with pkgs; [ xdg-utils xdg-desktop-portal @@ -96,7 +96,7 @@ tigervnc foliate # code - kompare + kdePackages.kompare meld # tmp # browser TTS diff --git a/hosts/pkgs.nix b/hosts/pkgs.nix index 36584b7..a084f51 100644 --- a/hosts/pkgs.nix +++ b/hosts/pkgs.nix @@ -44,17 +44,16 @@ ncdu zip unzip + p7zip # images imagemagick # nix - nil - alejandra #nixfmt direnv nix-direnv devenv - #inputs.devenv.packages.${pkgs.system}.default + # inputs.devenv.packages.${pkgs.system}.default # scraping python312Packages.yt-dlp # markdown lsp @@ -63,7 +62,6 @@ #crypto # electrum # yacreader - superhtml # ai stuff! # aider-chat @@ -90,6 +88,8 @@ appimage-run # disk automount udiskie + nodejs + bun # /mac ] ++ lib.optionals pkgs.stdenv.isDarwin [ |