diff --git a/.gitignore b/.gitignore index 47a1e27..58ac354 100755 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ hosts/nas/*.conf hosts/nas/*.users result +*.raw .codegpt \ No newline at end of file diff --git a/flake.lock b/flake.lock index d4b3d7a..f41a663 100755 --- a/flake.lock +++ b/flake.lock @@ -35,16 +35,16 @@ "authentik-src": { "flake": false, "locked": { - "lastModified": 1744135136, - "narHash": "sha256-7wvoCRhLipX4qzrb/ctsozG565yckx+moxiF6vRo84I=", + "lastModified": 1745954192, + "narHash": "sha256-QuIgeu3CN6S44/zSiaj+iIkDz2494mb1MWvD3eYYkVE=", "owner": "goauthentik", "repo": "authentik", - "rev": "74eab55c615b156e4191ee98dc789e2d58c016f9", + "rev": "22412729e2379d645da2ac0c0270a0ac6147945e", "type": "github" }, "original": { "owner": "goauthentik", - "ref": "version/2025.2.4", + "ref": "version/2025.4.0", "repo": "authentik", "type": "github" } @@ -332,11 +332,11 @@ "flake-compat_3": { "flake": false, "locked": { - "lastModified": 1717312683, - "narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", + "lastModified": 1746162366, + "narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=", "owner": "nix-community", "repo": "flake-compat", - "rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", + "rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b", "type": "github" }, "original": { @@ -656,7 +656,7 @@ }, "jovian_2": { "inputs": { - "nix-github-actions": "nix-github-actions_3", + "nix-github-actions": "nix-github-actions_2", "nixpkgs": [ "steamdeck-chaotic", "nixpkgs" @@ -712,15 +712,17 @@ "nixpkgs": [ "nas-nixpkgs" ], - "poetry2nix": "poetry2nix", - "systems": "systems" + "pyproject-build-systems": "pyproject-build-systems", + "pyproject-nix": "pyproject-nix", + "systems": "systems", + "uv2nix": "uv2nix" }, "locked": { - "lastModified": 1744375272, - "narHash": "sha256-xvWbdTctLu5YWgcp+lNTh51GAY3vB2XEXUFKRMJUiCM=", + "lastModified": 1746874492, + "narHash": "sha256-Gm2Eb5KBxAL6y9WJj7phRMXNAZzVkKlm9Dky9WDZHtQ=", "owner": "nix-community", "repo": "authentik-nix", - "rev": "105b3b6c004ce00d1d3c7a88669bea4aadfd4580", + "rev": "2ef24fac993808a1a57f367ef58ac0f5254c3489", "type": "github" }, "original": { @@ -739,11 +741,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1746109800, - "narHash": "sha256-sjDpqdvbQaiA6OAsgLE4niz6hmmCpoUH0cl5zyfu6FI=", + "lastModified": 1747134561, + "narHash": "sha256-aMmu9e2uH7rLCuGn46EpjlRRA7ialRK1IZXu53UAR4s=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "9fe1aa7b6a1043003b38f36626dd29b52247d720", + "rev": "b5009fbd6ac6f1e550b00c9b8539548d7b678c01", "type": "github" }, "original": { @@ -780,11 +782,11 @@ ] }, "locked": { - "lastModified": 1746040799, - "narHash": "sha256-osgPX/SzIpkR50vev/rqoTEAVkEcOWXoQXmbzsaI4KU=", + "lastModified": 1747147271, + "narHash": "sha256-ORthkM8I3GpWDK/pjOSXPuxWjLJV2AwWERKQCsjPPAk=", "owner": "nix-community", "repo": "home-manager", - "rev": "5f217e5a319f6c186283b530f8c975e66c028433", + "rev": "df556f2a17b7b94148d0275c1a57fed20e62ad18", "type": "github" }, "original": { @@ -836,11 +838,11 @@ }, "nas-nixos-hardware": { "locked": { - "lastModified": 1745955289, - "narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -852,11 +854,11 @@ }, "nas-nixpkgs": { "locked": { - "lastModified": 1745930157, - "narHash": "sha256-y3h3NLnzRSiUkYpnfvnS669zWZLoqqI6NprtLQ+5dck=", + "lastModified": 1746904237, + "narHash": "sha256-3e+AVBczosP5dCLQmMoMEogM57gmZ2qrVSrmq9aResQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "46e634be05ce9dc6d4db8e664515ba10b78151ae", + "rev": "d89fc19e405cb2d55ce7cc114356846a0ee5e956", "type": "github" }, "original": { @@ -889,11 +891,11 @@ ] }, "locked": { - "lastModified": 1745310711, - "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=", + "lastModified": 1746485181, + "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c", + "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", "type": "github" }, "original": { @@ -946,28 +948,6 @@ } }, "nix-github-actions_2": { - "inputs": { - "nixpkgs": [ - "nas-authentik-nix", - "poetry2nix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729742964, - "narHash": "sha256-B4mzTcQ0FZHdpeWcpDYPERtyjJd/NIuaQ9+BV1h+MpA=", - "owner": "nix-community", - "repo": "nix-github-actions", - "rev": "e04df33f62cdcf93d73e9a04142464753a16db67", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "nix-github-actions", - "type": "github" - } - }, - "nix-github-actions_3": { "inputs": { "nixpkgs": [ "steamdeck-chaotic", @@ -990,7 +970,7 @@ "type": "github" } }, - "nix-github-actions_4": { + "nix-github-actions_3": { "inputs": { "nixpkgs": [ "steamdeck-jovian", @@ -1133,11 +1113,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1746055187, - "narHash": "sha256-3dqArYSMP9hM7Qpy5YWhnSjiqniSaT2uc5h2Po7tmg0=", + "lastModified": 1746957726, + "narHash": "sha256-k9ut1LSfHCr0AW82ttEQzXVCqmyWVA5+SHJkS5ID/Jo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e362ce63e16b9572d8c2297c04f7c19ab6725a5", + "rev": "a39ed32a651fdee6842ec930761e31d1f242cb94", "type": "github" }, "original": { @@ -1458,37 +1438,6 @@ "type": "github" } }, - "poetry2nix": { - "inputs": { - "flake-utils": [ - "nas-authentik-nix", - "flake-utils" - ], - "nix-github-actions": "nix-github-actions_2", - "nixpkgs": [ - "nas-authentik-nix", - "nixpkgs" - ], - "systems": [ - "nas-authentik-nix", - "systems" - ], - "treefmt-nix": "treefmt-nix" - }, - "locked": { - "lastModified": 1743690424, - "narHash": "sha256-cX98bUuKuihOaRp8dNV1Mq7u6/CQZWTPth2IJPATBXc=", - "owner": "nix-community", - "repo": "poetry2nix", - "rev": "ce2369db77f45688172384bbeb962bc6c2ea6f94", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "poetry2nix", - "type": "github" - } - }, "pre-commit-hooks-nix": { "inputs": { "flake-compat": [ @@ -1570,6 +1519,56 @@ "type": "github" } }, + "pyproject-build-systems": { + "inputs": { + "nixpkgs": [ + "nas-authentik-nix", + "nixpkgs" + ], + "pyproject-nix": [ + "nas-authentik-nix", + "pyproject-nix" + ], + "uv2nix": [ + "nas-authentik-nix", + "uv2nix" + ] + }, + "locked": { + "lastModified": 1744599653, + "narHash": "sha256-nysSwVVjG4hKoOjhjvE6U5lIKA8sEr1d1QzEfZsannU=", + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "rev": "7dba6dbc73120e15b558754c26024f6c93015dd7", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "build-system-pkgs", + "type": "github" + } + }, + "pyproject-nix": { + "inputs": { + "nixpkgs": [ + "nas-authentik-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1746146146, + "narHash": "sha256-60+mzI2lbgn+G8F5mz+cmkDvHFn4s5oqcOna1SzYy74=", + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "rev": "3e9623bdd86a3c545e82b7f97cfdba5f07232d9a", + "type": "github" + }, + "original": { + "owner": "pyproject-nix", + "repo": "pyproject.nix", + "type": "github" + } + }, "root": { "inputs": { "desktop-chaotic": "desktop-chaotic", @@ -1679,11 +1678,11 @@ ] }, "locked": { - "lastModified": 1746067100, - "narHash": "sha256-6JeEbboDvRjLwB9kzCnmWj+f+ZnMtKOe5c2F1VBpaTs=", + "lastModified": 1747103809, + "narHash": "sha256-a3Yk+CoFmNw7V8J/si/AM8WuI/qTxQhiJpuQ7HFl774=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "026e8fedefd6b167d92ed04b195c658d95ffc7a5", + "rev": "fe36c63649875f391949e8b2ec33949d0cd8aa95", "type": "github" }, "original": { @@ -1794,7 +1793,7 @@ }, "steamdeck-jovian": { "inputs": { - "nix-github-actions": "nix-github-actions_4", + "nix-github-actions": "nix-github-actions_3", "nixpkgs": [ "steamdeck-nixpkgs" ] @@ -1944,25 +1943,28 @@ "type": "github" } }, - "treefmt-nix": { + "uv2nix": { "inputs": { "nixpkgs": [ "nas-authentik-nix", - "poetry2nix", "nixpkgs" + ], + "pyproject-nix": [ + "nas-authentik-nix", + "pyproject-nix" ] }, "locked": { - "lastModified": 1730120726, - "narHash": "sha256-LqHYIxMrl/1p3/kvm2ir925tZ8DkI0KA10djk8wecSk=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "9ef337e492a5555d8e17a51c911ff1f02635be15", + "lastModified": 1746048139, + "narHash": "sha256-LdCLyiihLg6P2/mjzP0+W7RtraDSIaJJPTy6SCtW5Ag=", + "owner": "pyproject-nix", + "repo": "uv2nix", + "rev": "680e2f8e637bc79b84268949d2f2b2f5e5f1d81c", "type": "github" }, "original": { - "owner": "numtide", - "repo": "treefmt-nix", + "owner": "pyproject-nix", + "repo": "uv2nix", "type": "github" } } diff --git a/flake.nix b/flake.nix index 7c2e8c1..9c051e7 100755 --- a/flake.nix +++ b/flake.nix @@ -463,11 +463,26 @@ # pi4 "pi4" = pi4-nixpkgs.lib.nixosSystem { # specialArgs = inputs; + specialArgs = { + inherit inputs outputs; + }; system = "aarch64-linux"; modules = [ + pi4-disko.nixosModules.disko + ./share/disko/disko.nix + pi4-impermanence.nixosModules.impermanence pi4-sops-nix.nixosModules.sops ./hosts/pi4/configuration.nix + { + disko.imageBuilder = { + enableBinfmt = true; + pkgs = inputs.pi4-nixpkgs.legacyPackages.x86_64-linux; + kernelPackages = inputs.pi4-nixpkgs.legacyPackages.x86_64-linux.linuxPackages_latest; + }; + + nixpkgs.hostPlatform = "aarch64-linux"; + } #{ # # Hardware specific configuration, see section below for a more complete # # list of modules @@ -500,6 +515,8 @@ inherit inputs outputs; }; modules = [ + pi4-disko.nixosModules.disko + ./share/disko/disko.nix steamdeck-impermanence.nixosModules.impermanence steamdeck-lanzaboote.nixosModules.lanzaboote ./hosts/deck/configuration.nix diff --git a/hosts/deck/boot.nix b/hosts/deck/boot.nix index 0335241..f32cd65 100755 --- a/hosts/deck/boot.nix +++ b/hosts/deck/boot.nix @@ -13,7 +13,7 @@ in enable = true; configurationLimit = 5; extraInstallCommands = '' - ${pkgs.uutils-coreutils}/bin/echo "timeout 0 + ${pkgs.uutils-coreutils}/bin/uutils-echo "timeout 0 console-mode 1 default nixos-*" > /boot/loader/loader.conf ''; diff --git a/hosts/deck/configuration.nix b/hosts/deck/configuration.nix index ca11fd0..b388ec9 100755 --- a/hosts/deck/configuration.nix +++ b/hosts/deck/configuration.nix @@ -10,7 +10,7 @@ ../default.nix ./boot.nix ./jovian.nix - ./hardware-configuration.nix + # ./hardware-configuration.nix ]; nixpkgs.config.allowUnfree = true; @@ -110,7 +110,7 @@ ]; nix-index = { enable = true; - enableBashIntegration = true; + enableBashIntegration = false; enableZshIntegration = true; }; }; diff --git a/hosts/default.nix b/hosts/default.nix index 96ca891..2ea5f91 100755 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -156,6 +156,7 @@ in uutils-coreutils uutils-diffutils uutils-findutils + coreutils update-script nixd pinentry-curses diff --git a/hosts/nas/apps.nix b/hosts/nas/apps.nix index f24eac7..0c5594c 100755 --- a/hosts/nas/apps.nix +++ b/hosts/nas/apps.nix @@ -12,6 +12,7 @@ ./apps/lubelogger ./apps/nextcloud ./apps/ollama + ./apps/orca ./apps/paperless ./apps/traefik ./apps/wyoming @@ -23,6 +24,12 @@ manyfold.enable = true; + orca-slicer = { + enable = true; + httpPort = "3100"; + httpsPort = "3101"; + }; + tdarr.enable = true; }; } diff --git a/hosts/nas/apps/orca/default.nix b/hosts/nas/apps/orca/default.nix new file mode 100644 index 0000000..e6fc881 --- /dev/null +++ b/hosts/nas/apps/orca/default.nix @@ -0,0 +1,30 @@ +{ + lib, + pkgs, + config, + ... +}: +with lib; +let + cfg = config.nas-apps.orca-slicer; +in +{ + imports = [ ./options.nix ]; + + config = mkIf cfg.enable { + virtualisation.oci-containers.containers."${cfg.name}" = { + autoStart = cfg.autoStart; + image = cfg.image; + ports = [ + "${cfg.httpPort}:3000" + "${cfg.httpsPort}:3001" + ]; + volumes = [ "${cfg.configPath}:/config" ]; + environment = { + PUID = cfg.puid; + PGID = cfg.pgid; + TZ = cfg.timeZone; + }; + }; + }; +} diff --git a/hosts/nas/apps/orca/options.nix b/hosts/nas/apps/orca/options.nix new file mode 100644 index 0000000..02ac2a5 --- /dev/null +++ b/hosts/nas/apps/orca/options.nix @@ -0,0 +1,57 @@ +{ lib, ... }: +with lib; +{ + options.nas-apps.orca-slicer = { + enable = mkEnableOption "orca slicer docker service"; + + autoStart = mkOption { + type = types.bool; + default = true; + }; + + httpPort = mkOption { + type = types.str; + default = "3000"; + }; + + httpsPort = mkOption { + type = types.str; + default = "3001"; + }; + + name = mkOption { + type = types.str; + default = "orca-slicer"; + }; + + image = mkOption { + type = types.str; + default = "linuxserver/orcaslicer"; + }; + + configPath = mkOption { + type = types.str; + default = "/media/nas/ssd/ssd_app_data/orca-slicer"; + }; + + dataPath = mkOption { + type = types.str; + default = "/media/nas/main/3d_printer"; + }; + + puid = mkOption { + type = types.str; + default = "911"; + }; + + pgid = mkOption { + type = types.str; + default = "1000"; + }; + + timeZone = mkOption { + type = types.str; + default = "America/Chicago"; + }; + }; +} diff --git a/hosts/nas/configuration.nix b/hosts/nas/configuration.nix index 28d2a30..f1b5732 100755 --- a/hosts/nas/configuration.nix +++ b/hosts/nas/configuration.nix @@ -119,7 +119,7 @@ }; nix-index = { enable = true; - enableBashIntegration = true; + enableBashIntegration = false; enableZshIntegration = true; }; }; diff --git a/hosts/pi4/configuration.nix b/hosts/pi4/configuration.nix index 8c90f45..62af04b 100755 --- a/hosts/pi4/configuration.nix +++ b/hosts/pi4/configuration.nix @@ -13,7 +13,8 @@ in ./adguard.nix ./boot.nix ./impermanence.nix - ./hardware-configuration.nix + # ./hardware-configuration.nix + # ../../share/disko/default-hardware-config.nix ./networking.nix ./sops.nix ../default.nix diff --git a/share/disko/default-hardware-config.nix b/share/disko/default-hardware-config.nix new file mode 100644 index 0000000..1a4e5f1 --- /dev/null +++ b/share/disko/default-hardware-config.nix @@ -0,0 +1,53 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + fileSystems."/" = + { device = "none"; + fsType = "tmpfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-label/ESP"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + fileSystems."/nix" = + { device = "/dev/disk/by-label/btrfs-root"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress=zstd" "noatime" ]; + }; + + fileSystems."/etc" = + { device = "/dev/disk/by-label/btrfs-root"; + fsType = "btrfs"; + options = [ "subvol=etc" "compress=zstd" "noatime" ]; + }; + + fileSystems."/var/log" = + { device = "/dev/disk/by-label/btrfs-root"; + fsType = "btrfs"; + options = [ "subvol=log" "compress=zstd" "noatime" ]; + }; + + fileSystems."/root" = + { device = "/dev/disk/by-label/btrfs-root"; + fsType = "btrfs"; + options = [ "subvol=root" "compress=zstd" "noatime" ]; + }; + + fileSystems."/home" = + { device = "/dev/disk/by-label/btrfs-root"; + fsType = "btrfs"; + options = [ "subvol=home" "compress=zstd" ]; + }; + + swapDevices = [ ]; +} diff --git a/share/disko/disko.nix b/share/disko/disko.nix new file mode 100644 index 0000000..364fbc8 --- /dev/null +++ b/share/disko/disko.nix @@ -0,0 +1,87 @@ +{ ... }: +let + rootDisk = "/dev/nvme0n1"; +in +{ + disko.devices.disk.main.imageSize = "32G"; + disko.devices = { + nodev."/" = { + fsType = "tmpfs"; + mountOptions = [ + "mode=755" + "defaults" + "size=2G" + ]; + }; + # root disk setup + disk.main = { + type = "disk"; + device = rootDisk; + content = { + type = "gpt"; + # specify partitions + partitions = { + # /boot + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + end = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + + root = { + name = "btrfs-root"; + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; # Override existing partition + # Subvolumes must set a mountpoint in order to be mounted, + # unless their parent is mounted + subvolumes = { + "home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + "root" = { + mountOptions = [ + "compress=zstd" + "noatime" + ]; + mountpoint = "/root"; + }; + "nix" = { + mountOptions = [ + "compress=zstd" + "noatime" + ]; + mountpoint = "/nix"; + }; + "etc" = { + mountOptions = [ + "compress=zstd" + "noatime" + ]; + mountpoint = "/etc"; + }; + "log" = { + mountOptions = [ + "compress=zstd" + "noatime" + ]; + mountpoint = "/var/log"; + }; + }; + }; + }; + }; + }; + }; + }; +} \ No newline at end of file