mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

formatting

Browse Source
This commit is contained in:
mjallen18
2024-05-31 16:11:42 -05:00
parent 4aead74c7f
commit 29ec754b2f
82 changed files with 1521 additions and 974 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cachix/cachix.nix
View File

@@ -5,9 +5,9 @@ let
folder = ../cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport
(lib.filterAttrs filterCaches (builtins.readDir folder));
in {
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in
{
inherit imports;
nix.settings.substituters = [ "https://cache.nixos.org/" ];
}

4
cachix/nix-community.nix
View File

@@ -2,9 +2,7 @@
nix = {
settings = {
substituters = [ "https://nix-community.cachix.org" ];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
};
};
}

194
flake.nix
View File

@@ -17,7 +17,7 @@
url = "github:nix-community/lanzaboote/v0.3.0";
inputs.nixpkgs.follows = "nixpkgs";
};
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager-stable.url = "github:nix-community/home-manager/release-24.05";
@@ -31,98 +31,118 @@
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
};
outputs = { self, nixpkgs, nixpkgs-stable, chaotic, lanzaboote, impermanence, nix-flatpak, home-manager
, nixos-hardware, nix-darwin, nixos-apple-silicon, home-manager-stable, nix-inspect, nixpkgs-unstable }@inputs:
let
inherit (self) outputs;
in {
overlays = import ./overlays {inherit inputs;};
outputs =
{
self,
nixpkgs,
nixpkgs-stable,
chaotic,
lanzaboote,
impermanence,
nix-flatpak,
home-manager,
nixos-hardware,
nix-darwin,
nixos-apple-silicon,
home-manager-stable,
nix-inspect,
nixpkgs-unstable,
}@inputs:
let
inherit (self) outputs;
in
{
overlays = import ./overlays { inherit inputs; };
nixosConfigurations = {
# Desktop
"matt-nixos" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {inherit inputs outputs;};
modules = [
impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote
nix-flatpak.nixosModules.nix-flatpak
./hosts/desktop/configuration.nix
./share/impermanence
chaotic.nixosModules.default
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.matt = import ./hosts/desktop/home.nix;
}
nixosConfigurations = {
# Desktop
"matt-nixos" = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs;
};
modules = [
impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote
nix-flatpak.nixosModules.nix-flatpak
./hosts/desktop/configuration.nix
./share/impermanence
chaotic.nixosModules.default
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.matt = import ./hosts/desktop/home.nix;
}
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-hidpi
nixos-hardware.nixosModules.common-pc
];
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-gpu-amd
nixos-hardware.nixosModules.common-hidpi
nixos-hardware.nixosModules.common-pc
];
};
# NAS
"jallen-nas" = nixpkgs-stable.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs;
};
modules = [
./hosts/nas/configuration.nix
home-manager-stable.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.admin = import ./hosts/nas/home.nix;
}
];
};
# mac nix
"mac-nixos" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
nixos-apple-silicon.nixosModules.apple-silicon-support
./hosts/mac-nixos/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.matt = import ./hosts/mac-nixos/home.nix;
}
];
};
# Pi4
"nixos-pi4" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
nixos-hardware.nixosModules.raspberry-pi-4
./hosts/pi4/configuration.nix
];
};
};
# NAS
"jallen-nas" = nixpkgs-stable.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {inherit inputs outputs;};
modules = [
./hosts/nas/configuration.nix
home-manager-stable.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.admin = import ./hosts/nas/home.nix;
}
];
darwinConfigurations = {
"MacBook-Pro" = nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
modules = [
./hosts/mac/configuration.nix
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.mattjallen = import ./hosts/mac/home.nix;
}
];
};
};
# mac nix
"mac-nixos" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
nixos-apple-silicon.nixosModules.apple-silicon-support
./hosts/mac-nixos/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.matt = import ./hosts/mac-nixos/home.nix;
}
];
};
# Expose the package set, including overlays, for convenience.
darwinPackages = self.darwinConfigurations."MacBook-Pro".pkgs;
# Pi4
"nixos-pi4" = nixpkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [
nixos-hardware.nixosModules.raspberry-pi-4
./hosts/pi4/configuration.nix
];
};
# Set Git commit hash for darwin-version.
system.configurationRevision = self.rev or self.dirtyRev or null;
};
darwinConfigurations = {
"MacBook-Pro" = nix-darwin.lib.darwinSystem {
system = "aarch64-darwin";
modules = [
./hosts/mac/configuration.nix
home-manager.darwinModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.mattjallen = import ./hosts/mac/home.nix;
}
];
};
};
# Expose the package set, including overlays, for convenience.
darwinPackages = self.darwinConfigurations."MacBook-Pro".pkgs;
# Set Git commit hash for darwin-version.
system.configurationRevision = self.rev or self.dirtyRev or null;
};
}

66
hosts/default.nix
View File

@@ -1,11 +1,24 @@
{ config, lib, pkgs, ... }:
let timezone = "America/Chicago";
in {
imports = [ ../modules ../share ];
{
config,
lib,
pkgs,
...
}:
let
timezone = "America/Chicago";
in
{
imports = [
../modules
../share
];
# Enable nix flakes and nix-command tools
nix = {
settings.experimental-features = [ "nix-command" "flakes" ];
settings.experimental-features = [
"nix-command"
"flakes"
];
# Garbage collect automatically every week
gc.automatic = lib.mkDefault true;
@@ -81,10 +94,8 @@ in {
};
};
environment.systemPackages = with pkgs; [
pinentry-curses
];
environment.systemPackages = with pkgs; [ pinentry-curses ];
# Security config
security = {
rtkit.enable = lib.mkDefault true;
@@ -92,24 +103,25 @@ in {
# configure sudo
sudo = {
enable = lib.mkDefault true;
extraRules = [{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
extraRules = [
{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}
];
};
};
}

62
hosts/desktop/configuration.nix
View File

@@ -2,16 +2,23 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, outputs, lib, pkgs, ... }:
{
config,
outputs,
lib,
pkgs,
...
}:
let
user = "matt";
password =
"$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "matt-nixos";
gnome = false;
plasma = true;
in {
imports = [ # Include the results of the hardware scan.
in
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# ../../cachix/cachix.nix
../default.nix
@@ -142,7 +149,9 @@ in {
};
# Time config
time = { hardwareClockInLocalTime = true; };
time = {
hardwareClockInLocalTime = true;
};
# xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
# xdg.portal.extraPortals = mkIf plasma [ pkgs.xdg-desktop-portal-gtk ];
@@ -190,7 +199,11 @@ in {
# Define a user account. Don't forget to set a password with passwd.
users.users."${user}" = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "ratbagd" ]; # Enable sudo for the user.
extraGroups = [
"wheel"
"networkmanager"
"ratbagd"
]; # Enable sudo for the user.
shell = pkgs.fish;
};
@@ -213,19 +226,46 @@ in {
fileSystems."/media/nas/backup" = {
device = "//10.0.1.18/Backup";
fsType = "cifs";
options = [ "sec=none" "x-systemd.automount" "auto" "rw" "file_mode=0775" "dir_mode=0775" "uid=matt" "gid=wheel" ];
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
};
fileSystems."/media/nas/isos" = {
device = "//10.0.1.18/isos";
fsType = "cifs";
options = [ "sec=none" "x-systemd.automount" "auto" "rw" "file_mode=0775" "dir_mode=0775" "uid=matt" "gid=wheel" ];
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
};
fileSystems."/media/nas/3d_printer" = {
device = "//10.0.1.18/3d_printer";
fsType = "cifs";
options = [ "sec=none" "x-systemd.automount" "auto" "rw" "file_mode=0775" "dir_mode=0775" "uid=matt" "gid=wheel" ];
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
};
# This option defines the first version of NixOS you have installed on this particular machine,
@@ -245,6 +285,4 @@ in {
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}

60
hosts/desktop/hardware-configuration.nix
View File

@@ -1,13 +1,26 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "nvme" "ahci" "usbhid" "uas" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"ahci"
"usbhid"
"uas"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
@@ -15,37 +28,60 @@
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
options = [ "defaults" "size=256G" "mode=755" ];
options = [
"defaults"
"size=256G"
"mode=755"
];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/c6cf43cb-d0d2-4111-bc81-994e41b2632d";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" "noatime" ];
options = [
"subvol=nix"
"compress=zstd"
"noatime"
];
};
fileSystems."/etc" = {
device = "/dev/disk/by-uuid/c6cf43cb-d0d2-4111-bc81-994e41b2632d";
fsType = "btrfs";
options = [ "subvol=etc" "compress=zstd" "noatime" ];
options = [
"subvol=etc"
"compress=zstd"
"noatime"
];
};
fileSystems."/root" = {
device = "/dev/disk/by-uuid/c6cf43cb-d0d2-4111-bc81-994e41b2632d";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" "noatime" ];
options = [
"subvol=root"
"compress=zstd"
"noatime"
];
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/c6cf43cb-d0d2-4111-bc81-994e41b2632d";
fsType = "btrfs";
options = [ "subvol=log" "compress=zstd" "noatime" ];
options = [
"subvol=log"
"compress=zstd"
"noatime"
];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/c6cf43cb-d0d2-4111-bc81-994e41b2632d";
fsType = "btrfs";
options = [ "subvol=home" "compress=zstd" ];
options = [
"subvol=home"
"compress=zstd"
];
};
fileSystems."/boot" = {
@@ -53,8 +89,7 @@
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/disk/by-uuid/a94819f6-d4e1-4471-b972-703c80de1a5f"; }];
swapDevices = [ { device = "/dev/disk/by-uuid/a94819f6-d4e1-4471-b972-703c80de1a5f"; } ];
fileSystems."/home/matt/Games" = {
device = "/dev/disk/by-uuid/1adb3161-ef9e-45d9-be5f-dd718186f1b3";
@@ -74,6 +109,5 @@
# networking.interfaces.wlp9s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

2
hosts/desktop/home.nix
View File

@@ -61,7 +61,7 @@
vmware-horizon-client
vorta
];
# dconf = {
# enable = true;
# settings = {

4
hosts/mac-nixos/apple-silicon-support/default.nix
View File

@@ -1,7 +1,5 @@
{ ... }:
{
imports = [
./modules/default.nix
];
imports = [ ./modules/default.nix ];
}

21
hosts/mac-nixos/apple-silicon-support/modules/boot-m1n1/default.nix
View File

@@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
pkgs' = config.hardware.asahi.pkgs;
@@ -8,12 +13,10 @@ let
customLogo = config.boot.m1n1CustomLogo;
};
bootUBoot = pkgs'.uboot-asahi.override {
m1n1 = bootM1n1;
};
bootUBoot = pkgs'.uboot-asahi.override { m1n1 = bootM1n1; };
bootFiles = {
"m1n1/boot.bin" = pkgs.runCommand "boot.bin" {} ''
"m1n1/boot.bin" = pkgs.runCommand "boot.bin" { } ''
cat ${bootM1n1}/build/m1n1.bin > $out
cat ${config.boot.kernelPackages.kernel}/dtbs/apple/*.dtb >> $out
cat ${bootUBoot}/u-boot-nodtb.bin.gz >> $out
@@ -22,14 +25,18 @@ let
fi
'';
};
in {
in
{
config = lib.mkIf config.hardware.asahi.enable {
# install m1n1 with the boot loader
boot.loader.grub.extraFiles = bootFiles;
boot.loader.systemd-boot.extraFiles = bootFiles;
# ensure the installer has m1n1 in the image
system.extraDependencies = lib.mkForce [ bootM1n1 bootUBoot ];
system.extraDependencies = lib.mkForce [
bootM1n1
bootUBoot
];
system.build.m1n1 = bootFiles."m1n1/boot.bin";
};

19
hosts/mac-nixos/apple-silicon-support/modules/default.nix
View File

@@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
{
imports = [
./kernel
@@ -8,20 +13,22 @@
./sound
];
config = let
config =
let
cfg = config.hardware.asahi;
in lib.mkIf cfg.enable {
in
lib.mkIf cfg.enable {
nixpkgs.overlays = lib.mkBefore [ cfg.overlay ];
hardware.asahi.pkgs =
if cfg.pkgsSystem != "aarch64-linux"
then
if cfg.pkgsSystem != "aarch64-linux" then
import (pkgs.path) {
crossSystem.system = "aarch64-linux";
localSystem.system = cfg.pkgsSystem;
overlays = [ cfg.overlay ];
}
else pkgs;
else
pkgs;
};
options.hardware.asahi = {

21
hosts/mac-nixos/apple-silicon-support/modules/kernel/default.nix
View File

@@ -1,11 +1,17 @@
# the Asahi Linux kernel and options that must go along with it
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
{
config = lib.mkIf config.hardware.asahi.enable {
boot.kernelPackages = let
pkgs' = config.hardware.asahi.pkgs;
in
boot.kernelPackages =
let
pkgs' = config.hardware.asahi.pkgs;
in
pkgs'.linux-asahi.override {
_kernelPatches = config.boot.kernelPatches;
withRust = config.hardware.asahi.withRust;
@@ -93,8 +99,11 @@
};
imports = [
(lib.mkRemovedOptionModule [ "hardware" "asahi" "addEdgeKernelConfig" ]
"All edge kernel config options are now the default.")
(lib.mkRemovedOptionModule [
"hardware"
"asahi"
"addEdgeKernelConfig"
] "All edge kernel config options are now the default.")
];
options.hardware.asahi.withRust = lib.mkOption {

98
hosts/mac-nixos/apple-silicon-support/modules/mesa/default.nix
View File

@@ -1,47 +1,57 @@
{ config, pkgs, lib, ... }:
{
config = let
isMode = mode: (config.hardware.asahi.useExperimentalGPUDriver
&& config.hardware.asahi.experimentalGPUInstallMode == mode);
in lib.mkIf config.hardware.asahi.enable (lib.mkMerge [
{
# required for proper DRM setup even without GPU driver
services.xserver.config = ''
Section "OutputClass"
Identifier "appledrm"
MatchDriver "apple"
Driver "modesetting"
Option "PrimaryGPU" "true"
EndSection
'';
}
(lib.mkIf config.hardware.asahi.useExperimentalGPUDriver {
# install the drivers
hardware.opengl.package = config.hardware.asahi.pkgs.mesa-asahi-edge.drivers;
# required for in-kernel GPU driver
hardware.asahi.withRust = true;
})
(lib.mkIf (isMode "replace") {
# replace the Mesa linked into system packages with the Asahi version
# without rebuilding them to avoid rebuilding the world.
system.replaceRuntimeDependencies = [
{ original = pkgs.mesa;
replacement = config.hardware.asahi.pkgs.mesa-asahi-edge;
config,
pkgs,
lib,
...
}:
{
config =
let
isMode =
mode:
(
config.hardware.asahi.useExperimentalGPUDriver
&& config.hardware.asahi.experimentalGPUInstallMode == mode
);
in
lib.mkIf config.hardware.asahi.enable (
lib.mkMerge [
{
# required for proper DRM setup even without GPU driver
services.xserver.config = ''
Section "OutputClass"
Identifier "appledrm"
MatchDriver "apple"
Driver "modesetting"
Option "PrimaryGPU" "true"
EndSection
'';
}
];
})
(lib.mkIf (isMode "overlay") {
# replace the Mesa used in Nixpkgs with the Asahi version using an overlay,
# which requires rebuilding the world but ensures it is done faithfully
# (and in a way compatible with pure evaluation)
nixpkgs.overlays = [
(final: prev: {
mesa = final.mesa-asahi-edge;
(lib.mkIf config.hardware.asahi.useExperimentalGPUDriver {
# install the drivers
hardware.opengl.package = config.hardware.asahi.pkgs.mesa-asahi-edge.drivers;
# required for in-kernel GPU driver
hardware.asahi.withRust = true;
})
];
})
]);
(lib.mkIf (isMode "replace") {
# replace the Mesa linked into system packages with the Asahi version
# without rebuilding them to avoid rebuilding the world.
system.replaceRuntimeDependencies = [
{
original = pkgs.mesa;
replacement = config.hardware.asahi.pkgs.mesa-asahi-edge;
}
];
})
(lib.mkIf (isMode "overlay") {
# replace the Mesa used in Nixpkgs with the Asahi version using an overlay,
# which requires rebuilding the world but ensures it is done faithfully
# (and in a way compatible with pure evaluation)
nixpkgs.overlays = [ (final: prev: { mesa = final.mesa-asahi-edge; }) ];
})
]
);
options.hardware.asahi.useExperimentalGPUDriver = lib.mkOption {
type = lib.types.bool;
@@ -54,7 +64,11 @@
};
options.hardware.asahi.experimentalGPUInstallMode = lib.mkOption {
type = lib.types.enum [ "driver" "replace" "overlay" ];
type = lib.types.enum [
"driver"
"replace"
"overlay"
];
default = "replace";
description = ''
Mode to use to install the experimental GPU driver into the system.

65
hosts/mac-nixos/apple-silicon-support/modules/peripheral-firmware/default.nix
View File

@@ -1,8 +1,14 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
{
config = lib.mkIf config.hardware.asahi.enable {
assertions = lib.mkIf config.hardware.asahi.extractPeripheralFirmware [
{ assertion = config.hardware.asahi.peripheralFirmwareDirectory != null;
{
assertion = config.hardware.asahi.peripheralFirmwareDirectory != null;
message = ''
Asahi peripheral firmware extraction is enabled but the firmware
location appears incorrect.
@@ -10,26 +16,34 @@
}
];
hardware.firmware = let
pkgs' = config.hardware.asahi.pkgs;
in
lib.mkIf ((config.hardware.asahi.peripheralFirmwareDirectory != null)
&& config.hardware.asahi.extractPeripheralFirmware) [
(pkgs.stdenv.mkDerivation {
name = "asahi-peripheral-firmware";
hardware.firmware =
let
pkgs' = config.hardware.asahi.pkgs;
in
lib.mkIf
(
(config.hardware.asahi.peripheralFirmwareDirectory != null)
&& config.hardware.asahi.extractPeripheralFirmware
)
[
(pkgs.stdenv.mkDerivation {
name = "asahi-peripheral-firmware";
nativeBuildInputs = [ pkgs'.asahi-fwextract pkgs.cpio ];
nativeBuildInputs = [
pkgs'.asahi-fwextract
pkgs.cpio
];
buildCommand = ''
mkdir extracted
asahi-fwextract ${config.hardware.asahi.peripheralFirmwareDirectory} extracted
buildCommand = ''
mkdir extracted
asahi-fwextract ${config.hardware.asahi.peripheralFirmwareDirectory} extracted
mkdir -p $out/lib/firmware
cat extracted/firmware.cpio | cpio -id --quiet --no-absolute-filenames
mv vendorfw/* $out/lib/firmware
'';
})
];
mkdir -p $out/lib/firmware
cat extracted/firmware.cpio | cpio -id --quiet --no-absolute-filenames
mv vendorfw/* $out/lib/firmware
'';
})
];
};
options.hardware.asahi = {
@@ -45,13 +59,12 @@
peripheralFirmwareDirectory = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = lib.findFirst (path: builtins.pathExists (path + "/all_firmware.tar.gz")) null
[
# path when the system is operating normally
/boot/asahi
# path when the system is mounted in the installer
/mnt/boot/asahi
];
default = lib.findFirst (path: builtins.pathExists (path + "/all_firmware.tar.gz")) null [
# path when the system is operating normally
/boot/asahi
# path when the system is mounted in the installer
/mnt/boot/asahi
];
description = ''
Path to the directory containing the non-free non-redistributable

148
hosts/mac-nixos/apple-silicon-support/modules/sound/default.nix
View File

@@ -1,4 +1,10 @@
{ config, options, pkgs, lib, ... }:
{
config,
options,
pkgs,
lib,
...
}:
{
imports = [
@@ -19,72 +25,96 @@
};
};
config = let
cfg = config.hardware.asahi;
config =
let
cfg = config.hardware.asahi;
asahi-audio = pkgs.asahi-audio; # the asahi-audio we use
asahi-audio = pkgs.asahi-audio; # the asahi-audio we use
lsp-plugins = pkgs.lsp-plugins; # the lsp-plugins we use
lsp-plugins = pkgs.lsp-plugins; # the lsp-plugins we use
lsp-plugins-is-patched = (lsp-plugins.overrideAttrs (old: {
passthru = (old.passthru or {}) // {
lsp-plugins-is-patched = builtins.elem "58c3f985f009c84347fa91236f164a9e47aafa93.patch"
(builtins.map (p: p.name) (old.patches or []));
};
})).lsp-plugins-is-patched;
lsp-plugins-is-patched =
(lsp-plugins.overrideAttrs (old: {
passthru = (old.passthru or { }) // {
lsp-plugins-is-patched = builtins.elem "58c3f985f009c84347fa91236f164a9e47aafa93.patch" (
builtins.map (p: p.name) (old.patches or [ ])
);
};
})).lsp-plugins-is-patched;
lsp-plugins-is-safe = (pkgs.lib.versionAtLeast lsp-plugins.version "1.2.14") || lsp-plugins-is-patched;
lsp-plugins-is-safe =
(pkgs.lib.versionAtLeast lsp-plugins.version "1.2.14") || lsp-plugins-is-patched;
# https://github.com/NixOS/nixpkgs/pull/282377
# options is the set of all module option declarations, rather than their
# values, to prevent infinite recursion
newHotness = builtins.hasAttr "configPackages" options.services.pipewire;
# https://github.com/NixOS/nixpkgs/pull/282377
# options is the set of all module option declarations, rather than their
# values, to prevent infinite recursion
newHotness = builtins.hasAttr "configPackages" options.services.pipewire;
lv2Path = lib.makeSearchPath "lib/lv2" [ lsp-plugins pkgs.bankstown-lv2 ];
in lib.mkIf (cfg.setupAsahiSound && cfg.enable) (lib.mkMerge [
{
# enable pipewire to run real-time and avoid audible glitches
security.rtkit.enable = true;
# set up pipewire with the supported capabilities (instead of pulseaudio)
# and asahi-audio configs and plugins
services.pipewire = {
enable = true;
lv2Path = lib.makeSearchPath "lib/lv2" [
lsp-plugins
pkgs.bankstown-lv2
];
in
lib.mkIf (cfg.setupAsahiSound && cfg.enable) (
lib.mkMerge [
{
# enable pipewire to run real-time and avoid audible glitches
security.rtkit.enable = true;
# set up pipewire with the supported capabilities (instead of pulseaudio)
# and asahi-audio configs and plugins
services.pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
wireplumber.enable = true;
};
alsa.enable = true;
pulse.enable = true;
wireplumber.enable = true;
};
# set up enivronment so that UCM configs are used as well
environment.variables.ALSA_CONFIG_UCM2 = "${pkgs.alsa-ucm-conf-asahi}/share/alsa/ucm2";
systemd.user.services.pipewire.environment.ALSA_CONFIG_UCM2 = config.environment.variables.ALSA_CONFIG_UCM2;
systemd.user.services.wireplumber.environment.ALSA_CONFIG_UCM2 = config.environment.variables.ALSA_CONFIG_UCM2;
# set up enivronment so that UCM configs are used as well
environment.variables.ALSA_CONFIG_UCM2 = "${pkgs.alsa-ucm-conf-asahi}/share/alsa/ucm2";
systemd.user.services.pipewire.environment.ALSA_CONFIG_UCM2 =
config.environment.variables.ALSA_CONFIG_UCM2;
systemd.user.services.wireplumber.environment.ALSA_CONFIG_UCM2 =
config.environment.variables.ALSA_CONFIG_UCM2;
# enable speakersafetyd to protect speakers
systemd.packages = lib.mkAssert lsp-plugins-is-safe
"lsp-plugins is unpatched/outdated and speakers cannot be safely enabled"
[ pkgs.speakersafetyd ];
services.udev.packages = [ pkgs.speakersafetyd ];
}
(lib.optionalAttrs newHotness {
# use configPackages and friends to install asahi-audio and plugins
services.pipewire = {
configPackages = [ asahi-audio ];
extraLv2Packages = [ lsp-plugins pkgs.bankstown-lv2 ];
wireplumber = {
configPackages = [ asahi-audio ];
extraLv2Packages = [ lsp-plugins pkgs.bankstown-lv2 ];
};
};
})
(lib.optionalAttrs (!newHotness) {
# use environment.etc and environment variables to install asahi-audio and plugins
environment.etc = builtins.listToAttrs (builtins.map
(f: { name = f; value = { source = "${asahi-audio}/share/${f}"; }; })
asahi-audio.providedConfigFiles);
# enable speakersafetyd to protect speakers
systemd.packages =
lib.mkAssert lsp-plugins-is-safe
"lsp-plugins is unpatched/outdated and speakers cannot be safely enabled"
[ pkgs.speakersafetyd ];
services.udev.packages = [ pkgs.speakersafetyd ];
}
(lib.optionalAttrs newHotness {
# use configPackages and friends to install asahi-audio and plugins
services.pipewire = {
configPackages = [ asahi-audio ];
extraLv2Packages = [
lsp-plugins
pkgs.bankstown-lv2
];
wireplumber = {
configPackages = [ asahi-audio ];
extraLv2Packages = [
lsp-plugins
pkgs.bankstown-lv2
];
};
};
})
(lib.optionalAttrs (!newHotness) {
# use environment.etc and environment variables to install asahi-audio and plugins
environment.etc = builtins.listToAttrs (
builtins.map (f: {
name = f;
value = {
source = "${asahi-audio}/share/${f}";
};
}) asahi-audio.providedConfigFiles
);
systemd.user.services.pipewire.environment.LV2_PATH = lv2Path;
systemd.user.services.wireplumber.environment.LV2_PATH = lv2Path;
})
]);
systemd.user.services.pipewire.environment.LV2_PATH = lv2Path;
systemd.user.services.wireplumber.environment.LV2_PATH = lv2Path;
})
]
);
}

18
hosts/mac-nixos/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix
View File

@@ -1,6 +1,8 @@
{ lib
, fetchFromGitHub
, alsa-ucm-conf }:
{
lib,
fetchFromGitHub,
alsa-ucm-conf,
}:
(alsa-ucm-conf.overrideAttrs (oldAttrs: rec {
version = "5";
@@ -12,8 +14,10 @@
rev = "v${version}";
hash = "sha256-daUNz5oUrPfSMO0Tqq/WbtiLHMOtPeQQlI+juGrhTxw=";
};
postInstall = oldAttrs.postInstall or "" + ''
cp -r ${src_asahi}/ucm2 $out/share/alsa
'';
postInstall =
oldAttrs.postInstall or ""
+ ''
cp -r ${src_asahi}/ucm2 $out/share/alsa
'';
}))

7
hosts/mac-nixos/apple-silicon-support/packages/asahi-audio/default.nix
View File

@@ -1,6 +1,7 @@
{ stdenv
, lib
, fetchFromGitHub
{
stdenv,
lib,
fetchFromGitHub,
}:
stdenv.mkDerivation rec {

13
hosts/mac-nixos/apple-silicon-support/packages/asahi-fwextract/default.nix
View File

@@ -1,9 +1,10 @@
{ lib
, python3
, fetchFromGitHub
, gzip
, gnutar
, lzfse
{
lib,
python3,
fetchFromGitHub,
gzip,
gnutar,
lzfse,
}:
python3.pkgs.buildPythonApplication rec {

21
hosts/mac-nixos/apple-silicon-support/packages/bankstown-lv2/default.nix
View File

@@ -1,9 +1,10 @@
{ lib
, lv2
, pkg-config
, rustPlatform
, fetchFromGitHub
, fetchpatch
{
lib,
lv2,
pkg-config,
rustPlatform,
fetchFromGitHub,
fetchpatch,
}:
rustPlatform.buildRustPackage rec {
@@ -28,11 +29,7 @@ rustPlatform.buildRustPackage rec {
make install
'';
nativeBuildInputs = [
pkg-config
];
nativeBuildInputs = [ pkg-config ];
buildInputs = [
lv2
];
buildInputs = [ lv2 ];
}

278
hosts/mac-nixos/apple-silicon-support/packages/linux-asahi/default.nix
View File

@@ -1,12 +1,13 @@
{ lib
, pkgs
, callPackage
, writeShellScriptBin
, writeText
, removeReferencesTo
, linuxPackagesFor
, withRust ? false
, _kernelPatches ? [ ]
{
lib,
pkgs,
callPackage,
writeShellScriptBin,
writeText,
removeReferencesTo,
linuxPackagesFor,
withRust ? false,
_kernelPatches ? [ ],
}:
let
@@ -14,67 +15,107 @@ let
# parse <OPT> [ymn]|foo style configuration as found in a patch's extraConfig
# into a list of k, v tuples
parseExtraConfig = config:
parseExtraConfig =
config:
let
lines =
builtins.filter (s: s != "") (lib.strings.splitString "\n" config);
parseLine = line: let
t = lib.strings.splitString " " line;
join = l: builtins.foldl' (a: b: "${a} ${b}")
(builtins.head l) (builtins.tail l);
v = if (builtins.length t) > 2 then join (builtins.tail t) else (i t 1);
in [ "CONFIG_${i t 0}" v ];
in map parseLine lines;
lines = builtins.filter (s: s != "") (lib.strings.splitString "\n" config);
parseLine =
line:
let
t = lib.strings.splitString " " line;
join = l: builtins.foldl' (a: b: "${a} ${b}") (builtins.head l) (builtins.tail l);
v = if (builtins.length t) > 2 then join (builtins.tail t) else (i t 1);
in
[
"CONFIG_${i t 0}"
v
];
in
map parseLine lines;
# parse <OPT>=lib.kernel.(yes|module|no)|lib.kernel.freeform "foo"
# style configuration as found in a patch's extraStructuredConfig into
# a list of k, v tuples
parseExtraStructuredConfig = config: lib.attrsets.mapAttrsToList
(k: v: [ "CONFIG_${k}" (v.tristate or v.freeform) ] ) config;
parseExtraStructuredConfig =
config:
lib.attrsets.mapAttrsToList (k: v: [
"CONFIG_${k}"
(v.tristate or v.freeform)
]) config;
parsePatchConfig = { extraConfig ? "", extraStructuredConfig ? {}, ... }:
(parseExtraConfig extraConfig) ++
(parseExtraStructuredConfig extraStructuredConfig);
parsePatchConfig =
{
extraConfig ? "",
extraStructuredConfig ? { },
...
}:
(parseExtraConfig extraConfig) ++ (parseExtraStructuredConfig extraStructuredConfig);
# parse CONFIG_<OPT>=[ymn]|"foo" style configuration as found in a config file
# into a list of k, v tuples
parseConfig = config:
parseConfig =
config:
let
parseLine = builtins.match ''(CONFIG_[[:upper:][:digit:]_]+)=(([ymn])|"([^"]*)")'';
# get either the [ymn] option or the "foo" option; whichever matched
t = l: let v = (i l 2); in [ (i l 0) (if v != null then v else (i l 3)) ];
t =
l:
let
v = (i l 2);
in
[
(i l 0)
(if v != null then v else (i l 3))
];
lines = lib.strings.splitString "\n" config;
in map t (builtins.filter (l: l != null) (map parseLine lines));
in
map t (builtins.filter (l: l != null) (map parseLine lines));
origConfigfile = ./config;
linux-asahi-pkg = { stdenv, lib, fetchFromGitHub, fetchpatch, linuxKernel,
rustPlatform, rustc, rustfmt, rust-bindgen, ... } @ args:
linux-asahi-pkg =
{
stdenv,
lib,
fetchFromGitHub,
fetchpatch,
linuxKernel,
rustPlatform,
rustc,
rustfmt,
rust-bindgen,
...
}@args:
let
origConfigText = builtins.readFile origConfigfile;
# extraConfig from all patches in order
extraConfig =
lib.fold (patch: ex: ex ++ (parsePatchConfig patch)) [] _kernelPatches;
extraConfig = lib.fold (patch: ex: ex ++ (parsePatchConfig patch)) [ ] _kernelPatches;
# config file text for above
extraConfigText = let
text = k: v: if (v == "y") || (v == "m") || (v == "n")
then "${k}=${v}" else ''${k}="${v}"'';
in (map (t: text (i t 0) (i t 1)) extraConfig);
extraConfigText =
let
text = k: v: if (v == "y") || (v == "m") || (v == "n") then "${k}=${v}" else ''${k}="${v}"'';
in
(map (t: text (i t 0) (i t 1)) extraConfig);
# final config as a text file path
configfile = if extraConfig == [] then origConfigfile else
writeText "config" ''
${origConfigText}
configfile =
if extraConfig == [ ] then
origConfigfile
else
writeText "config" ''
${origConfigText}
# Patches
${lib.strings.concatStringsSep "\n" extraConfigText}
'';
# Patches
${lib.strings.concatStringsSep "\n" extraConfigText}
'';
# final config as an attrset
configAttrs = let
makePair = t: lib.nameValuePair (i t 0) (i t 1);
configList = (parseConfig origConfigText) ++ extraConfig;
in builtins.listToAttrs (map makePair (lib.lists.reverseList configList));
configAttrs =
let
makePair = t: lib.nameValuePair (i t 0) (i t 1);
configList = (parseConfig origConfigText) ++ extraConfig;
in
builtins.listToAttrs (map makePair (lib.lists.reverseList configList));
# used to (ostensibly) keep compatibility for those running stable versions of nixos
rustOlder = version: withRust && (lib.versionOlder rustc.version version);
@@ -84,71 +125,94 @@ let
rustAtLeast = version: withRust && (lib.versionAtLeast rustc.version version);
bindgenAtLeast = version: withRust && (lib.versionAtLeast rust-bindgen.unwrapped.version version);
in
(linuxKernel.manualConfig rec {
inherit stdenv lib;
(
linuxKernel.manualConfig rec {
inherit stdenv lib;
version = "6.6.0-asahi";
modDirVersion = version;
extraMeta.branch = "6.6";
version = "6.6.0-asahi";
modDirVersion = version;
extraMeta.branch = "6.6";
src = fetchFromGitHub {
# tracking: https://github.com/AsahiLinux/linux/tree/asahi-wip (w/ fedora verification)
owner = "AsahiLinux";
repo = "linux";
rev = "asahi-6.6-15";
hash = "sha256-Jm7wTKWuwd/6ZN0g5F4CNNETiOyGQL31hfSyTDYH85k=";
};
src = fetchFromGitHub {
# tracking: https://github.com/AsahiLinux/linux/tree/asahi-wip (w/ fedora verification)
owner = "AsahiLinux";
repo = "linux";
rev = "asahi-6.6-15";
hash = "sha256-Jm7wTKWuwd/6ZN0g5F4CNNETiOyGQL31hfSyTDYH85k=";
};
kernelPatches = [
{ name = "coreutils-fix";
patch = ./0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch;
}
# speaker enablement; we assert on the relevant lsp-plugins patch
# before installing speakersafetyd to let the speakers work
{ name = "speakers-1";
patch = fetchpatch {
url = "https://github.com/AsahiLinux/linux/commit/385ea7b5023486aba7919cec8b6b3f6a843a1013.patch";
hash = "sha256-u7IzhJbUgBPfhJXAcpHw1I6OPzPHc1UKYjH91Ep3QHQ=";
};
}
{ name = "speakers-2";
patch = fetchpatch {
url = "https://github.com/AsahiLinux/linux/commit/6a24102c06c95951ab992e2d41336cc6d4bfdf23.patch";
hash = "sha256-wn5x2hN42/kCp/XHBvLWeNLfwlOBB+T6UeeMt2tSg3o=";
};
}
] ++ lib.optionals (rustAtLeast "1.75.0") [
{ name = "rustc-1.75.0";
patch = ./0001-check-in-new-alloc-for-1.75.0.patch;
}
] ++ lib.optionals (rustAtLeast "1.76.0") [
{ name = "rustc-1.76.0";
patch = ./rust_1_76_0.patch;
}
] ++ _kernelPatches;
kernelPatches =
[
{
name = "coreutils-fix";
patch = ./0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch;
}
# speaker enablement; we assert on the relevant lsp-plugins patch
# before installing speakersafetyd to let the speakers work
{
name = "speakers-1";
patch = fetchpatch {
url = "https://github.com/AsahiLinux/linux/commit/385ea7b5023486aba7919cec8b6b3f6a843a1013.patch";
hash = "sha256-u7IzhJbUgBPfhJXAcpHw1I6OPzPHc1UKYjH91Ep3QHQ=";
};
}
{
name = "speakers-2";
patch = fetchpatch {
url = "https://github.com/AsahiLinux/linux/commit/6a24102c06c95951ab992e2d41336cc6d4bfdf23.patch";
hash = "sha256-wn5x2hN42/kCp/XHBvLWeNLfwlOBB+T6UeeMt2tSg3o=";
};
}
]
++ lib.optionals (rustAtLeast "1.75.0") [
{
name = "rustc-1.75.0";
patch = ./0001-check-in-new-alloc-for-1.75.0.patch;
}
]
++ lib.optionals (rustAtLeast "1.76.0") [
{
name = "rustc-1.76.0";
patch = ./rust_1_76_0.patch;
}
]
++ _kernelPatches;
inherit configfile;
# hide Rust support from the nixpkgs infra to avoid it re-adding the rust packages.
# we can't use it until it's in stable and until we've evaluated the cross-compilation impact.
config = configAttrs // { "CONFIG_RUST" = "n"; };
} // (args.argsOverride or {})).overrideAttrs (old: if withRust then {
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
rust-bindgen
rustfmt
rustc
removeReferencesTo
];
# HACK: references shouldn't have been there in the first place
# TODO: remove once 23.05 is obsolete
postFixup = (old.postFixup or "") + ''
if [ -f $dev/lib/modules/${old.version}/build/vmlinux ]; then
remove-references-to -t $out $dev/lib/modules/${old.version}/build/vmlinux
fi
remove-references-to -t $dev $out/Image
'';
RUST_LIB_SRC = rustPlatform.rustLibSrc;
} else {});
inherit configfile;
# hide Rust support from the nixpkgs infra to avoid it re-adding the rust packages.
# we can't use it until it's in stable and until we've evaluated the cross-compilation impact.
config = configAttrs // {
"CONFIG_RUST" = "n";
};
}
// (args.argsOverride or { })
).overrideAttrs
(
old:
if withRust then
{
nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [
rust-bindgen
rustfmt
rustc
removeReferencesTo
];
# HACK: references shouldn't have been there in the first place
# TODO: remove once 23.05 is obsolete
postFixup =
(old.postFixup or "")
+ ''
if [ -f $dev/lib/modules/${old.version}/build/vmlinux ]; then
remove-references-to -t $out $dev/lib/modules/${old.version}/build/vmlinux
fi
remove-references-to -t $dev $out/Image
'';
RUST_LIB_SRC = rustPlatform.rustLibSrc;
}
else
{ }
);
linux-asahi = (callPackage linux-asahi-pkg { });
in lib.recurseIntoAttrs (linuxPackagesFor linux-asahi)
in
lib.recurseIntoAttrs (linuxPackagesFor linux-asahi)

110
hosts/mac-nixos/apple-silicon-support/packages/m1n1/default.nix
View File

@@ -1,29 +1,33 @@
{ stdenv
, buildPackages
, lib
, fetchFromGitHub
, python3
, dtc
, imagemagick
, isRelease ? false
, withTools ? true
, withChainloading ? false
, rust-bin ? null
, customLogo ? null
{
stdenv,
buildPackages,
lib,
fetchFromGitHub,
python3,
dtc,
imagemagick,
isRelease ? false,
withTools ? true,
withChainloading ? false,
rust-bin ? null,
customLogo ? null,
}:
assert withChainloading -> rust-bin != null;
let
pyenv = python3.withPackages (p: with p; [
construct
pyserial
]);
pyenv = python3.withPackages (
p: with p; [
construct
pyserial
]
);
rustenv = rust-bin.selectLatestNightlyWith (toolchain: toolchain.minimal.override {
targets = [ "aarch64-unknown-none-softfloat" ];
});
in stdenv.mkDerivation rec {
rustenv = rust-bin.selectLatestNightlyWith (
toolchain: toolchain.minimal.override { targets = [ "aarch64-unknown-none-softfloat" ]; }
);
in
stdenv.mkDerivation rec {
pname = "m1n1";
version = "1.4.11";
@@ -36,15 +40,14 @@ in stdenv.mkDerivation rec {
fetchSubmodules = true;
};
makeFlags = [ "ARCH=${stdenv.cc.targetPrefix}" ]
++ lib.optional isRelease "RELEASE=1"
++ lib.optional withChainloading "CHAINLOADING=1";
makeFlags = [
"ARCH=${stdenv.cc.targetPrefix}"
] ++ lib.optional isRelease "RELEASE=1" ++ lib.optional withChainloading "CHAINLOADING=1";
nativeBuildInputs = [
dtc
buildPackages.gcc
] ++ lib.optional withChainloading rustenv
++ lib.optional (customLogo != null) imagemagick;
] ++ lib.optional withChainloading rustenv ++ lib.optional (customLogo != null) imagemagick;
postPatch = ''
substituteInPlace proxyclient/m1n1/asm.py \
@@ -67,35 +70,38 @@ in stdenv.mkDerivation rec {
popd &>/dev/null
'';
installPhase = ''
runHook preInstall
installPhase =
''
runHook preInstall
mkdir -p $out/build
cp build/m1n1.bin $out/build
'' + (lib.optionalString withTools ''
mkdir -p $out/{bin,script,toolchain-bin}
cp -r proxyclient $out/script
cp -r tools $out/script
mkdir -p $out/build
cp build/m1n1.bin $out/build
''
+ (lib.optionalString withTools ''
mkdir -p $out/{bin,script,toolchain-bin}
cp -r proxyclient $out/script
cp -r tools $out/script
for toolpath in $out/script/proxyclient/tools/*.py; do
tool=$(basename $toolpath .py)
script=$out/bin/m1n1-$tool
cat > $script <<EOF
#!/bin/sh
${pyenv}/bin/python $toolpath "\$@"
EOF
chmod +x $script
done
for toolpath in $out/script/proxyclient/tools/*.py; do
tool=$(basename $toolpath .py)
script=$out/bin/m1n1-$tool
cat > $script <<EOF
#!/bin/sh
${pyenv}/bin/python $toolpath "\$@"
EOF
chmod +x $script
done
GCC=${buildPackages.gcc}
BINUTILS=${buildPackages.binutils-unwrapped}
GCC=${buildPackages.gcc}
BINUTILS=${buildPackages.binutils-unwrapped}
ln -s $GCC/bin/${stdenv.cc.targetPrefix}gcc $out/toolchain-bin/
ln -s $GCC/bin/${stdenv.cc.targetPrefix}ld $out/toolchain-bin/
ln -s $BINUTILS/bin/${stdenv.cc.targetPrefix}objcopy $out/toolchain-bin/
ln -s $BINUTILS/bin/${stdenv.cc.targetPrefix}objdump $out/toolchain-bin/
ln -s $GCC/bin/${stdenv.cc.targetPrefix}nm $out/toolchain-bin/
'') + ''
runHook postInstall
'';
ln -s $GCC/bin/${stdenv.cc.targetPrefix}gcc $out/toolchain-bin/
ln -s $GCC/bin/${stdenv.cc.targetPrefix}ld $out/toolchain-bin/
ln -s $BINUTILS/bin/${stdenv.cc.targetPrefix}objcopy $out/toolchain-bin/
ln -s $BINUTILS/bin/${stdenv.cc.targetPrefix}objdump $out/toolchain-bin/
ln -s $GCC/bin/${stdenv.cc.targetPrefix}nm $out/toolchain-bin/
'')
+ ''
runHook postInstall
'';
}

87
hosts/mac-nixos/apple-silicon-support/packages/mesa-asahi-edge/default.nix
View File

@@ -1,49 +1,56 @@
{ lib
, fetchFromGitLab
, mesa
, meson
, llvmPackages
{
lib,
fetchFromGitLab,
mesa,
meson,
llvmPackages,
}:
(mesa.override {
galliumDrivers = [ "swrast" "asahi" ];
galliumDrivers = [
"swrast"
"asahi"
];
vulkanDrivers = [ "swrast" ];
enableGalliumNine = false;
# libclc and other OpenCL components are needed for geometry shader support on Apple Silicon
enableOpenCL = true;
}).overrideAttrs (oldAttrs: {
# version must be the same length (i.e. no unstable or date)
# so that system.replaceRuntimeDependencies can work
version = "24.1.0";
src = fetchFromGitLab {
# tracking: https://pagure.io/fedora-asahi/mesa/commits/asahi
domain = "gitlab.freedesktop.org";
owner = "asahi";
repo = "mesa";
rev = "asahi-20240228";
hash = "sha256-wOFJyYfoN6yxE9HaHXLP/0MhjyRvmlb+jPPUke0sbbE=";
};
}).overrideAttrs
(oldAttrs: {
# version must be the same length (i.e. no unstable or date)
# so that system.replaceRuntimeDependencies can work
version = "24.1.0";
src = fetchFromGitLab {
# tracking: https://pagure.io/fedora-asahi/mesa/commits/asahi
domain = "gitlab.freedesktop.org";
owner = "asahi";
repo = "mesa";
rev = "asahi-20240228";
hash = "sha256-wOFJyYfoN6yxE9HaHXLP/0MhjyRvmlb+jPPUke0sbbE=";
};
mesonFlags =
# remove flag to configure xvmc functionality as having it
# breaks the build because that no longer exists in Mesa 23
(lib.filter (x: !(lib.hasPrefix "-Dxvmc-libs-path=" x)) oldAttrs.mesonFlags) ++ [
# we do not build any graphics drivers these features can be enabled for
"-Dgallium-va=disabled"
"-Dgallium-vdpau=disabled"
"-Dgallium-xa=disabled"
# does not make any sense
"-Dandroid-libbacktrace=disabled"
# do not want to add the dependencies
"-Dlibunwind=disabled"
"-Dlmsensors=disabled"
] ++ ( # does not compile on nixpkgs stable, doesn't seem mandatory
lib.optional (lib.versionOlder meson.version "1.3.1")
"-Dgallium-rusticl=false");
mesonFlags =
# remove flag to configure xvmc functionality as having it
# breaks the build because that no longer exists in Mesa 23
(lib.filter (x: !(lib.hasPrefix "-Dxvmc-libs-path=" x)) oldAttrs.mesonFlags)
++ [
# we do not build any graphics drivers these features can be enabled for
"-Dgallium-va=disabled"
"-Dgallium-vdpau=disabled"
"-Dgallium-xa=disabled"
# does not make any sense
"-Dandroid-libbacktrace=disabled"
# do not want to add the dependencies
"-Dlibunwind=disabled"
"-Dlmsensors=disabled"
]
++
# does not compile on nixpkgs stable, doesn't seem mandatory
(lib.optional (lib.versionOlder meson.version "1.3.1") "-Dgallium-rusticl=false");
# replace patches with ones tweaked slightly to apply to this version
patches = [
./disk_cache-include-dri-driver-path-in-cache-key.patch
./opencl.patch
];
})
# replace patches with ones tweaked slightly to apply to this version
patches = [
./disk_cache-include-dri-driver-path-in-cache-key.patch
./opencl.patch
];
})

13
hosts/mac-nixos/apple-silicon-support/packages/speakersafetyd/default.nix
View File

@@ -1,9 +1,10 @@
{ rustPlatform
, stdenv
, rust
, fetchCrate
, pkg-config
, alsa-lib
{
rustPlatform,
stdenv,
rust,
fetchCrate,
pkg-config,
alsa-lib,
}:
rustPlatform.buildRustPackage rec {

33
hosts/mac-nixos/apple-silicon-support/packages/uboot-asahi/default.nix
View File

@@ -1,7 +1,8 @@
{ lib
, fetchFromGitHub
, buildUBoot
, m1n1
{
lib,
fetchFromGitHub,
buildUBoot,
m1n1,
}:
(buildUBoot rec {
@@ -27,17 +28,17 @@
CONFIG_VIDEO_FONT_SUN12X22=n
CONFIG_VIDEO_FONT_16X32=y
'';
}).overrideAttrs (o: {
# nixos's downstream patches are not applicable
patches = [
];
}).overrideAttrs
(o: {
# nixos's downstream patches are not applicable
patches = [ ];
# DTC= flag somehow breaks DTC compilation so we remove it
makeFlags = builtins.filter (s: (!(lib.strings.hasPrefix "DTC=" s))) o.makeFlags;
# DTC= flag somehow breaks DTC compilation so we remove it
makeFlags = builtins.filter (s: (!(lib.strings.hasPrefix "DTC=" s))) o.makeFlags;
preInstall = ''
# compress so that m1n1 knows U-Boot's size and can find things after it
gzip -n u-boot-nodtb.bin
cat ${m1n1}/build/m1n1.bin arch/arm/dts/t[68]*.dtb u-boot-nodtb.bin.gz > m1n1-u-boot.bin
'';
})
preInstall = ''
# compress so that m1n1 knows U-Boot's size and can find things after it
gzip -n u-boot-nodtb.bin
cat ${m1n1}/build/m1n1.bin arch/arm/dts/t[68]*.dtb u-boot-nodtb.bin.gz > m1n1-u-boot.bin
'';
})

21
hosts/mac-nixos/configuration.nix
View File

@@ -2,14 +2,19 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
../default.nix
];
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../default.nix
];
hardware.asahi.enable = true;
hardware.asahi.useExperimentalGPUDriver = true;
@@ -26,7 +31,7 @@
'';
networking.hostName = "mac-nixos"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
services = {
# Enable the X11 windowing system.
@@ -105,6 +110,4 @@
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
}

86
hosts/mac-nixos/hardware-configuration.nix
View File

@@ -1,62 +1,66 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "none";
fsType = "tmpfs";
};
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
};
fileSystems."/etc" =
{ device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=etc" ];
};
fileSystems."/etc" = {
device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=etc" ];
};
fileSystems."/nix" =
{ device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=nix" ];
};
fileSystems."/var/log" =
{ device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=log" ];
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=log" ];
};
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=home" ];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=home" ];
};
fileSystems."/root" =
{ device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=root" ];
};
fileSystems."/root" = {
device = "/dev/disk/by-uuid/19b99a76-0285-443a-a83c-a00a5fab54f5";
fsType = "btrfs";
options = [ "subvol=root" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/F4A1-C77F";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/F4A1-C77F";
fsType = "vfat";
};
# fileSystems."/boot" =
# { device = "/dev/disk/by-uuid/3aaa1d0e-057d-4b7d-b2fe-ef02db373e9f";
# fsType = "ext4";
# };
# fileSystems."/boot" =
# { device = "/dev/disk/by-uuid/3aaa1d0e-057d-4b7d-b2fe-ef02db373e9f";
# fsType = "ext4";
# };
swapDevices = [ ];

4
hosts/mac-nixos/home.nix
View File

@@ -38,7 +38,7 @@
gnome.gnome-tweaks
papirus-icon-theme
];
dconf = {
enable = true;
settings = {
@@ -50,7 +50,7 @@
"org/gnome/desktop/interface".icon-theme = "Papirus-Dark";
"org/gnome/desktop/peripherals/touchpad".two-finger-scrolling-enabled = true;
"org/gnome/desktop/peripherals/touchpad".tap-to-click = true;
"org/gnome/mutter".experimental-features = ["scale-monitor-framebuffer"];
"org/gnome/mutter".experimental-features = [ "scale-monitor-framebuffer" ];
"org/gnome/tweaks".show-extensions-notice = false;
"org/gnome/shell".enabled-extensions = [
"appindicatorsupport@rgcjonas.gmail.com"

47
hosts/mac/configuration.nix
View File

@@ -4,34 +4,32 @@
# List packages installed in system profile. To search by name, run:
# $ nix-env -qaP | grep wget
environment.systemPackages =
[
pkgs.vim
pkgs.asitop
];
environment.systemPackages = [
pkgs.vim
pkgs.asitop
];
# Homebrew
homebrew.enable = true;
homebrew.casks =
[
"spotify"
"protonvpn"
"firefox"
"discord"
"vmware-horizon-client"
"tg-pro"
"steam"
"orcaslicer"
"vscodium"
"epic-games"
"wine-stable"
homebrew.casks = [
"spotify"
"protonvpn"
"firefox"
"discord"
"vmware-horizon-client"
"tg-pro"
"steam"
"orcaslicer"
"vscodium"
"epic-games"
"wine-stable"
];
homebrew.masApps = {
# Tailscale = 1475387142;
# Infuse = 1136220934;
# Tailscale = 1475387142;
# Infuse = 1136220934;
Amphetamine = 937984704;
# LunaTask = 1583719331;
# LunaTask = 1583719331;
};
homebrew.global.autoUpdate = true;
@@ -42,7 +40,6 @@
system.defaults.NSGlobalDomain."com.apple.keyboard.fnState" = false;
security.pam.enableSudoTouchIdAuth = true;
# Auto upgrade nix package and the daemon service.
services.nix-daemon.enable = true;
# nix.package = pkgs.nix;
@@ -65,7 +62,7 @@
nixpkgs.hostPlatform = "aarch64-darwin";
users.users.mattjallen = {
name = "mattjallen";
home = "/Users/mattjallen";
name = "mattjallen";
home = "/Users/mattjallen";
};
}
}

15
hosts/mac/home.nix
View File

@@ -1,4 +1,9 @@
{ config, pkgs, inputs, ... }:
{
config,
pkgs,
inputs,
...
}:
{
imports = [ ./trampoline-apps ];
@@ -17,8 +22,8 @@
# changes in each release.
home.stateVersion = "23.11";
programs= {
# Let Home Manager install and manage itself.
programs = {
# Let Home Manager install and manage itself.
home-manager = {
enable = true;
};
@@ -47,5 +52,5 @@
};
# Manage bug in compilations - who uses manpages in 2024 anyways? :P
manual.manpages.enable = false;
}
manual.manpages.enable = false;
}

7
hosts/mac/trampoline-apps/default.nix
View File

@@ -6,7 +6,8 @@
pkgs,
...
}:
with lib; {
with lib;
{
config = mkIf pkgs.stdenv.hostPlatform.isDarwin {
# Install MacOS applications to the user Applications folder. Also update Docked applications
home.extraActivationPath = with pkgs; [
@@ -14,11 +15,11 @@ with lib; {
dockutil
gawk
];
home.activation.trampolineApps = hm.dag.entryAfter ["writeBoundary"] ''
home.activation.trampolineApps = hm.dag.entryAfter [ "writeBoundary" ] ''
${builtins.readFile ./lib-bash/trampoline-apps.sh}
fromDir="$HOME/Applications/Home Manager Apps"
toDir="$HOME/Applications/Home Manager Trampolines"
sync_trampolines "$fromDir" "$toDir"
'';
};
}
}

128
hosts/nas/configuration.nix
View File

@@ -2,18 +2,31 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ inputs, outputs, config, lib, pkgs, ... }:
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
let
user = "admin";
password =
"$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "jallen-nas";
allowedPorts = [ 2342 3493 61208 9090 ];
allowedPorts = [
2342
3493
61208
9090
];
enableDisplayManager = false;
# adding a flag cause nixos cant figure itself out and broke shit that cant be fixed
enableUps = true;
in {
imports = [ # Include the results of the hardware scan.
in
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../default.nix
];
@@ -60,10 +73,10 @@ in {
httpsPort = "9443";
};
# ollama.enable = true;
# ollama.enable = true;
open-webui.enable = true;
# open-webui.port = "3000";
# open-webui.port = "3000";
orca-slicer.enable = true;
@@ -138,7 +151,10 @@ in {
# Override kernel to latest
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
kernelParams = [ "nohibernate" "amd_pstate=active" ];
kernelParams = [
"nohibernate"
"amd_pstate=active"
];
consoleLogLevel = 3;
bootspec.enable = true;
@@ -186,7 +202,8 @@ in {
userServices = true;
workstation = true;
};
extraServiceFiles = { # TODO is this needed?
extraServiceFiles = {
# TODO is this needed?
smb = ''
<?xml version="1.0" standalone='no'?><!--*-nxml-*-->
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
@@ -204,7 +221,7 @@ in {
apcupsd = {
enable = true;
};
grafana = {
enable = true;
settings.server = {
@@ -222,7 +239,10 @@ in {
exporters = {
node = {
enable = true;
enabledCollectors = [ "diskstats" "systemd" ];
enabledCollectors = [
"diskstats"
"systemd"
];
port = 9002;
};
smartctl = {
@@ -244,23 +264,28 @@ in {
};
};
scrapeConfigs = [{
job_name = hostname;
static_configs = [{
targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
"127.0.0.1:${
toString config.services.prometheus.exporters.smartctl.port
}"
scrapeConfigs = [
{
job_name = hostname;
static_configs = [
{
targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
"127.0.0.1:${toString config.services.prometheus.exporters.smartctl.port}"
];
}
];
}];
}];
}
];
};
};
systemd.services = {
nas-mounts = {
path = [ pkgs.zfs pkgs.bash ];
path = [
pkgs.zfs
pkgs.bash
];
script = ''
if test -d /mnt/ssd/ssd_app_data; then
echo "NAS ZFS Pools Mounted."
@@ -277,7 +302,10 @@ in {
};
glances-server = {
path = [ pkgs.bash pkgs.glances ];
path = [
pkgs.bash
pkgs.glances
];
script = ''
#!/user/bin/env bash
glances -w
@@ -298,8 +326,7 @@ in {
firewall = {
enable = true;
allowPing = true;
extraCommands =
"iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
allowedTCPPorts = allowedPorts;
allowedUDPPorts = allowedPorts;
};
@@ -307,9 +334,9 @@ in {
# Configure environment
environment = {
# etc."nut/upsd.conf".source = ./upsd.conf;
# etc."nut/upsd.users".source = ./upsd.users;
# etc."nut/upsmon.conf".source = ./upsmon.conf;
# etc."nut/upsd.conf".source = ./upsd.conf;
# etc."nut/upsd.users".source = ./upsd.users;
# etc."nut/upsmon.conf".source = ./upsmon.conf;
# List packages installed in system profile. To search, run:
# $ nix search wget
@@ -355,7 +382,7 @@ in {
virt-manager.enable = true;
nix-ld.enable = true;
};
power.ups.ups = {
enable = enableUps;
mode = "netserver";
@@ -370,7 +397,7 @@ in {
upsd = {
enable = true;
listen = {
address = 0.0.0.0;
address = 0.0 0.0 0.0;
port = 3493;
};
};
@@ -383,27 +410,25 @@ in {
};
# Add UPS monitoring service
# power.upsmon = {
# enable = true;
# # Configure UPS device
# device = "/dev/usb/hiddev1"; # Change this to your UPS device
# driver = "usbhid-ups"; # Change this if your UPS uses a different driver
# # Set UPS monitoring options
# options = {
# # NOTIFYCMD = "/path/to/notify-script.sh"; # Path to your notification script
# POLLFREQ = 5;
# POLLFREQALERT = 5;
# HOSTSYNC = "on";
# DEADTIME = 15;
# FINALDELAY = 5;
# };
# };
# power.upsmon = {
# enable = true;
# # Configure UPS device
# device = "/dev/usb/hiddev1"; # Change this to your UPS device
# driver = "usbhid-ups"; # Change this if your UPS uses a different driver
# # Set UPS monitoring options
# options = {
# # NOTIFYCMD = "/path/to/notify-script.sh"; # Path to your notification script
# POLLFREQ = 5;
# POLLFREQALERT = 5;
# HOSTSYNC = "on";
# DEADTIME = 15;
# FINALDELAY = 5;
# };
# };
# Configure nixpkgs
nixpkgs = {
overlays = [
outputs.overlays.nixpkgs-unstable
];
overlays = [ outputs.overlays.nixpkgs-unstable ];
config = {
# Enable non free
@@ -462,11 +487,11 @@ in {
isSystemUser = true;
uid = 911;
group = "jallen-nas";
extraGroups = [
extraGroups = [
"jallen-nas"
"docker"
"podman"
]; # Enable sudo for the user.
]; # Enable sudo for the user.
hashedPassword = password;
};
@@ -508,5 +533,4 @@ in {
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}

59
hosts/nas/hardware-configuration.nix
View File

@@ -1,13 +1,25 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules =
[ "nvme" "mpt3sas" "xhci_pci" "ahci" "uas" "sd_mod" ];
boot.initrd.availableKernelModules = [
"nvme"
"mpt3sas"
"xhci_pci"
"ahci"
"uas"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
@@ -15,7 +27,11 @@
fileSystems."/" = {
device = "none";
fsType = "tmpfs";
options = [ "defaults" "size=32G" "mode=755" ];
options = [
"defaults"
"size=32G"
"mode=755"
];
};
fileSystems."/boot" = {
@@ -26,35 +42,53 @@
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/85e2fa30-816f-4457-80a1-9f88b9ab77b3";
fsType = "btrfs";
options = [ "subvol=nix" "compress-force=zstd" "noatime" ];
options = [
"subvol=nix"
"compress-force=zstd"
"noatime"
];
};
fileSystems."/etc" = {
device = "/dev/disk/by-uuid/85e2fa30-816f-4457-80a1-9f88b9ab77b3";
fsType = "btrfs";
options = [ "subvol=etc" "compress-force=zstd" "noatime" ];
options = [
"subvol=etc"
"compress-force=zstd"
"noatime"
];
};
fileSystems."/root" = {
device = "/dev/disk/by-uuid/85e2fa30-816f-4457-80a1-9f88b9ab77b3";
fsType = "btrfs";
options = [ "subvol=root" "compress-force=zstd" "noatime" ];
options = [
"subvol=root"
"compress-force=zstd"
"noatime"
];
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/85e2fa30-816f-4457-80a1-9f88b9ab77b3";
fsType = "btrfs";
options = [ "subvol=log" "compress-force=zstd" "noatime" ];
options = [
"subvol=log"
"compress-force=zstd"
"noatime"
];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/85e2fa30-816f-4457-80a1-9f88b9ab77b3";
fsType = "btrfs";
options = [ "subvol=home" "compress-force=zstd" ];
options = [
"subvol=home"
"compress-force=zstd"
];
};
swapDevices =
[{ device = "/dev/disk/by-uuid/c08ba901-a8a9-4006-9688-002bb24da1b6"; }];
swapDevices = [ { device = "/dev/disk/by-uuid/c08ba901-a8a9-4006-9688-002bb24da1b6"; } ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@@ -76,6 +110,5 @@
# networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

41
hosts/pi4/configuration.nix
View File

@@ -2,29 +2,42 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
user = "matt";
password =
"$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
SSID = "Joeys Jungle";
SSIDpassword = "kR8v&3Qd";
interface = "wlan0";
timezone = "America/Chicago";
hostname = "nixos-pi4";
in {
imports = [ # Include the results of the hardware scan.
in
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
./docker-pi4.nix
];
# Enable nix flakes and nix-command tools
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_rpi4;
initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" ];
initrd.availableKernelModules = [
"xhci_pci"
"usbhid"
"usb_storage"
];
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
@@ -43,7 +56,12 @@ in {
};
};
environment.systemPackages = with pkgs; [ vim raspberrypi-eeprom htop git ];
environment.systemPackages = with pkgs; [
vim
raspberrypi-eeprom
htop
git
];
services.openssh.enable = true;
@@ -52,7 +70,10 @@ in {
users."${user}" = {
isNormalUser = true;
initialHashedPassword = password;
extraGroups = [ "wheel" "docker" ];
extraGroups = [
"wheel"
"docker"
];
};
};
@@ -76,6 +97,4 @@ in {
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
}

10
hosts/pi4/docker-pi4.nix
View File

@@ -6,7 +6,10 @@
virtualisation.oci-containers.containers."portainer" = {
autoStart = true;
image = "portainer/portainer-ce";
ports = [ "8000:8000" "9443:9443" ];
ports = [
"8000:8000"
"9443:9443"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"/media/T5/docker/config/portainer:/data"
@@ -25,7 +28,8 @@
"/media/T5/tv:/tv"
];
ports = [ "8096:8096" ];
environment = { JELLYFIN_LOG_DIR = "/log"; };
environment = {
JELLYFIN_LOG_DIR = "/log";
};
};
}

11
hosts/pi4/hardware-configuration.nix
View File

@@ -1,7 +1,13 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
@@ -26,8 +32,7 @@
fsType = "vfat";
};
swapDevices =
[{ device = "/dev/disk/by-uuid/d9909ef7-c345-48f7-b210-ad7cbe72224b"; }];
swapDevices = [ { device = "/dev/disk/by-uuid/d9909ef7-c345-48f7-b210-ad7cbe72224b"; } ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

13
modules/apps/collabora/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.collabora;
in {
let
cfg = config.nas-apps.collabora;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

4
modules/apps/collabora/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.collabora = {
enable = mkEnableOption "collabora docker service";
@@ -37,6 +38,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

18
modules/apps/deluge/default.nix
View File

@@ -1,13 +1,23 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.deluge;
in {
let
cfg = config.nas-apps.deluge;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
systemd.services.deluge-docker = {
path = [ pkgs.bash pkgs.docker ];
path = [
pkgs.bash
pkgs.docker
];
script = ''
set -e
exec docker run \

4
modules/apps/deluge/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.deluge = {
enable = mkEnableOption "deluge docker service";
@@ -47,6 +48,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

13
modules/apps/discover-wrapped/default.nix
View File

@@ -1,8 +1,13 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
with lib;
let
let
cfg = config.apps.discover-wrapped;
# discover-wrapper is needed as of 1/24/24 since PackageKit does not work correctly so this removes error messages.
discover-wrapped = pkgs.symlinkJoin {
name = "discover-flatpak-backend";
@@ -15,7 +20,7 @@ let
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
# Configure environment
environment.systemPackages = [ discover-wrapped ];

3
modules/apps/discover-wrapped/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.apps.discover-wrapped = {
enable = mkEnableOption "enable discover with flatpak";
};

15
modules/apps/homarr/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.homarr;
in {
let
cfg = config.nas-apps.homarr;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
@@ -15,7 +22,7 @@ in {
"${cfg.configPath}/data:/data"
"/var/run/docker.sock:/var/run/docker.sock"
"/var/run/podman/podman.sock:/var/run/podman.sock"
];
];
environment = {
# PUID = cfg.puid;
# PGID = cfg.pgid;

3
modules/apps/homarr/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.homarr = {
enable = mkEnableOption "homarr docker service";

15
modules/apps/homepage/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.homepage;
in {
let
cfg = config.nas-apps.homepage;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
@@ -13,7 +20,7 @@ in {
"${cfg.configPath}:/app/config"
"/var/run/docker.sock:/var/run/docker.sock"
"/var/run/podman/podman.sock:/var/run/podman.sock"
];
];
environment = {
# PUID = cfg.puid;
# PGID = cfg.pgid;

3
modules/apps/homepage/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.homepage = {
enable = mkEnableOption "homepage docker service";

13
modules/apps/jackett/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.jackett;
in {
let
cfg = config.nas-apps.jackett;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

3
modules/apps/jackett/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.jackett = {
enable = mkEnableOption "jackett docker service";

75
modules/apps/jellyfin/default.nix
View File

@@ -1,54 +1,35 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.jellyfin;
in {
let
cfg = config.nas-apps.jellyfin;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
# systemd.services.jellyfin-nvidia-docker = {
# path = [ pkgs.bash pkgs.docker ];
# script = ''
# set -e
# exec sudo docker run \
# --rm \
# --gpus all \
# --runtime=nvidia \
# --name=${cfg.name} \
# -e PUID=${cfg.puid} \
# -e PGID=${cfg.pgid} \
# -e TZ=${cfg.timeZone} \
# -e 'NVIDIA_DRIVER_CAPABILITIES'='all' \
# -e 'NVIDIA_VISIBLE_DEVICES'='all' \
# -p ${cfg.port}:8096 \
# -v '${cfg.configPath}:/config' \
# -v '${cfg.moviesPath}:/data/movies' \
# -v '${cfg.tvPath}:/data/tv' \
# ${cfg.image}:latest
# '';
# wantedBy = [ "multi-user.target" ];
# };
# };
# }
# nix-docker
virtualisation.oci-containers.containers.${cfg.name} = {
autoStart = true;
image = cfg.image;
extraOptions = [ "--device=nvidia.com/gpu=0" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/data/movies"
"${cfg.tvPath}:/data/tv"
];
ports = [ "${cfg.port}:8096" ];
environment = {
NVIDIA_VISIBLE_DEVICES = "all";
NVIDIA_DRIVER_CAPABILITIES = "all";
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
virtualisation.oci-containers.containers.${cfg.name} = {
autoStart = true;
image = cfg.image;
extraOptions = [ "--device=nvidia.com/gpu=0" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/data/movies"
"${cfg.tvPath}:/data/tv"
];
ports = [ "${cfg.port}:8096" ];
environment = {
NVIDIA_VISIBLE_DEVICES = "all";
NVIDIA_DRIVER_CAPABILITIES = "all";
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
};
}

4
modules/apps/jellyfin/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.jellyfin = {
enable = mkEnableOption "jellyfin docker service";
@@ -52,6 +53,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

13
modules/apps/jellyseerr/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.jellyseerr;
in {
let
cfg = config.nas-apps.jellyseerr;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

4
modules/apps/jellyseerr/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.jellyseerr = {
enable = mkEnableOption "jellyseerr docker service";
@@ -42,6 +43,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

13
modules/apps/mariadb/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.mariadb;
in {
let
cfg = config.nas-apps.mariadb;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

3
modules/apps/mariadb/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.mariadb = {
enable = mkEnableOption "mariadb docker service";

23
modules/apps/nextcloud/default.nix
View File

@@ -1,15 +1,28 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.nextcloud;
in {
let
cfg = config.nas-apps.nextcloud;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.httpPort}:80" "${cfg.httpsPort}:443" ];
volumes = [ "${cfg.configPath}:/config" "${cfg.dataPath}:/data" ];
ports = [
"${cfg.httpPort}:80"
"${cfg.httpsPort}:443"
];
volumes = [
"${cfg.configPath}:/config"
"${cfg.dataPath}:/data"
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;

3
modules/apps/nextcloud/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.nextcloud = {
enable = mkEnableOption "nextcloud docker service";

18
modules/apps/ollama/default.nix
View File

@@ -1,13 +1,23 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.ollama;
in {
let
cfg = config.nas-apps.ollama;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
systemd.services.ollama-docker = {
path = [ pkgs.bash pkgs.docker ];
path = [
pkgs.bash
pkgs.docker
];
script = ''
set -e
exec docker run \

4
modules/apps/ollama/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.ollama = {
enable = mkEnableOption "ollama docker service";
@@ -42,6 +43,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

51
modules/apps/open-webui/default.nix
View File

@@ -1,33 +1,34 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.open-webui;
in {
let
cfg = config.nas-apps.open-webui;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
systemd.services.open-webui-docker = {
path = [ pkgs.bash pkgs.docker ];
script = ''
set -e
exec docker run \
--rm \
--gpus all \
--runtime=nvidia \
--name=${cfg.name} \
-e PUID=${cfg.puid} \
-e PGID=${cfg.pgid} \
-e TZ=${cfg.timeZone} \
-e 'NVIDIA_DRIVER_CAPABILITIES'='all' \
-e 'NVIDIA_VISIBLE_DEVICES'='all' \
-p ${cfg.port}:8080 \
-v '${cfg.configPath}:/app/backend/data' \
-v '/mnt/ssd/nix-app-data/ollama:/root/.ollama' \
${cfg.image}
'';
wantedBy = [ "multi-user.target" ];
virtualisation.oci-containers.containers.${cfg.name} = {
autoStart = true;
image = cfg.image;
extraOptions = [ "--device=nvidia.com/gpu=0" ];
volumes = [
"${cfg.configPath}:/app/backend/data"
"${cfg.ollamaPath}:/root/.ollama"
];
ports = [ "${cfg.port}:8080" ];
environment = {
NVIDIA_VISIBLE_DEVICES = "all";
NVIDIA_DRIVER_CAPABILITIES = "all";
PUID = cfg.puid;
PGID = cfg.pgid;
TZ = cfg.timeZone;
};
};
};
}
# --add-host=host.docker.internal:host-gateway \
# -e 'OLLAMA_BASE_URL'='http://10.0.1.18:11434' \

4
modules/apps/open-webui/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.open-webui = {
enable = mkEnableOption "open-webui docker service";
@@ -42,6 +43,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

18
modules/apps/orca-slicer/default.nix
View File

@@ -1,14 +1,24 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.orca-slicer;
in {
let
cfg = config.nas-apps.orca-slicer;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.httpPort}:3000" "${cfg.httpsPort}:3001" ];
ports = [
"${cfg.httpPort}:3000"
"${cfg.httpsPort}:3001"
];
volumes = [ "${cfg.configPath}:/config" ];
environment = {
PUID = cfg.puid;

3
modules/apps/orca-slicer/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.orca-slicer = {
enable = mkEnableOption "orca slicer docker service";

13
modules/apps/radarr/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.radarr;
in {
let
cfg = config.nas-apps.radarr;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

3
modules/apps/radarr/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.radarr = {
enable = mkEnableOption "radarr docker service";

13
modules/apps/sabnzbd/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.sabnzbd;
in {
let
cfg = config.nas-apps.sabnzbd;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

4
modules/apps/sabnzbd/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.sabnzbd = {
enable = mkEnableOption "sabnzbd docker service";
@@ -62,6 +63,5 @@ with lib; {
type = types.str;
default = "America/Chicago";
};
};
}

13
modules/apps/sonarr/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.sonarr;
in {
let
cfg = config.nas-apps.sonarr;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {

3
modules/apps/sonarr/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.sonarr = {
enable = mkEnableOption "sonarr docker service";

33
modules/apps/swag/default.nix
View File

@@ -1,20 +1,39 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.swag;
in {
let
cfg = config.nas-apps.swag;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
networking.firewall = {
allowedTCPPorts = [ cfg.httpPort cfg.httpsPort 81 ];
allowedUDPPorts = [ cfg.httpPort cfg.httpsPort 81 ];
allowedTCPPorts = [
cfg.httpPort
cfg.httpsPort
81
];
allowedUDPPorts = [
cfg.httpPort
cfg.httpsPort
81
];
};
virtualisation.oci-containers.containers."${cfg.name}" = {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${toString cfg.httpPort}:80" "${toString cfg.httpsPort}:443" "81:81" ];
ports = [
"${toString cfg.httpPort}:80"
"${toString cfg.httpsPort}:443"
"81:81"
];
volumes = [ "${cfg.configPath}:/config" ];
environment = {
PUID = cfg.puid;
@@ -24,7 +43,7 @@ in {
URL = cfg.url;
VALIDATION = cfg.validation;
SUBDOMAINS = cfg.subdomains;
DOCKER_MODS="linuxserver/mods:swag-dashboard";
DOCKER_MODS = "linuxserver/mods:swag-dashboard";
};
};
};

3
modules/apps/swag/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.swag = {
enable = mkEnableOption "swag docker service";

17
modules/apps/vscode/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-apps.vscode;
in {
let
cfg = config.nas-apps.vscode;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
@@ -9,11 +16,11 @@ in {
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:8443" ];
volumes = [
volumes = [
"${cfg.configPath}:/config"
"/mnt/ssd/ssd_app_data:/ssd_app_data"
"/home/admin/nix-config:/nix-config"
];
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;

3
modules/apps/vscode/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-apps.vscode = {
enable = mkEnableOption "vscode docker service";

3
modules/default.nix
View File

@@ -1,4 +1,5 @@
{ ... }: {
{ ... }:
{
imports = [
./samba
./apps/collabora

52
modules/samba/default.nix
View File

@@ -1,7 +1,14 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.nas-samba;
in {
let
cfg = config.nas-samba;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
@@ -39,24 +46,27 @@ in {
guest account = nobody
map to guest = bad user
'';
shares = let
make = name: share:
nameValuePair "${name}" {
path = share.sharePath;
public = if share.enableTimeMachine then "no" else "yes";
private = if !share.public || share.enableTimeMachine then "yes" else "no";
browseable = if share.browseable then "yes" else "no";
writable = "yes";
"read only" = if share.readOnly then "yes" else "no";
"guest ok" = if share.guestOk then "yes" else "no";
"create mask" = share.createMask;
"directory mask" = share.directoryMask;
"fruit:aapl" = if share.enableTimeMachine then "yes" else "no";
"fruit:time machine" = if share.enableTimeMachine then "yes" else "no";
"vfs objects" = "catia fruit streams_xattr";
"fruit:time machine max size" = share.timeMachineMaxSize;
};
in mapAttrs' make cfg.shares;
shares =
let
make =
name: share:
nameValuePair "${name}" {
path = share.sharePath;
public = if share.enableTimeMachine then "no" else "yes";
private = if !share.public || share.enableTimeMachine then "yes" else "no";
browseable = if share.browseable then "yes" else "no";
writable = "yes";
"read only" = if share.readOnly then "yes" else "no";
"guest ok" = if share.guestOk then "yes" else "no";
"create mask" = share.createMask;
"directory mask" = share.directoryMask;
"fruit:aapl" = if share.enableTimeMachine then "yes" else "no";
"fruit:time machine" = if share.enableTimeMachine then "yes" else "no";
"vfs objects" = "catia fruit streams_xattr";
"fruit:time machine max size" = share.timeMachineMaxSize;
};
in
mapAttrs' make cfg.shares;
};
};
}

83
modules/samba/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.nas-samba = {
enable = mkEnableOption "nas samba service";
@@ -21,46 +22,48 @@ with lib; {
};
shares = mkOption {
type = types.attrsOf (types.submodule {
options = {
public = mkOption {
type = types.bool;
default = false;
type = types.attrsOf (
types.submodule {
options = {
public = mkOption {
type = types.bool;
default = false;
};
sharePath = mkOption {
type = types.str;
default = "";
};
readOnly = mkOption {
type = types.bool;
default = false;
};
browseable = mkOption {
type = types.bool;
default = true;
};
guestOk = mkOption {
type = types.bool;
default = true;
};
createMask = mkOption {
type = types.str;
default = "0774";
};
directoryMask = mkOption {
type = types.str;
default = "0775";
};
enableTimeMachine = mkOption {
type = types.bool;
default = false;
};
timeMachineMaxSize = mkOption {
type = types.str;
default = "0K";
};
};
sharePath = mkOption {
type = types.str;
default = "";
};
readOnly = mkOption {
type = types.bool;
default = false;
};
browseable = mkOption {
type = types.bool;
default = true;
};
guestOk = mkOption {
type = types.bool;
default = true;
};
createMask = mkOption {
type = types.str;
default = "0774";
};
directoryMask = mkOption {
type = types.str;
default = "0775";
};
enableTimeMachine = mkOption {
type = types.bool;
default = false;
};
timeMachineMaxSize = mkOption {
type = types.str;
default = "0K";
};
};
});
}
);
default = { };
};
};

4
overlays/default.nix
View File

@@ -1,4 +1,5 @@
{inputs, ...}: {
{ inputs, ... }:
{
nixpkgs-unstable = final: _prev: {
unstable = import inputs.nixpkgs-unstable {
@@ -7,4 +8,3 @@
};
};
}

22
share/amd/default.nix
View File

@@ -1,13 +1,18 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.share.hardware.amd;
in {
let
cfg = config.share.hardware.amd;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
boot.kernelParams = [
(if cfg.enable then "amdgpu.ppfeaturemask=0xffffffff" else null)
];
boot.kernelParams = [ (if cfg.enable then "amdgpu.ppfeaturemask=0xffffffff" else null) ];
# Configure programs
programs.corectrl.enable = cfg.corectrl.enable;
@@ -47,7 +52,10 @@ in {
# nixpkg is broken so need to manually define
systemd.services.lactd = mkIf cfg.lact.enable {
description = "AMDGPU Control Daemon";
path = [ pkgs.bash pkgs.lact ];
path = [
pkgs.bash
pkgs.lact
];
script = ''
lact daemon
'';

3
share/amd/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.share.hardware.amd = {
enable = mkEnableOption "amd hardware config";

9
share/default.nix
View File

@@ -1 +1,8 @@
{ ... }: { imports = [ ./amd ./nvidia ./gaming ]; }
{ ... }:
{
imports = [
./amd
./nvidia
./gaming
];
}

41
share/gaming/default.nix
View File

@@ -1,19 +1,26 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.share.gaming;
in {
let
cfg = config.share.gaming;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
# Network option required using sysctl to let Ubisoft Connect work as of 7-12-2023
boot.kernel.sysctl."net.ipv4.tcp_mtu_probing" = 1;
# Configure programs
programs.steam = {
enable = true;
# Open ports in the firewall for Steam Remote Play
remotePlay.openFirewall = true;
# Open ports in the firewall for Source Dedicated Server
# Open ports in the firewall for Source Dedicated Server
dedicatedServer.openFirewall = true;
};
@@ -29,18 +36,18 @@ in {
# Configure nixpkgs
nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override {
extraPkgs = pkgs:
with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
extraPkgs =
pkgs: with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
];
};
};

3
share/gaming/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.share.gaming = {
enable = mkEnableOption "enable gaming stuffs";
};

23
share/impermanence/default.nix
View File

@@ -1,4 +1,13 @@
{ pkgs, lib, LT, config, utils, inputs, ... }@args: {
{
pkgs,
lib,
LT,
config,
utils,
inputs,
...
}@args:
{
# Set up impernance configuration for things like bluetooth
# In this configuration with /etc and /var/log being persistent, only directories outside of that need to be done here. See hardware configuration for all mountpoints.
@@ -17,9 +26,13 @@
mode = "u=rwx,g=rx,o=";
}
];
files = [{
file = "/etc/nix/id_rsa";
parentDirectory = { mode = "u=rwx,g=,o="; };
}];
files = [
{
file = "/etc/nix/id_rsa";
parentDirectory = {
mode = "u=rwx,g=,o=";
};
}
];
};
}

22
share/nvidia/default.nix
View File

@@ -1,17 +1,25 @@
{ lib, pkgs, config, ... }:
{
lib,
pkgs,
config,
...
}:
with lib;
let cfg = config.share.hardware.nvidia;
in {
let
cfg = config.share.hardware.nvidia;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
hardware = {
# Nvidia
nvidia = {
package = if cfg.enableBeta then
config.boot.kernelPackages.nvidiaPackages.beta
else
config.boot.kernelPackages.nvidiaPackages.latest;
package =
if cfg.enableBeta then
config.boot.kernelPackages.nvidiaPackages.beta
else
config.boot.kernelPackages.nvidiaPackages.latest;
# Modesetting is required.
modesetting.enable = true;

3
share/nvidia/options.nix
View File

@@ -1,5 +1,6 @@
{ lib, ... }:
with lib; {
with lib;
{
options.share.hardware.nvidia = {
enable = mkEnableOption "nvidia hardware config";