diff --git a/containers/nginx/flake.nix b/containers/nginx/flake.nix index 47e9411..fffba84 100644 --- a/containers/nginx/flake.nix +++ b/containers/nginx/flake.nix @@ -2,7 +2,7 @@ description = "OpenTechLab Docker Example"; inputs = { - nixpkgs.url = github:NixOS/nixpkgs/nixos-24.05; + nixpkgs.url = github:NixOS/nixpkgs/nixos-24.11; }; outputs = { self, nixpkgs }: { diff --git a/containers/nginx/old.flake.nix.old b/containers/nginx/old.flake.nix.old new file mode 100644 index 0000000..47e9411 --- /dev/null +++ b/containers/nginx/old.flake.nix.old @@ -0,0 +1,68 @@ +{ + description = "OpenTechLab Docker Example"; + + inputs = { + nixpkgs.url = github:NixOS/nixpkgs/nixos-24.05; + }; + + outputs = { self, nixpkgs }: { + packages."x86_64-linux" = + let + pkgs = import nixpkgs { system = "x86_64-linux"; }; + in + rec { + dockerImage = + pkgs.dockerTools.buildLayeredImage (let + nginxPort = "80"; + nginxConf = pkgs.writeText "nginx.conf" '' + user nginx nginx; + daemon off; + events {} + http { + server { + listen ${nginxPort}; + location / { + root ${./html}; + } + } + } + ''; + + in rec { + name = "otl-nix-demo"; + tag = "latest"; + + contents = with pkgs; [ + # Set up users and groups + (writeTextDir "etc/shadow" '' + root:!x::::::: + nginx:!::::::: + '') + (writeTextDir "etc/passwd" '' + root:x:0:0::/root:${runtimeShell} + nginx:x:999:999::/home/nginx: + '') + (writeTextDir "etc/group" '' + root:x:0: + nginx:x:999: + '') + (writeTextDir "etc/gshadow" '' + root:x:: + nginx:x:: + '') + + # Workaround: create directories required by nginx + (writeTextDir "var/cache/nginx/.placeholder" "") + (writeTextDir "var/log/nginx/.placeholder" "") + ]; + + config = { + Cmd = [ "${pkgs.nginx}/bin/nginx" "-c" nginxConf ]; + ExposedPorts = { + "${nginxPort}/tcp" = { }; + }; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/go/konnect/flake.nix b/go/konnect/flake.nix new file mode 100644 index 0000000..c7a9a1c --- /dev/null +++ b/go/konnect/flake.nix @@ -0,0 +1,15 @@ +{ + description = "A very basic flake"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + }; + + outputs = { self, nixpkgs }: { + + packages.x86_64-linux.hello = nixpkgs.legacyPackages.x86_64-linux.hello; + + packages.x86_64-linux.default = self.packages.x86_64-linux.hello; + + }; +} diff --git a/go/konnect/readme.md b/go/konnect/readme.md new file mode 100644 index 0000000..e69de29 diff --git a/hp/hp1/Makefile b/hp/hp1/Makefile index f9a8c44..ed8a6dc 100644 --- a/hp/hp1/Makefile +++ b/hp/hp1/Makefile @@ -20,9 +20,15 @@ rebuild: #sudo cp ./*.nix /etc/nixos/ #sudo nix-channel --update #sudo nixos-rebuild switch - sudo nix flake update; #sudo nix-channel --update; sudo nixos-rebuild switch --flake . + sudo systemctl restart ffmpeg-stream + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . + +update: + sudo nix flake update; sync: rsync -av /home/das/nixos/hp/hp1/ hp1:/home/das/nixos/hp/hp1/ diff --git a/hp/hp1/configuration.nix b/hp/hp1/configuration.nix index fec849a..629c57c 100644 --- a/hp/hp1/configuration.nix +++ b/hp/hp1/configuration.nix @@ -33,6 +33,7 @@ #./k3s_node.nix ./systemd.services.ethtool-enp3s0f0.nix ./systemd.services.ethtool-enp3s0f1.nix + ./ffmpeg_systemd_service.nix ]; # https://nixos.wiki/wiki/Kubernetes#reset_to_a_clean_state @@ -41,17 +42,22 @@ # rm -rf /var/lib/kubernetes/ /var/lib/etcd/ /var/lib/cfssl/ /var/lib/kubelet/ /etc/kube-flannel/ /etc/kubernetes/ # Bootloader. - boot.loader.systemd-boot = { - enable = true; - #consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. - memtest86.enable = true; - }; + boot = { + loader.systemd-boot = { + enable = true; + #consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. + memtest86.enable = true; + }; - boot.loader.efi.canTouchEfiVariables = true; + loader.efi.canTouchEfiVariables = true; - # https://nixos.wiki/wiki/Linux_kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - #boot.kernelPackages = pkgs.linuxPackages_rpi4 + # https://nixos.wiki/wiki/AMD_GPU + initrd.kernelModules = [ "amdgpu" ]; + + # https://nixos.wiki/wiki/Linux_kernel + kernelPackages = pkgs.linuxPackages_latest; + #boot.kernelPackages = pkgs.linuxPackages_rpi4 + }; nix = { gc = { @@ -67,6 +73,20 @@ }; }; + # find /run/opengl-driver -name "libamfrt64.so.1" + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + amdvlk # AMD Vulkan driver, includes AMF runtime + #rocm-opencl-runtime # Optional: ROCm OpenCL support + #rocm-smi # AMD System Management Interface (for monitoring GPU) + # https://nixos.wiki/wiki/AMD_GPU#OpenCL + rocmPackages.clr.icd + ]; + }; + + services.xserver.videoDrivers = [ "amdgpu" ]; + # https://nixos.wiki/wiki/Networking # https://nlewo.github.io/nixos-manual-sphinx/configuration/ipv4-config.xml.html networking.hostName = "hp1"; @@ -95,7 +115,7 @@ users.users.das = { isNormalUser = true; description = "das"; - extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" ]; + extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" "video" ]; packages = with pkgs; [ ]; # https://nixos.wiki/wiki/SSH_public_key_authentication @@ -122,6 +142,9 @@ services.fstrim.enable = true; + # AMD GPU power management + #services.udev.packages = with pkgs; [ rocm-smi ]; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/hp/hp1/ffmpeg_systemd_service.nix b/hp/hp1/ffmpeg_systemd_service.nix new file mode 100644 index 0000000..bd7f0df --- /dev/null +++ b/hp/hp1/ffmpeg_systemd_service.nix @@ -0,0 +1,172 @@ +# +# nixos/hp/hp1/ffmpeg_systemd_service.nix +# +# systemctl --user restart ffmpeg-stream +# systemctl --user status ffmpeg-stream +# +# [das@hp1:~/nixos/hp/hp1]$ systemctl --user restart ffmpeg-stream + +# [das@hp1:~/nixos/hp/hp1]$ systemctl --user status ffmpeg-stream +# ● ffmpeg-stream.service +# Loaded: loaded (/home/das/.config/systemd/user/ffmpeg-stream.service; enabled; preset: ignored) +# Active: active (running) since Sun 2025-02-02 15:16:54 PST; 3min 41s ago +# Invocation: ac9c5b7820cd40fe85f95d610a184c46 +# Main PID: 394915 (ffmpeg) +# Tasks: 37 (limit: 37129) +# Memory: 230.4M (peak: 230.9M) +# CPU: 2min 13.669s +# CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ffmpeg-stream.service +# └─394915 /nix/store/hk1a30i7a4nhc16sc407z0fi1yxgfgjp-ffmpeg-7.1-bin/bin/ffmpeg -f lavfi -re -i testsrc2=rate=30:size=1920x1080 -codec:v libx264 -b:v 10240k -maxrate:v 10000k -bu> + +# [das@hp1:~/nixos/hp/hp1]$ journalctl --user -u ffmpeg-stream -f +# Feb 02 15:16:54 hp1 ffmpeg[394915]: [libx264 @ 0x352394c0] using cpu capabilities: MMX2 SSE2Fast SSSE3 SSE4.2 AVX FMA3 BMI2 AVX2 +# Feb 02 15:16:54 hp1 ffmpeg[394915]: [libx264 @ 0x352394c0] profile Constrained Baseline, level 4.0, 4:2:0, 8-bit +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Output #0, mpegts, to 'udp://239.0.0.1:6000?ttl=4&pkt_size=1326&localddr=172.16.40.142': +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Metadata: +# Feb 02 15:16:54 hp1 ffmpeg[394915]: encoder : Lavf61.7.100 +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Stream #0:0: Video: h264, yuv420p(tv, progressive), 1920x1080 [SAR 1:1 DAR 16:9], q=2-31, 10240 kb/s, 25 fps, 90k tbn +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Metadata: +# Feb 02 15:16:54 hp1 ffmpeg[394915]: encoder : Lavc61.19.100 libx264 +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Side data: +# Feb 02 15:16:54 hp1 ffmpeg[394915]: cpb: bitrate max/min/avg: 10000000/0/10240000 buffer size: 10240000 vbv_delay: N/A + +# [das@hp1:~/nixos/hp/hp1]$ sudo tcpdump -ni eno1 -c 5 host 239.0.0.1 +# tcpdump: verbose output suppressed, use -v[v]... for full protocol decode +# listening on eno1, link-type EN10MB (Ethernet), snapshot length 262144 bytes +# 15:21:39.577834 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577866 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577885 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577907 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577927 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 5 packets captured +# 35 packets received by filter +# 0 packets dropped by kernel + +{ + config, + lib, + pkgs, + ... +}: + +# ${pkgs.ffmpeg}/bin/ffmpeg \ +# ${home.packages.ffmpeg-full}/bin/ffmpeg \ +# ffmpeg -f lavfi -i "sine=frequency=1000:duration=10" -c:a aac -b:a 128k /home/das/test_audio.aac +let + ffmpegCmd = + '' + ${pkgs.ffmpeg-full}/bin/ffmpeg -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + -f lavfi -i "sine=frequency=1000" \ + -c:v libx264 -b:v 10000k -preset ultrafast -r 25 \ + -x264-params "nal-hrd=cbr:force-cfr=1:aud=1:intra-refresh=1" \ + -tune zerolatency \ + -bsf:v h264_mp4toannexb \ + -c:a aac -b:a 128k -ac 2 \ + -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + -f rtp_mpegts "rtp://239.0.0.2:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + ''; + # Ensures SPS/PPS is sent in every keyframe (prevents decoder from losing parameter sets). + # Forces constant frame rate (force-cfr=1), improving stream stability. + + # '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + # -f lavfi -i "sine=frequency=1000" \ + # -c:v libx264 -b:v 10000k -preset ultrafast -r 25 \ + # -c:a aac -b:a 128k -ac 2 \ + # -x264opts "keyint=50:min-keyint=50:no-scenecut" \ + # -bsf:v h264_mp4toannexb \ + # -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + # -f rtp_mpegts "rtp://239.0.0.1:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + # ''; + #-x264opts "keyint=50:min-keyint=50:no-scenecut" ensures regular keyframes. + #-bsf:v h264_mp4toannexb converts H.264 to Annex B format, which is better for streaming. + + # '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + # -f lavfi -i "sine=frequency=1000" \ + # -c:v libx264 -b:v 10000k -preset ultrafast -r 25 \ + # -c:a aac -b:a 128k -ac 2 \ + # -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + # -f rtp_mpegts \ + # "rtp://239.0.0.1:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + # ''; + + # '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + # -re -i /home/das/test_audio/test_audio.aac \ + # -c:v libx264 -b:v 10240k -maxrate:v 10000k -bufsize:v 10240k -preset ultrafast -r 25 -g 50 -pix_fmt yuv420p -flags2 local_header \ + # -c:a aac -b:a 128k -ac 2 \ + # -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + # -f rtp_mpegts \ + # "rtp://239.0.0.1:6000?ttl=4&pkt_size=1326&localaddr=172.16.40.142" + # ''; + # '' + # ${pkgs.ffmpeg}/bin/ffmpeg \ + # -f lavfi \ + # -re \ + # -i testsrc2=rate=30:size=1920x1080 \ + # -codec:v libx264 \ + # -b:v 10240k \ + # -maxrate:v 10000k \ + # -bufsize:v 10240k \ + # -preset ultrafast \ + # -r 25 \ + # -g 50 \ + # -pix_fmt yuv420p \ + # -flags2 local_header \ + # -f mpegts \ + # -transtype live \ + # "rtp://239.0.0.1:6000?ttl=4&pkt_size=1326&localddr=172.16.40.142" + # ''; +in +{ + # sudo systemctl status ffmpeg-stream.service + # sudo journalctl -u ffmpeg-stream.service + # cat /etc/systemd/system/ffmpeg-stream.service + systemd.services.ffmpeg-stream = { + + description = "FFmpeg Multicast Service"; + after = [ "network.target" ]; + + serviceConfig = { + ExecStart = "${ffmpegCmd}"; + Restart = "always"; + RestartSec = 10; + StandardOutput = "journal"; + StandardError = "journal"; + + # https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Scheduling + Nice = "-20"; + #CPUSchedulingPriority = "99"; + + ### 🔐 Security Hardening Options ### + NoNewPrivileges = true; # Prevents privilege escalation + PrivateTmp = true; # Isolates service temporary files + ProtectSystem = "full"; # Restricts access to system files + #ProtectSystem = "strict"; # Restricts access to system files + #ProtectHome = "read-only"; # Readonly access to home directory + ProtectHome = "yes"; # Blocks access to home directory + ProtectKernelModules = true; # Blocks module loading + ProtectKernelLogs = true; # Prevents access to kernel logs + ProtectControlGroups = true; # Restricts cgroup modifications + MemoryDenyWriteExecute = true; # Prevents memory exploits + RestrictRealtime = true; # Blocks real-time priority settings + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # Restricts network access + SystemCallFilter = [ "~@mount" "~@privileged" "~@resources" ]; # Blocks dangerous system calls + LockPersonality = true; # Prevents personality changes (defense against exploits) + ReadOnlyPaths = "/usr"; # Makes important paths read-only + #ReadOnlyPaths = "/etc /usr /home/das/test_audio/"; # Makes important paths read-only + #wReadWritePaths = "/var/www/html"; # Only allow writing in this directory + ProtectClock = true; # Blocks modification of system clock + }; + + # # systemctl list-units --type target + # Install = { + # after = [ "network.target" ]; + # #WantedBy = [ "default.target" ]; + # }; + }; +} diff --git a/hp/hp1/flake.nix b/hp/hp1/flake.nix index 87395ff..4ff9a24 100644 --- a/hp/hp1/flake.nix +++ b/hp/hp1/flake.nix @@ -1,8 +1,10 @@ { description = "HP1 Flake"; + # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager home-manager = { url = "github:nix-community/home-manager/release-24.11"; diff --git a/hp/hp1/home.nix b/hp/hp1/home.nix index e123cda..04795b4 100644 --- a/hp/hp1/home.nix +++ b/hp/hp1/home.nix @@ -7,6 +7,10 @@ home.username = "das"; home.homeDirectory = "/home/das"; + # imports = [ + # #./ffmpeg_systemd_service.nix + # ]; + # https://nix-community.github.io/home-manager/index.xhtml#ch-installation #home-manager.users.das = { pkgs, ... }: { @@ -100,7 +104,7 @@ graphviz # #ffmpeg - ffmpeg-full + #ffmpeg-full ]; programs.bash = { @@ -134,7 +138,7 @@ nixpkgs.config.allowUnfree = true; - home.stateVersion = "24.05"; programs.home-manager.enable = true; + home.stateVersion = "24.11"; #}; } diff --git a/hp/hp1/hosts.nix b/hp/hp1/hosts.nix index b60a4f0..3af6575 100644 --- a/hp/hp1/hosts.nix +++ b/hp/hp1/hosts.nix @@ -12,5 +12,6 @@ "172.16.40.70" = ["hp5" "hp5eth"]; "172.16.40.122" = ["pi5-1" "pi5-1-eth"]; "172.16.40.62" = ["chromebox3" "chromebox3-eth"]; + "127.0.0.1" = ["redpanda-0"]; }; } \ No newline at end of file diff --git a/hp/hp1/not.ffmpeg_service.nix.not b/hp/hp1/not.ffmpeg_service.nix.not new file mode 100644 index 0000000..4ffa54c --- /dev/null +++ b/hp/hp1/not.ffmpeg_service.nix.not @@ -0,0 +1,31 @@ +{ + config, + pkgs, + ... +}: +{ + systemd.user.services.onedrive-UMFC = { + Unit = { + Description = "start ffmpeg"; + }; + Service = { + ProtectSystem = "full"; + ProtectHostname = true; + ProtectKernelTunables = true; + ProtectControlGroups = true; + RestrictRealtime = true; + Group = "users"; + ExecStartPre = "${pkgs.coreutils}/bin/sleep 15"; + ExecStart= "${pkgs.ffmpeg}/bin/onedrive --monitor --confdir=/home/kazimierzkrauze/.config/onedrive/onedrive-UMFC"; + Restart = "on-failure"; + RestartSec = 3; + # Do not restart the service if a --resync is required which is done via a 126 exit code + RestartPreventExitStatus = 126; + # Time to wait for the service to stop gracefully before forcefully terminating it + TimeoutStopSec = 90; + }; + Install = { + WantedBy = [ "default.target" ]; + }; + }; +}; \ No newline at end of file diff --git a/hp/hp1/systemPackages.nix b/hp/hp1/systemPackages.nix index 99c5975..a524c6d 100644 --- a/hp/hp1/systemPackages.nix +++ b/hp/hp1/systemPackages.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: - +{ + config, + pkgs, + ... +}: { # Allow unfree packages nixpkgs.config.allowUnfree = true; @@ -25,5 +28,10 @@ #snmp seems to be needed by lldpd net-snmp neofetch + # + ffmpeg-full + radeontop # GPU monitoring tool + # https://nixos.wiki/wiki/AMD_GPU#OpenCL + clinfo ]; } diff --git a/hp/hp5/Makefile b/hp/hp5/Makefile index 050ca2a..39f50cb 100644 --- a/hp/hp5/Makefile +++ b/hp/hp5/Makefile @@ -20,9 +20,19 @@ rebuild: #sudo cp ./*.nix /etc/nixos/ #sudo nix-channel --update #sudo nixos-rebuild switch - sudo nix flake update; #sudo nix-channel --update; sudo nixos-rebuild switch --flake . + sudo systemctl daemon-reexec + sudo systemctl restart create-stream-sdp.service + sudo systemctl restart create-stream-m3u8.service + sudo systemctl restart ffmpeg-hls + + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . + +update: + sudo nix flake update; sync: rsync -av /home/das/nixos/hp/hp5/ hp5:/home/das/nixos/hp/hp5/ diff --git a/hp/hp5/configuration.nix b/hp/hp5/configuration.nix index afca9a1..a4606db 100644 --- a/hp/hp5/configuration.nix +++ b/hp/hp5/configuration.nix @@ -43,6 +43,9 @@ ./k3s_node.nix ./systemd.services.ethtool-enp3s0f0.nix ./systemd.services.ethtool-enp3s0f1.nix + #./hls_tmpfs.nix + ./nginx.nix + ./ffmpeg-hls-service.nix ]; # Bootloader. @@ -123,14 +126,17 @@ # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix hardware.nvidia = { + open = false; # https://github.com/NixOS/nixpkgs/pull/326369 hits stable modesetting.enable = true; powerManagement = { enable = true; }; nvidiaSettings = true; + package = pkgs.linuxPackages.nvidia_x11; }; + services.xserver.videoDrivers = [ "nvidia" ]; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; @@ -138,13 +144,19 @@ TERM = "xterm-256color"; #MY_VARIABLE = "my-value"; #ANOTHER_VARIABLE = "another-value"; + #CUDA_PATH = "${pkgs.cudatoolkit}"; + CUDA_PATH = "${pkgs.linuxPackages.nvidia_x11}/lib"; + # export LD_LIBRARY_PATH=${pkgs.linuxPackages.nvidia_x11}/lib + EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; + EXTRA_CCFLAGS = "-I/usr/include"; + LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; }; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.das = { isNormalUser = true; description = "das"; - extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" ]; + extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" "video" "nginx" ]; packages = with pkgs; [ ]; # https://nixos.wiki/wiki/SSH_public_key_authentication diff --git a/hp/hp5/ffmpeg-hls-service.nix b/hp/hp5/ffmpeg-hls-service.nix new file mode 100644 index 0000000..db10c44 --- /dev/null +++ b/hp/hp5/ffmpeg-hls-service.nix @@ -0,0 +1,248 @@ +# +# sudo systemctl start ffmpeg-hls +# sudo systemctl enable ffmpeg-hls +# journalctl -u ffmpeg-hls -f +# + +{ config, lib, pkgs, ... }: + +let + + streamManifest = pkgs.writeText "stream.m3u8" + '' + #EXTM3U + #EXT-X-STREAM-INF:BANDWIDTH=1000000,RESOLUTION=640x360 + stream_1.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=5000000,RESOLUTION=1280x720 + stream_5.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=10000000,RESOLUTION=1920x1080 + stream_10.m3u8 + ''; + + sdpFile = pkgs.writeText "stream.sdp" + '' + v=0 + o=- 0 0 IN IP4 239.0.0.1 + s=MPEG-TS Over RTP Stream + c=IN IP4 239.0.0.1 + t=0 0 + a=recvonly + m=video 6000 RTP/AVP 33 + a=rtpmap:33 MP2T/90000 + ''; + + # sdpFile = pkgs.writeText "stream.sdp" + # '' + # v=0 + # o=- 0 0 IN IP4 239.0.0.1 + # s=RTP Stream + # c=IN IP4 239.0.0.1 + # t=0 0 + # m=video 6000 RTP/AVP 96 + # a=rtpmap:96 H264/90000 + # a=fmtp:96 packetization-mode=1; profile-level-id=42E01F; sprop-parameter-sets=Z0IAH5WoFAFuQA==,aM48gA== + # m=audio 6002 RTP/AVP 97 + # a=rtpmap:97 MP4A-LATM/44100/2 + # ''; + + # '' + # v=0 + # o=- 0 0 IN IP4 239.0.0.1 + # s=RTP Stream + # c=IN IP4 239.0.0.1 + # t=0 0 + # m=video 6000 RTP/AVP 96 + # a=rtpmap:96 H264/90000 + # m=audio 6002 RTP/AVP 97 + # a=rtpmap:97 MP4A-LATM/44100/2 + # ''; + + # '' + # v=0 + # o=- 0 0 IN IP4 172.16.40.142 + # s=MPEG-TS Over RTP Stream + # c=IN IP4 239.0.0.1/32 + # t=0 0 + # a=recvonly + # m=video 6000 RTP/AVP 33 + # a=rtpmap:33 MP2T/90000 + # ''; + + # https://developer.nvidia.com/blog/nvidia-ffmpeg-transcoding-guide/#processing_filters + ffmpegCmd = '' + ${pkgs.ffmpeg-full}/bin/ffmpeg \ + -vsync 0 \ + -hwaccel cuda \ + -hwaccel_output_format cuda \ + -protocol_whitelist "file,udp,rtp" \ + -analyzeduration 200000000 \ + -probesize 150M \ + -fflags +genpts -max_delay 5000000 \ + -f mpegts \ + -i /hls/stream.sdp \ + -filter_complex "[0:v]split=2[v2][v3]; \ + [v2]scale_npp=1280:720:interp_algo=super[vout2]; \ + [v3]scale_npp=640:360:interp_algo=super[vout3]" \ + -map 0:v -c:v hevc_nvenc -b:v 10M -preset p1 -tune hq -rc cbr -maxrate 10M -bufsize 20M -g 50 -pix_fmt yuv420p \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_10Mbps/stream_10.m3u8" \ + -map "[vout2]" -c:v hevc_nvenc -b:v 5M -preset p1 -tune hq -rc cbr -maxrate 5M -bufsize 10M -g 50 -pix_fmt yuv420p \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_5Mbps/stream_5.m3u8" \ + -map "[vout3]" -c:v hevc_nvenc -b:v 1M -preset p1 -tune hq -rc cbr -maxrate 1M -bufsize 2M -g 50 -pix_fmt yuv420p \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_1Mbps/stream_1.m3u8" \ + -map a:0 -c:a aac -b:a 128k -ac 2 -f hls -hls_time 4 -hls_list_size 20 \ + -hls_segment_filename "/hls/audio/stream-%Y%m%d%H%M%S.ts" "/hls/audio/stream_audio.m3u8" \ + -master_pl_name "/hls/master.m3u8" + ''; + + # ffmpegCmd = '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -vsync 0 \ + # -hwaccel cuda -hwaccel_output_format cuda \ + # -protocol_whitelist "file,udp,rtp" \ + # -analyzeduration 200000000 \ + # -probesize 150M \ + # -fflags +genpts -max_delay 5000000 \ + # -f mpegts \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]hwupload_cuda,split=3[v10_in][v5_in][v1_in]; \ + # [v10_in]scale_cuda=w=1920:h=1080,hwdownload,format=yuv420p[v10_scaled]; \ + # [v5_in]scale_cuda=w=1280:h=720,hwdownload,format=yuv420p[v5_scaled]; \ + # [v1_in]scale_cuda=w=640:h=360,hwdownload,format=yuv420p[v1_scaled]" \ + # -map "[v10_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_10Mbps/stream_10.m3u8" \ + # -map "[v5_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_5Mbps/stream_5.m3u8" \ + # -map "[v1_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_1Mbps/stream_1.m3u8 \ + # -master_pl_name /hls/master.m3u8" + # ''; + # -i "rtp://239.0.0.1:6000" \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]split=3[v10][v5][v1]; \ + # [v10]scale_cuda=1920:1080[v10_scaled]; \ + # [v5]scale_cuda=1280:720[v5_scaled]; \ + # [v1]scale_cuda=640:360[v1_scaled]" \ + +in +{ + # fileSystems."/hls" = { + # device = "tmpfs"; + # fsType = "tmpfs"; + # options = [ "size=1G" "mode=0770" "uid=nginx" "gid=nginx" "noatime" ]; + # }; + systemd.mounts = [ + { + what = "tmpfs"; + where = "/hls"; + type = "tmpfs"; + options = "size=1G,mode=0770,uid=nginx,gid=nginx,noatime"; + } + ]; + + # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html + systemd.tmpfiles.rules = [ + #Type Path Mode User Group Age Argument… + "d /hls 0770 nginx nginx -" + "d /hls/hls_10Mbps 0770 nginx nginx 5m" + "d /hls/hls_5Mbps 0770 nginx nginx 5m" + "d /hls/hls_1Mbps 0770 nginx nginx 5m" + ]; + + # sudo systemctl restart create-stream-sdp.service + systemd.services.create-stream-sdp = { + description = "Generate RTP stream SDP file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${sdpFile} /hls/stream.sdp"; + }; + }; + + # sudo systemctl restart create-stream-m3u8.service + systemd.services.create-stream-m3u8 = { + description = "Generate stream.m3u8 file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${streamManifest} /hls/stream.m3u8"; + }; + }; + + # cat /etc/systemd/system/ffmpeg-hls.service + # sudo systemctl restart ffmpeg-hls.service + # sudo systemctl status ffmpeg-hls.service + # sudo journalctl -u ffmpeg-hls -f + systemd.services.ffmpeg-hls = { + description = "FFmpeg RTP to HLS Streaming Service"; + after = [ "network.target" "create-stream-sdp.service" "create-stream-m3u8.service" "nginx.service" ]; + #after = [ "network.target" "nginx.service" ]; + #requires = [ "create-hls-tmpfs.service" ]; + requires = [ "create-stream-sdp.service" "create-stream-m3u8.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + WorkingDirectory = "/hls"; + RuntimeDirectory = "/hls"; + ExecStart = ffmpegCmd; + Restart = "always"; + RestartSec = 10; + #ExecStartPre = "/bin/sleep 5"; # this is wrong. needs path to the nix package. + User = "nginx"; + Group = "nginx"; + StandardOutput = "journal"; + StandardError = "journal"; + LimitNOFILE = 1048576; + + # https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Scheduling + Nice = "-20"; + #CPUSchedulingPriority = "99"; + # https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/assembly_configuring-cpu-affinity-and-numa-policies-using-systemd_managing-monitoring-and-updating-the-kernel#assembly_configuring-cpu-affinity-and-numa-policies-using-systemd_managing-monitoring-and-updating-the-kernel + #CPUAffinity= + #NUMAMask= + + Environment = [ + "CUDA_PATH=${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_LDFLAGS=-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_CCFLAGS=-I/usr/include" + "LD_LIBRARY_PATH=/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib" + "NVIDIA_DRIVER_CAPABILITIES=all" + "CUDA_VISIBLE_DEVICES=0" + ##"FFMPEG_OUTPUT_DIR=/hls" + ]; + + SupplementaryGroups = [ "video" "render" ]; + DeviceAllow = [ "/dev/nvidia0 rw" "/dev/nvidiactl rw" "/dev/nvidia-uvm rw" "/dev/dri/card0 rw" ]; + UMask = "0002"; + + NoNewPrivileges = false; + ProtectSystem = "full"; + ProtectKernelModules = false; + MemoryDenyWriteExecute = false; + + }; + }; +} diff --git a/hp/hp5/hls_tmpfs.nix b/hp/hp5/hls_tmpfs.nix new file mode 100644 index 0000000..a342ae0 --- /dev/null +++ b/hp/hp5/hls_tmpfs.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + fileSystems."/hls" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "defaults" "size=1G" "mode=1777" "noatime" ]; + }; +} \ No newline at end of file diff --git a/hp/hp5/home.nix b/hp/hp5/home.nix index bcd4d5a..3ea5024 100644 --- a/hp/hp5/home.nix +++ b/hp/hp5/home.nix @@ -99,7 +99,7 @@ # for pprof graphviz # - ffmpeg + #ffmpeg #ffmpeg-full ]; diff --git a/hp/hp5/nginx.nix b/hp/hp5/nginx.nix new file mode 100644 index 0000000..29c0182 --- /dev/null +++ b/hp/hp5/nginx.nix @@ -0,0 +1,47 @@ +{ config, pkgs, ... }: + +{ + services.nginx = { + enable = true; + + recommendedGzipSettings = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."localhost" = { + root = "/home/das/hls"; + locations."/" = { + index = "index.html"; + extraConfig = '' + types { + application/vnd.apple.mpegurl m3u8; + video/mp2t ts; + } + + # Allow CORS (for external players) + add_header Access-Control-Allow-Origin *; + add_header Access-Control-Allow-Methods 'GET, OPTIONS'; + add_header Access-Control-Allow-Headers 'Range'; + add_header Access-Control-Expose-Headers 'Content-Length,Content-Range'; + add_header Access-Control-Max-Age 345600 always; # 4 days (345600 seconds) + + # Cache settings for HLS playlists + location ~* \.m3u8$ { + expires 30s; + add_header Cache-Control "public, max-age=30, stale-while-revalidate=60, stale-if-error=600"; + } + + # Cache settings for HLS segments (TS files) + location ~* \.ts$ { + expires 24h; + add_header Cache-Control "public, max-age=86400, stale-while-revalidate=3600, stale-if-error=86400"; + } + ''; + }; + }; + }; + + systemd.services.nginx.serviceConfig = { + LimitNOFILE = 100000; # Increase file descriptor limit for better performance + }; +} \ No newline at end of file diff --git a/hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix b/hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix new file mode 100644 index 0000000..c7bdafe --- /dev/null +++ b/hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix @@ -0,0 +1,236 @@ +# +# sudo systemctl start ffmpeg-hls +# sudo systemctl enable ffmpeg-hls +# journalctl -u ffmpeg-hls -f +# + +{ config, lib, pkgs, ... }: + +let + + streamManifest = pkgs.writeText "stream.m3u8" + '' + #EXTM3U + #EXT-X-STREAM-INF:BANDWIDTH=1000000,RESOLUTION=640x360 + stream_1.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=5000000,RESOLUTION=1280x720 + stream_5.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=10000000,RESOLUTION=1920x1080 + stream_10.m3u8 + ''; + + sdpFile = pkgs.writeText "stream.sdp" + '' + v=0 + o=- 0 0 IN IP4 172.16.40.142 + s=MPEG-TS Over RTP Stream + c=IN IP4 239.0.0.1/32 + t=0 0 + a=recvonly + m=video 6000 RTP/AVP 33 + a=rtpmap:33 MP2T/90000 + ''; + + # sdpContent = '' + # v=0 + # o=- 0 0 IN IP4 172.16.40.142 + # s=MPEG-TS Over RTP Stream + # c=IN IP4 239.0.0.1/32 + # t=0 0 + # a=recvonly + # m=video 6000 RTP/AVP 33 + # a=rtpmap:33 MP2T/90000 + # ''; + + ffmpegCmd = '' + ${pkgs.ffmpeg-full}/bin/ffmpeg \ + -hwaccel cuda -hwaccel_output_format cuda \ + -protocol_whitelist "file,udp,rtp" \ + -analyzeduration 100000000 -probesize 500M -fflags +genpts -max_delay 5000000 \ + -i /hls/stream.sdp \ + -filter_complex "[0:v]split=3[v10][v5][v1]; \ + [v10]scale_cuda=1920:1080[v10_scaled]; \ + [v5]scale_cuda=1280:720[v5_scaled]; \ + [v1]scale_cuda=640:360[v1_scaled]" \ + -map "[v10_scaled]" -map a:0 -c:v h264_nvenc -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_10Mbps/stream_10.m3u8" \ + -map "[v5_scaled]" -map a:0 -c:v h264_nvenc -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_5Mbps/stream_5.m3u8" \ + -map "[v1_scaled]" -map a:0 -c:v h264_nvenc -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_1Mbps/stream_1.m3u8" + ''; + + # ffmpegCmd = '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -protocol_whitelist "file,udp,rtp" \ + # -analyzeduration 100000000 -probesize 500M -fflags +genpts -max_delay 5000000 \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]split=3[v10][v5][v1]; \ + # [v10]scale=1920:1080[v10_scaled]; \ + # [v5]scale=1280:720[v5_scaled]; \ + # [v1]scale=640:360[v1_scaled]" \ + # -map "[v10_scaled]" -map a:0 -c:v h264_nvenc -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_10Mbps/stream_10.m3u8" \ + # -map "[v5_scaled]" -map a:0 -c:v h264_nvenc -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_5Mbps/stream_5.m3u8" \ + # -map "[v1_scaled]" -map a:0 -c:v h264_nvenc -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_1Mbps/stream_1.m3u8" + # ''; + + # ffmpegCmd = '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -protocol_whitelist "file,udp,rtp" \ + # -analyzeduration 100000000 -probesize 500M -fflags +genpts -max_delay 5000000 \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]split=3[v10][v5][v1]; \ + # [v10]scale=1920:1080[v10_scaled]; \ + # [v5]scale=1280:720[v5_scaled]; \ + # [v1]scale=640:360[v1_scaled]" \ + # -map "[v10_scaled]" -map a:0 -c:v h264_nvenc -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -hls_segment_filename "$FFMPEG_OUTPUT_DIR/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" -strftime 1 \ + # "$FFMPEG_OUTPUT_DIR/hls_10Mbps/stream_10.m3u8" \ + # -map "[v5_scaled]" -map a:0 -c:v h264_nvenc -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -hls_segment_filename "$FFMPEG_OUTPUT_DIR/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" -strftime 1 \ + # "$FFMPEG_OUTPUT_DIR/hls_5Mbps/stream_5.m3u8" \ + # -map "[v1_scaled]" -map a:0 -c:v h264_nvenc -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -hls_segment_filename "$FFMPEG_OUTPUT_DIR/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" -strftime 1 \ + # "$FFMPEG_OUTPUT_DIR/hls_1Mbps/stream_1.m3u8" + # ''; + # -hls_segment_filename \"/hls/hls_1Mbps/%Y%m%d%H/stream-%Y%m%d%H%M%S.ts\" -strftime 1 -strftime_mkdir 1 /hls/hls_1Mbps/stream_1.m3u8 + +in +{ + fileSystems."/hls" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "size=1G" "mode=0770" "uid=nginx" "gid=nginx" "noatime" ]; + }; + # systemd.tmpfiles.rules = [ + # "d /hls 0770 nginx nginx -" + # "v /hls - tmpfs rw,nosuid,nodev,noexec,noatime,size=1G,mode=0770,uid=nginx,gid=nginx" + # ]; + # systemd.services.create-hls-tmpfs = { + # description = "Ensure /hls tmpfs is mounted"; + # wantedBy = [ "multi-user.target" ]; + # after = [ "network.target" ]; + # serviceConfig = { + # Type = "oneshot"; + # ExecStart = "/run/current-system/sw/bin/mkdir -p /hls"; + # ExecStartPost = "/run/current-system/sw/bin/mount -o size=1G,mode=0770,uid=nginx,gid=nginx,noatime -t tmpfs tmpfs /hls"; + # RemainAfterExit = true; + # }; + # }; + + # sudo systemctl restart create-stream-sdp.service + systemd.services.create-stream-sdp = { + description = "Generate RTP stream SDP file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${sdpFile} /hls/stream.sdp"; + }; + }; + + # sudo systemctl restart create-stream-m3u8.service + systemd.services.create-stream-m3u8 = { + description = "Generate stream.m3u8 file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${streamManifest} /hls/stream.m3u8"; + }; + }; + + # sudo systemctl restart ffmpeg-hls.service + # sudo systemctl status ffmpeg-hls.service + # sudo journalctl -u ffmpeg-hls -f + systemd.services.ffmpeg-hls = { + description = "FFmpeg RTP to HLS Streaming Service"; + after = [ "network.target" "nginx.service" "create-hls-tmpfs.service" ]; + #after = [ "network.target" "nginx.service" ]; + #requires = [ "create-hls-tmpfs.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + WorkingDirectory = "/hls"; + RuntimeDirectory = "/hls"; + ExecStart = ffmpegCmd; + Restart = "always"; + RestartSec = 2; + User = "nginx"; + Group = "nginx"; + StandardOutput = "journal"; + StandardError = "journal"; + LimitNOFILE = 1048576; # Increase file descriptor limits for high concurrency + + Environment = [ + "CUDA_PATH=${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_LDFLAGS=-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_CCFLAGS=-I/usr/include" + "LD_LIBRARY_PATH=/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib" + "NVIDIA_DRIVER_CAPABILITIES=all" + "CUDA_VISIBLE_DEVICES=0" # Ensure it sees the first GPU + "FFMPEG_OUTPUT_DIR=/hls" + ]; + + # GPU Access + SupplementaryGroups = [ "video" "render" ]; # Ensures FFmpeg can access GPU + DeviceAllow = [ "/dev/nvidia0 rw" "/dev/nvidiactl rw" "/dev/nvidia-uvm rw" "/dev/dri/card0 rw" ]; + UMask = "0002"; + + NoNewPrivileges = false; + ProtectSystem = "full"; + ProtectKernelModules = false; + MemoryDenyWriteExecute = false; + #RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # Allow IPv4 and IPv6 + #IPAddressAllow = "239.0.0.1"; # Allow access to the multicast address + + # ### 🔒 Security Hardening + # NoNewPrivileges = true; + # PrivateTmp = true; + # ProtectSystem = "full"; + # #ProtectSystem = "strict"; + # ProtectHome = "yes"; + # ProtectKernelModules = false; + # #ProtectKernelModules = true; + # ProtectKernelLogs = true; + # ProtectControlGroups = true; + # # stops errors like "CUDA_ERROR_OPERATING_SYSTEM: OS call failed or operation not supported on this OS" + # MemoryDenyWriteExecute = false; + # #MemoryDenyWriteExecute = true; + # RestrictRealtime = true; + # RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # or do "~AF_INET"; + # SystemCallFilter = [ "~@mount" "~@privileged" "~@resources" ]; + # LockPersonality = true; + # ReadOnlyPaths = "/etc /usr /var"; + # ProtectClock = true; + }; + }; +} diff --git a/hp/hp5/systemPackages.nix b/hp/hp5/systemPackages.nix index a641520..5bf2d44 100644 --- a/hp/hp5/systemPackages.nix +++ b/hp/hp5/systemPackages.nix @@ -33,6 +33,13 @@ vdpauinfo # sudo vainfo libva-utils # sudo vainfo # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - nvidia-vaapi-driver + # + ffmpeg-full + # + # https://nixos.wiki/wiki/CUDA + cudatoolkit + linuxPackages.nvidia_x11 + libGLU + libGL ]; } \ No newline at end of file diff --git a/laptops/t/Makefile b/laptops/t/Makefile index 7fb68d3..0a717b1 100644 --- a/laptops/t/Makefile +++ b/laptops/t/Makefile @@ -18,6 +18,12 @@ endif rebuild: sudo nixos-rebuild switch --flake . +impure: + sudo nixos-rebuild switch --impure --flake . + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . + update: sudo nix flake update; diff --git a/laptops/t/configuration.nix b/laptops/t/configuration.nix index e9bf3e3..5caf054 100644 --- a/laptops/t/configuration.nix +++ b/laptops/t/configuration.nix @@ -21,19 +21,13 @@ { # https://nixos.wiki/wiki/NixOS_modules + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager imports = - [ # Include the results of the hardware scan. + [ ./hardware-configuration.nix - # sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager - # sudo nix-channel --update - # tutorial - # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager - # - # + ./hardware-graphics.nix ./sysctl.nix ./wireless_desktop.nix - # sound removed for 24.11 - #./sound.nix ./locale.nix ./hosts.nix ./firewall.nix @@ -50,27 +44,33 @@ #./smokeping.nix ]; - # Bootloader. boot = { loader.systemd-boot = { enable = true; - consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. + consoleMode = "max"; memtest86.enable = true; }; loader.efi.canTouchEfiVariables = true; # https://nixos.wiki/wiki/Linux_kernel - kernelPackages = pkgs.linuxPackages; + #kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( + kernelPackages = pkgs.unstable.linuxPackages; #boot.kernelPackages = pkgs.linuxPackages_latest; #boot.kernelPackages = pkgs.linuxPackages_rpi4 - #boot.kernelParams # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 kernelParams = [ - "nvidia-drm.modeset=1" - "nvidia-drm.fbdev=1" + #"nvidia-drm.modeset=1" + #"nvidia-drm.fbdev=1" + # https://www.reddit.com/r/NixOS/comments/u5l3ya/cant_start_x_in_nixos/?rdt=56160 + #"nomodeset" + ]; + + blacklistedKernelModules = [ + "nouveau" + #"i915" ]; # https://wiki.nixos.org/wiki/NixOS_on_ARM/Building_Images#Compiling_through_binfmt_QEMU @@ -79,7 +79,7 @@ extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback - nvidia_x11 + #nvidia_x11 ]; # https://nixos.wiki/wiki/Libvirt#Nested_virtualization @@ -87,6 +87,7 @@ # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config_working-nix-L19 extraModprobeConfig = "options nvidia " + #"" + lib.concatStringsSep " " [ # nvidia assume that by default your CPU does not support PAT, # but this is effectively never the case in 2023 @@ -127,113 +128,8 @@ time.timeZone = "America/Los_Angeles"; - # Nouveau is enabled by default whenever graphics are enabled - # This name will change to hardware.opengl.enable, with 24.11 - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - vdpauinfo # sudo vainfo - libva-utils # sudo vainfo - # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - nvidia-vaapi-driver - vaapiVdpau - libvdpau - libvdpau-va-gl - vdpauinfo - libva - libva-utils - ]; - }; - - # TODO try displaylink - # https://nixos.wiki/wiki/Displaylink - # nix-prefetch-url --name displaylink-600.zip https://www.synaptics.com/sites/default/files/exe_files/2024-05/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.0-EXE.zip - #services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; - - # https://wiki.nixos.org/w/index.php?title=NVIDIA - # https://nixos.wiki/wiki/Nvidia - # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix - # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix - hardware.nvidia = { - - # This will no longer be necessary when - # https://github.com/NixOS/nixpkgs/pull/326369 hits stable - #modesetting.enable = true; - modesetting.enable = lib.mkDefault true; - - # prime = { - # # ([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?' - # # 00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) - # intelBusId = "PCI:0:2:0"; - # # 01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) - # nvidiaBusId = "PCI:1:0:0"; - # sync.enable = true; - # #offload = { - # # enable = true; - # # #sync.enable = true; - # # enableOffloadCmd = true; - # #}; - # }; - - # Nvidia power management. Experimental, and can cause sleep/suspend to fail. - # Enable this if you have graphical corruption issues or application crashes after waking - # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead - # of just the bare essentials. - powerManagement = { - enable = true; - #enable = false; - # Fine-grained power management. Turns off GPU when not in use. - # Experimental and only works on modern Nvidia GPUs (Turing or newer). - #finegrained = true; - #finegrained = false; - }; - - # Use the NVidia open source kernel module (not to be confused with the - # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus - # Only available from driver 515.43.04+ - # Currently alpha-quality/buggy, so false is currently the recommended setting. - # prioritry drivers don't compile on 6.10.3 - # Set to false for proprietary drivers -> https://download.nvidia.com/XFree86/Linux-x86_64/565.77/README/kernel_open.html - open = true; - - # Enable the Nvidia settings menu, - # accessible via `nvidia-settings`. - #nvidiaSettings = false; - nvidiaSettings = true; - - # Optionally, you may need to select the appropriate driver version for your specific GPU. - #package = config.boot.kernelPackages.nvidiaPackages.stable; - #package = config.boot.kernelPackages.nvidiaPackages.stable; - #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this - #package = config.boot.kernelPackages.nvidiaPackages.production; - # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version - }; - - services.xserver = { - enable = true; - - videoDrivers = [ "nvidia" ]; - - # Display Managers are responsible for handling user login - displayManager = { - gdm.enable = true; - }; - - # Enable the GNOME Desktop Environment. - desktopManager = { - gnome.enable = true; - plasma5.enable = false; - xterm.enable = false; - }; - # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 - - # Configure keymap in X11 - xkb.layout = "us"; - xkb.variant = ""; - }; + services.udev.packages = [ pkgs.gnome-settings-daemon ]; + # services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; # https://nixos.wiki/wiki/NixOS_Wiki:Audio hardware.pulseaudio.enable = false; # Use Pipewire, the modern sound subsystem @@ -249,35 +145,10 @@ # jack.enable = true; }; - # https://theo.is-a.dev/blog/post/hyprland-adventure/ - #[das@t:~]$ lshw -c video | grep config - #WARNING: you should run this program as super-user. - # configuration: depth=32 driver=nouveau latency=0 resolution=3840,2160 - # configuration: depth=32 driver=i915 latency=0 resolution=3840,2160 - # - #[das@t:~]$ lspci -nnk | egrep -i --color 'vga|3d|2d' -A3 | grep 'in use' - #Kernel driver in use: i915 - #Kernel driver in use: nouveau - # - #[das@t:~]$ lspci -nnk | grep -i vga -A2 - #00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) - #Subsystem: Lenovo Device [17aa:22c0] - #Kernel driver in use: i915 - #-- - #01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) - #Subsystem: Lenovo Device [17aa:22c0] - #Kernel driver in use: nouveau - # - # hwinfo --gfxcard - services.lldpd.enable = true; - services.openssh.enable = true; - services.timesyncd.enable = true; - services.fstrim.enable = true; - services.avahi = { enable = true; nssmdns4 = true; @@ -286,38 +157,28 @@ openFirewall = true; }; - services.udev.packages = [ pkgs.gnome-settings-daemon ]; - # services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; - services.bpftune.enable = true; - - systemd.services.modem-manager.enable = false; - systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; # https://nixos.wiki/wiki/Printing services.printing.enable = true; + # https://wiki.nixos.org/wiki/Flameshot + # services.flameshot = { + # enable = true; + # settings.General = { + # showStartupLaunchMessage = false; + # saveLastRegion = true; + # }; + # }; + + systemd.services.modem-manager.enable = false; + systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/12?u=randomizedcoder - # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config-nix-L193 - environment.variables = { - MOZ_DISABLE_RDD_SANDBOX = "1"; - LIBVA_DRIVER_NAME = "nvidia"; - GBM_BACKEND = "nvidia-drm"; - __GLX_VENDOR_LIBRARY_NAME = "nvidia"; - NVD_BACKEND = "direct"; - EGL_PLATFORM = "wayland"; - # prevents cursor disappear when using Nvidia drivers - WLR_NO_HARDWARE_CURSORS = "1"; - - MOZ_ENABLE_WAYLAND = "1"; - XDG_SESSION_TYPE = "wayland"; - NIXOS_OZONE_WL = "1"; - }; + services.clickhouse.enable = false; + # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { TERM = "xterm-256color"; #MY_VARIABLE = "my-value"; @@ -328,7 +189,6 @@ isNormalUser = true; description = "das"; extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" "docker" "video" ]; - # users.extraGroups.docker.members = [ "das" ]; packages = with pkgs; [ ]; # https://nixos.wiki/wiki/SSH_public_key_authentication @@ -337,46 +197,12 @@ ]; }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - vim - curl - wget - tcpdump - iproute2 - nftables - iptables - pciutils - usbutils - pciutils - virt-manager - cudatoolkit - pkgs.gnomeExtensions.appindicator - # #nvidia - # vdpauinfo # sudo vainfo - # libva-utils # sudo vainfo - # # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - # nvidia-vaapi-driver - # libvdpau - # libvdpau-va-gl - # vdpauinfo - # libva - # libva-utils - ]; + # package moved to systemPackages.nix + # environment.systemPackages = with pkgs; [ # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; programs.gnupg.agent = { enable = true; @@ -384,6 +210,12 @@ }; # # https://wiki.hyprland.org/Nix/Hyprland-on-NixOS/ + programs.hyprland = { + enable = true; + # Nvidia patches are no longer needed + #nvidiaPatches = true; + xwayland.enable = true; + }; # programs.hyprland = { # enable = true; # # set the flake package @@ -398,7 +230,6 @@ # nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; # #programs.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; -#dD # programs.firefox.enable = true; # # # https://github.com/TLATER/dotfiles/blob/master/nixos-modules/nvidia/default.nix # programs.firefox.preferences = { @@ -423,7 +254,7 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). #system.stateVersion = "23.11"; - system.stateVersion = "24.05"; + system.stateVersion = "24.11"; virtualisation.containers = { ociSeccompBpfHook.enable = true; @@ -454,5 +285,7 @@ # services.qemuGuest.enable = true; # services.spice-vdagentd.enable = true; + nixpkgs.config.allowUnfree = true; + # https://wiki.nixos.org/wiki/Laptop } diff --git a/laptops/t/configuration.nix.before b/laptops/t/configuration.nix.before index 4ef544b..5cd5470 100644 --- a/laptops/t/configuration.nix.before +++ b/laptops/t/configuration.nix.before @@ -195,6 +195,9 @@ systemd.services.modem-manager.enable = false; systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; + # https://discourse.nixos.org/t/unable-to-fix-too-many-open-files-error/27094/6 + systemd.extraConfig = "DefaultLimitNOFILE=2048"; # defaults to 1024 if unset + # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index f6b2d47..7557246 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1738183445, - "narHash": "sha256-C1He3N1SA8D2u+TSlldbA9wiYwDvXI4GxX3zKaeD7qU=", + "lastModified": 1744289235, + "narHash": "sha256-ZFkHLdimtFzQACsVVyZkZlfYdj4iNy3PkzXfrwmlse8=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "48a000cf35dd10bfeb231152735aebbe875f4b74", + "rev": "c8282f4982b56dfa5e9b9f659809da93f8d37e7a", "type": "github" }, "original": { @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1736373539, - "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", + "lastModified": 1744743431, + "narHash": "sha256-iyn/WBYDc7OtjSawbegINDe/gIkok888kQxk3aVnkgg=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", + "rev": "c61bfe3ae692f42ce688b5865fac9e0de58e1387", "type": "github" }, "original": { @@ -108,11 +108,11 @@ ] }, "locked": { - "lastModified": 1738178255, - "narHash": "sha256-+D6Nu2ewXbMTFzx/Q4jDOo+LAOUPr0cxQJg5k33daIE=", + "lastModified": 1742215578, + "narHash": "sha256-zfs71PXVVPEe56WEyNi2TJQPs0wabU4WAlq0XV7GcdE=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "dcadd3398abe146d60c67e0d9ee6e27b301cae82", + "rev": "2fd36421c21aa87e2fe3bee11067540ae612f719", "type": "github" }, "original": { @@ -137,11 +137,11 @@ ] }, "locked": { - "lastModified": 1738018829, - "narHash": "sha256-5Ol5iahMlELx3lWuChyZsqqLk6sP6aqaJCJFw92OZGo=", + "lastModified": 1743953322, + "narHash": "sha256-prQ5JKopXtzCMX2eT3dXbaVvGmzjMRE2bXStQDdazpM=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "12cd7034e441a5ebfdef1a090c0788413b4a635b", + "rev": "9d7f2687c84c729afbc3b13f7937655570f2978d", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1738273002, - "narHash": "sha256-R1CWBSEHZhykHo3/H3M4U7zLv1QaS87JCTHas38TNiU=", + "lastModified": 1744849150, + "narHash": "sha256-eaKqF4Oc7atN7Y2yTTeAOLN05q+G2YY0597ukgAD2Cs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ef03f6911694413b1b06aba727ad9ab089a511f7", + "rev": "225e13c3cc83308175f0a9aa18cfa31324155034", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1738193118, - "narHash": "sha256-Oix7MLyos1ED1TaHYIvm4heHrVpf8o1Xz3jcXm1/ke4=", + "lastModified": 1743950622, + "narHash": "sha256-8qjDapcQeDqxQUIm5gA0x6XZtowV/14bOs3K0tCSMoU=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "ae38ea6ee4938c74012c12072358c17e41254bed", + "rev": "be6b9875dd5c586fb401d294bb98c31973849651", "type": "github" }, "original": { @@ -221,11 +221,11 @@ ] }, "locked": { - "lastModified": 1737556638, - "narHash": "sha256-laKgI3mr2qz6tas/q3tuGPxMdsGhBi/w+HO+hO2f1AY=", + "lastModified": 1743714874, + "narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "4c75dd5c015c8a0e5a34c6d02a018a650f57feb5", + "rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2", "type": "github" }, "original": { @@ -289,11 +289,11 @@ ] }, "locked": { - "lastModified": 1737981711, - "narHash": "sha256-lh6cL5D8nPplB3WovCQjLUZ7k7MViiBrMlpkfm4R7/c=", + "lastModified": 1739048983, + "narHash": "sha256-REhTcXq4qs3B3cCDtLlYDz0GZvmsBSh947Ub6pQWGTQ=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "96bf0677fa9cd13508294e3d4559dfbbc8beff73", + "rev": "3504a293c8f8db4127cb0f7cfc1a318ffb4316f8", "type": "github" }, "original": { @@ -318,11 +318,11 @@ ] }, "locked": { - "lastModified": 1737634606, - "narHash": "sha256-W7W87Cv6wqZ9PHegI6rH1+ve3zJPiyevMFf0/HwdbCQ=", + "lastModified": 1744468525, + "narHash": "sha256-9HySx+EtsbbKlZDlY+naqqOV679VdxP6x6fP3wxDXJk=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "f41271d35cc0f370d300413d756c2677f386af9d", + "rev": "f1000c54d266e6e4e9d646df0774fac5b8a652df", "type": "github" }, "original": { @@ -343,11 +343,11 @@ ] }, "locked": { - "lastModified": 1737978343, - "narHash": "sha256-TfFS0HCEJh63Kahrkp1h9hVDMdLU8a37Zz+IFucxyfA=", + "lastModified": 1743950287, + "narHash": "sha256-/6IAEWyb8gC/NKZElxiHChkouiUOrVYNq9YqG0Pzm4Y=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "6a8bc9d2a4451df12f5179dc0b1d2d46518a90ab", + "rev": "f2dc70e448b994cef627a157ee340135bd68fbc6", "type": "github" }, "original": { @@ -368,11 +368,11 @@ ] }, "locked": { - "lastModified": 1735493474, - "narHash": "sha256-fktzv4NaqKm94VAkAoVqO/nqQlw+X0/tJJNAeCSfzK4=", + "lastModified": 1739870480, + "narHash": "sha256-SiDN5BGxa/1hAsqhgJsS03C3t2QrLgBT8u+ENJ0Qzwc=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "de913476b59ee88685fdc018e77b8f6637a2ae0b", + "rev": "206367a08dc5ac4ba7ad31bdca391d098082e64b", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737885589, - "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -399,27 +399,27 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1738284172, - "narHash": "sha256-ixVjn/td+TUvsPyLAMZ/fbrwgdTXPZ7ZS4RBz9TUSK0=", - "owner": "randomizedcoder", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "8f146535307f0168d758fe6fee6f52663cb11695", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { - "owner": "randomizedcoder", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", - "rev": "8f146535307f0168d758fe6fee6f52663cb11695", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1738163270, - "narHash": "sha256-B/7Y1v4y+msFFBW1JAdFjNvVthvNdJKiN6EGRPnqfno=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "59e618d90c065f55ae48446f307e8c09565d5ab0", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -439,11 +439,11 @@ ] }, "locked": { - "lastModified": 1737465171, - "narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=", + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "type": "github" }, "original": { @@ -504,11 +504,11 @@ ] }, "locked": { - "lastModified": 1737634991, - "narHash": "sha256-dBAnb7Kbnier30cA7AgxVSxxARmxKZ1vHZT33THSIr8=", + "lastModified": 1744644585, + "narHash": "sha256-p0D/e4J6Sv6GSb+9u8OQcVHSE2gPNYB5ygIfGDyEiXQ=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "e09dfe2726c8008f983e45a0aa1a3b7416aaeb8a", + "rev": "be6771e754345f18244fb00aae5c9e5ab21ccc26", "type": "github" }, "original": { diff --git a/laptops/t/flake.nix b/laptops/t/flake.nix index 4de5f59..cf2ced4 100644 --- a/laptops/t/flake.nix +++ b/laptops/t/flake.nix @@ -4,10 +4,10 @@ # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # https://docs.github.com/en/rest/branches/branches?apiVersion=2022-11-28#get-a-branch - #nixpkgs.url = "github:nixos/nixpkgs/commit/c541a73ec2bc3574f78cdcfaf5230882b55c79a5.tar.gz"; - #nixpkgs.url = "github:randomizedcoder/nixpkgs/commit/8f146535307f0168d758fe6fee6f52663cb11695"; - nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#ipert2_2.2.1 + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#iperf2_2.2.1 + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/c9580e24eb621d72eda63355d7c8dbfb1654d333"; # https://github.com/NixOS/nix/issues/12022 #nix flake lock --override-input nixpkgs /home/eelco/Dev/nixpkgs #nix flake lock --override-input nixpkgs "/home/das/Downloads/nixpkgs @@ -39,8 +39,14 @@ config = { allowUnfree = true; }; }; # https://nixos.wiki/wiki/Flakes#Importing_packages_from_multiple_channels + # overlay-unstable = final: prev: { + # unstable = nixpkgs-unstable.legacyPackages.${prev.system}; + # }; overlay-unstable = final: prev: { - unstable = nixpkgs-unstable.legacyPackages.${prev.system}; + unstable = import nixpkgs-unstable { + inherit system; + config = { allowUnfree = true; }; + }; }; lib = nixpkgs.lib; in { diff --git a/laptops/t/hardware-graphics.nix b/laptops/t/hardware-graphics.nix new file mode 100644 index 0000000..771ea25 --- /dev/null +++ b/laptops/t/hardware-graphics.nix @@ -0,0 +1,163 @@ +# +# nixos/laptops/t/hardware-graphics.nix +# +{ config, + pkgs, + lib, + ... +}: +{ + # hardware.opengl.enable = true; + # was renamed to: + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + nvidia-vaapi-driver + vaapiVdpau + libvdpau + libvdpau-va-gl + vdpauinfo + libva + libva-utils + # https://wiki.nixos.org/wiki/Intel_Graphics + #vpl-gpu-rt + # added 2025/02/03 not tested + vaapiIntel + intel-media-driver + ]; + }; + + # TODO try displaylink + # https://nixos.wiki/wiki/Displaylink + # nix-prefetch-url --name displaylink-600.zip https://www.synaptics.com/sites/default/files/exe_files/2024-05/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.0-EXE.zip + #services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; + + # https://wiki.nixos.org/w/index.php?title=NVIDIA + # https://nixos.wiki/wiki/Nvidia + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix + hardware.nvidia = { + + # This will no longer be necessary when + # https://github.com/NixOS/nixpkgs/pull/326369 hits stable + #modesetting.enable = true; + modesetting.enable = lib.mkDefault true; + + powerManagement = { + enable = true; + #finegrained = true; + }; + + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + # Currently alpha-quality/buggy, so false is currently the recommended setting. + # prioritry drivers don't compile on 6.10.3 + # Set to false for proprietary drivers -> https://download.nvidia.com/XFree86/Linux-x86_64/565.77/README/kernel_open.html + open = true; + + nvidiaSettings = true; + + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this + #package = config.boot.kernelPackages.nvidiaPackages.production; + # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version + # https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/nv/nvidia-modprobe/package.nix + #package = pkgs.linuxPackages.nvidia_x11; + package = pkgs.unstable.linuxPackages.nvidia_x11; + }; + + # https://theo.is-a.dev/blog/post/hyprland-adventure/ + #[das@t:~]$ lshw -c video | grep config + #WARNING: you should run this program as super-user. + # configuration: depth=32 driver=nouveau latency=0 resolution=3840,2160 + # configuration: depth=32 driver=i915 latency=0 resolution=3840,2160 + # + #[das@t:~]$ lspci -nnk | egrep -i --color 'vga|3d|2d' -A3 | grep 'in use' + #Kernel driver in use: i915 + #Kernel driver in use: nouveau + # + #[das@t:~]$ lspci -nnk | grep -i vga -A2 + #00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: i915 + #-- + #01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: nouveau + # + # hwinfo --gfxcard + + services.xserver = { + enable = true; + + videoDrivers = [ "nvidia" "modesetting" ]; # modesetting ~= intel + # intel does NOT exist + # videoDrivers = [ "nvidia" "intel" ]; + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/displaylink.nix + #videoDrivers = [ "nvidia" "displaylink" ]; + + # Display Managers are responsible for handling user login + displayManager = { + gdm.enable = true; + }; + + # Enable the GNOME Desktop Environment + desktopManager = { + gnome.enable = true; + plasma5.enable = false; + xterm.enable = false; + }; + # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 + + # Configure keymap in X11 + xkb.layout = "us"; + xkb.variant = ""; + }; + + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/12?u=randomizedcoder + # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config-nix-L193 + environment.variables = { + MOZ_DISABLE_RDD_SANDBOX = "1"; + LIBVA_DRIVER_NAME = "nvidia"; + GBM_BACKEND = "nvidia-drm"; + __GLX_VENDOR_LIBRARY_NAME = "nvidia"; + NVD_BACKEND = "direct"; + EGL_PLATFORM = "wayland"; + # prevents cursor disappear when using Nvidia drivers + WLR_NO_HARDWARE_CURSORS = "1"; + + MOZ_ENABLE_WAYLAND = "1"; + XDG_SESSION_TYPE = "wayland"; + NIXOS_OZONE_WL = "1"; + + CUDA_PATH = "${pkgs.linuxPackages.nvidia_x11}/lib"; + # export LD_LIBRARY_PATH=${pkgs.linuxPackages.nvidia_x11}/lib + EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; + EXTRA_CCFLAGS = "-I/usr/include"; + LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; + + # flameshot + QT_QPA_PLATFORM = "wayland"; + }; +} + + # i tried prime, but it didn't seem to work + # prime = { + # # ([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?' + # # 00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) + # intelBusId = "PCI:0:2:0"; + # # 01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) + # nvidiaBusId = "PCI:1:0:0"; + # sync.enable = true; + # #offload = { + # # enable = true; + # # #sync.enable = true; + # # enableOffloadCmd = true; + # #}; + # }; + +# [LOG] GPU information: +# 00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) (prog-if 00 [VGA controller]) +# 01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) (prog-if 00 [VGA controller]) \ No newline at end of file diff --git a/laptops/t/home.nix b/laptops/t/home.nix index f96c27c..8ea29d6 100644 --- a/laptops/t/home.nix +++ b/laptops/t/home.nix @@ -26,6 +26,7 @@ # https://nix-community.github.io/home-manager/options.xhtml#opt-home.sessionVariables home.sessionVariables = { + QT_QPA_PLATFORM = "wayland"; GI_TYPELIB_PATH = "/run/current-system/sw/lib/girepository-1.0"; # disable wayland NIXOS_OZONE_WL = "1"; @@ -63,7 +64,8 @@ # alsa-lib-with-plugins # perl - python3 + #3.12.8 on 12th of Feb 2025 + python3Full # gawk jq @@ -118,7 +120,8 @@ neofetch # vlc - ffmpeg_7-full + # ffmpeg moved to system package + #ffmpeg_7-full #ffmpeg-full # go # https://nixos.wiki/wiki/Go @@ -129,17 +132,19 @@ #gcc_multi #glibc_multi # thunderbird - go_1_23 - gopls - golint + #go_1_23 + unstable.go + unstable.gopls + unstable.golint golangci-lint - golangci-lint-langserver - trunk-io + unstable.golangci-lint-langserver + # trunk is unfree, and i can't work out how to enable unfree + #trunk-io # https://github.com/go-delve/delve - delve + unstable.delve # https://github.com/aarzilli/gdlv gdlv - buf + unstable.buf protobuf_27 grpcurl # https://github.com/go-gorm/gen @@ -226,7 +231,8 @@ # zoom-us # - flameshot + # https://wiki.nixos.org/wiki/Flameshot + (flameshot.override { enableWlrSupport = true; }) grim # screenshot functionality slurp # screenshot functionality # @@ -384,9 +390,12 @@ # https://github.com/HeinzDev/Hyprland-dotfiles/blob/main/home/home.nix#L70 # # https://heywoodlh.io/nixos-gnome-settings-and-keyboard-shortcuts + # https://rycee.gitlab.io/home-manager/options.xhtml#opt-dconf.settings dconf.settings = { "org/gnome/desktop/wm/preferences" = { - button-layout = "close,minimize,maximize:appmenu"; + #button-layout = "close,minimize,maximize,above:appmenu"; + button-layout = ":minimize,maximize,above,close"; + num-workspaces = 2; }; # "org/gnome/desktop/interface" = { # color-scheme = "prefer-dark"; @@ -453,14 +462,6 @@ # # home.file.".config/hypr/hyprland.conf".text = '' # # ''; - services.flameshot = { - enable = true; - settings.General = { - showStartupLaunchMessage = false; - saveLastRegion = true; - }; - }; - home.file."containers.conf" = { target = ".config/containers/containers.conf"; # https://docs.podman.io/en/v4.6.0/markdown/options/security-opt.html @@ -502,6 +503,20 @@ } ''; }; + home.file.".config/ghostty/ghostty.toml" = { + target = ".config/ghostty/ghostty.toml"; + text = '' + [window] + # Whether to show the scrollback sidebar. + sidebar = true + + # The width of the scrollback sidebar. + sidebar_width = 10 + + # Whether to show the scrollback sidebar on the left or right. + sidebar_position = "right" + ''; + }; nixpkgs.config.allowUnfree = true; diff --git a/laptops/t/hosts.nix b/laptops/t/hosts.nix index b60a4f0..3af6575 100644 --- a/laptops/t/hosts.nix +++ b/laptops/t/hosts.nix @@ -12,5 +12,6 @@ "172.16.40.70" = ["hp5" "hp5eth"]; "172.16.40.122" = ["pi5-1" "pi5-1-eth"]; "172.16.40.62" = ["chromebox3" "chromebox3-eth"]; + "127.0.0.1" = ["redpanda-0"]; }; } \ No newline at end of file diff --git a/laptops/t/nodeExporter.nix b/laptops/t/nodeExporter.nix index 31052e6..f26d49b 100644 --- a/laptops/t/nodeExporter.nix +++ b/laptops/t/nodeExporter.nix @@ -1,10 +1,14 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: { # https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix services.prometheus.exporters.node = { enable = true; - port = 9000; + port = 19000; # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix enabledCollectors = [ "systemd" ]; # /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help diff --git a/laptops/t/old-conf.txt b/laptops/t/old-conf.txt new file mode 100644 index 0000000..63b2975 --- /dev/null +++ b/laptops/t/old-conf.txt @@ -0,0 +1,309 @@ +[ca/desrt/dconf-editor] +saved-pathbar-path='/ca/desrt/dconf-editor/' +saved-view='/ca/desrt/dconf-editor/' +window-height=699 +window-is-maximized=false +window-width=1240 + +[com/mattjakeman/ExtensionManager] +height=871 +last-used-version='0.5.1' +width=1101 + +[org/gnome/Console] +last-window-maximised=true +last-window-size=(3290, 1080) + +[org/gnome/Disks] +image-dir-uri='file:///home/das/Documents' + +[org/gnome/calculator] +accuracy=9 +angle-units='degrees' +base=10 +button-mode='basic' +number-format='automatic' +show-thousands=false +show-zeroes=false +source-currency='' +source-units='degree' +target-currency='' +target-units='radian' +window-maximized=false +window-size=(360, 626) +word-size=64 + +[org/gnome/cheese] +burst-delay=1000 +camera='MX Brio (V4L2)' +photo-x-resolution=1920 +photo-y-resolution=1080 +video-x-resolution=1920 +video-y-resolution=1080 + +[org/gnome/control-center] +last-panel='sound' +window-state=(1024, 689, false) + +[org/gnome/desktop/app-folders] +folder-children=['Utilities', 'YaST', 'Pardus'] + +[org/gnome/desktop/app-folders/folders/Pardus] +categories=['X-Pardus-Apps'] +name='X-Pardus-Apps.directory' +translate=true + +[org/gnome/desktop/app-folders/folders/Utilities] +apps=['gnome-abrt.desktop', 'gnome-system-log.desktop', 'nm-connection-editor.desktop', 'org.gnome.baobab.desktop', 'org.gnome.Connections.desktop', 'org.gnome.DejaDup.desktop', 'org.gnome.Dictionary.desktop', 'org.gnome.DiskUtility.desktop', 'org.gnome.Evince.desktop', 'org.gnome.FileRoller.desktop', 'org.gnome.fonts.desktop', 'org.gnome.Loupe.desktop', 'org.gnome.seahorse.Application.desktop', 'org.gnome.tweaks.desktop', 'org.gnome.Usage.desktop', 'vinagre.desktop'] +categories=['X-GNOME-Utilities'] +name='X-GNOME-Utilities.directory' +translate=true + +[org/gnome/desktop/app-folders/folders/YaST] +categories=['X-SuSE-YaST'] +name='suse-yast.directory' +translate=true + +[org/gnome/desktop/input-sources] +sources=[('xkb', 'us')] +xkb-options=['terminate:ctrl_alt_bksp'] + +[org/gnome/desktop/interface] +clock-show-seconds=true +clock-show-weekday=true +color-scheme='prefer-dark' +enable-animations=true +enable-hot-corners=false +font-antialiasing='grayscale' +font-hinting='slight' +gtk-theme='Nordic' +toolkit-accessibility=false + +[org/gnome/desktop/notifications] +application-children=['gnome-power-panel', 'org-gnome-console', 'org-gnome-nautilus', 'slack', 'firefox', 'xdg-desktop-portal-gnome', 'google-chrome', 'kitty', 'code', 'zoom', 'org-gnome-gedit', 'gnome-printers-panel', 'org-gnome-baobab', 'org-wireshark-wireshark', 'gimp', 'org-gnome-fileroller', 'org-gnome-diskutility', 'com-dec05eba-gpu-screen-recorder'] + +[org/gnome/desktop/notifications/application/code] +application-id='code.desktop' + +[org/gnome/desktop/notifications/application/com-dec05eba-gpu-screen-recorder] +application-id='com.dec05eba.gpu_screen_recorder.desktop' + +[org/gnome/desktop/notifications/application/firefox] +application-id='firefox.desktop' + +[org/gnome/desktop/notifications/application/gimp] +application-id='gimp.desktop' + +[org/gnome/desktop/notifications/application/gnome-power-panel] +application-id='gnome-power-panel.desktop' + +[org/gnome/desktop/notifications/application/gnome-printers-panel] +application-id='gnome-printers-panel.desktop' + +[org/gnome/desktop/notifications/application/google-chrome] +application-id='google-chrome.desktop' + +[org/gnome/desktop/notifications/application/kitty] +application-id='kitty.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-baobab] +application-id='org.gnome.baobab.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-console] +application-id='org.gnome.Console.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-diskutility] +application-id='org.gnome.DiskUtility.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-fileroller] +application-id='org.gnome.FileRoller.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-gedit] +application-id='org.gnome.gedit.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-nautilus] +application-id='org.gnome.Nautilus.desktop' + +[org/gnome/desktop/notifications/application/org-wireshark-wireshark] +application-id='org.wireshark.Wireshark.desktop' + +[org/gnome/desktop/notifications/application/slack] +application-id='slack.desktop' + +[org/gnome/desktop/notifications/application/xdg-desktop-portal-gnome] +application-id='xdg-desktop-portal-gnome.desktop' + +[org/gnome/desktop/notifications/application/zoom] +application-id='Zoom.desktop' + +[org/gnome/desktop/peripherals/keyboard] +numlock-state=true + +[org/gnome/desktop/sound] +event-sounds=true +theme-name='__custom' + +[org/gnome/desktop/wm/preferences] +button-layout='close,minimize,maximize:appmenu' + +[org/gnome/evince/default] +continuous=true +dual-page=false +dual-page-odd-left=true +enable-spellchecking=true +fullscreen=false +inverted-colors=false +show-sidebar=true +sidebar-page='thumbnails' +sidebar-size=132 +sizing-mode='automatic' +window-ratio=(1.9607843137254901, 1.3636363636363635) + +[org/gnome/evolution-data-server] +migrated=true + +[org/gnome/file-roller/listing] +list-mode='as-folder' +name-column-width=2162 +show-path=false +sort-method='name' +sort-type='ascending' + +[org/gnome/file-roller/ui] +sidebar-width=200 +window-height=1080 +window-width=2712 + +[org/gnome/gedit/state/file-chooser] +open-recent=false + +[org/gnome/gedit/state/history-entry] +replace-with-entry=['data', '(*data)[', 'ge-0/1/0', 'ge-0/1/1'] +search-for-entry=['(*data)', 'data[', 'ge-0/1/1', 'ge-0/0/0'] + +[org/gnome/gedit/state/window] +bottom-panel-size=140 +side-panel-active-page='GeditWindowDocumentsPanel' +side-panel-size=200 +size=(1920, 1033) +state=87040 + +[org/gnome/meld/window-state] +height=918 +is-maximized=false +width=1717 + +[org/gnome/nautilus/compression] +default-compression-format='tar.xz' + +[org/gnome/nautilus/preferences] +default-folder-viewer='list-view' +migrated-gtk-settings=true +search-filter-time-type='last_modified' + +[org/gnome/nautilus/window-state] +initial-size=(1460, 819) +initial-size-file-chooser=(1151, 1080) + +[org/gnome/portal/filechooser/google-chrome] +last-folder-path='/home/das/Downloads' + +[org/gnome/portal/filechooser/slack] +last-folder-path='/home/das/Pictures/Screenshots' + +[org/gnome/settings-daemon/plugins/color] +night-light-schedule-automatic=false + +[org/gnome/shell] +disable-user-extensions=false +disabled-extensions=['system-monitor@gnome-shell-extensions.gcampax.github.com'] +enabled-extensions=['blur-my-shell@aunetx', 'gsconnect@andyholmes.github.io'] +favorite-apps=['firefox.desktop', 'google-chrome.desktop', 'code.desktop', 'chromium.desktop', 'alacritty.desktop', 'slack.desktop', 'ghostty.desktop'] +last-selected-power-profile='power-saver' +welcome-dialog-last-shown-version='46.2' + +[org/gnome/shell/extensions/SettingsCenter] +show-systemindicator=true + +[org/gnome/shell/extensions/astra-monitor] +gpu-header-activity-bar-color1='rgba(29,172,214,1.0)' +gpu-header-activity-graph-color1='rgba(29,172,214,1.0)' +gpu-indicators-order='["icon","activity bar","activity graph","activity percentage","memory bar","memory graph","memory percentage","memory value"]' +memory-indicators-order='["icon","bar","graph","percentage","value","free"]' +monitors-order='["processor","gpu","memory","storage","network","sensors"]' +network-indicators-order='["icon","IO bar","IO graph","IO speed"]' +processor-indicators-order='["icon","bar","graph","percentage"]' +processor-menu-gpu-color='' +sensors-indicators-order='["icon","value"]' +storage-indicators-order='["icon","bar","percentage","value","free","IO bar","IO graph","IO speed"]' +storage-main='eui.8ce38e050067b37e-part2' + +[org/gnome/shell/world-clocks] +locations=@av [] + +[org/gnome/software] +check-timestamp=int64 1739810968 +first-run=false +flatpak-purge-timestamp=int64 1739753307 + +[org/gnome/tweaks] +show-extensions-notice=false + +[org/gtk/gtk4/settings/file-chooser] +date-format='regular' +location-mode='path-bar' +show-hidden=false +sidebar-width=140 +sort-column='modified' +sort-directories-first=true +sort-order='descending' +type-format='category' +view-type='list' +window-size=(1920, 540) + +[org/gtk/settings/file-chooser] +date-format='regular' +location-mode='path-bar' +show-hidden=false +show-size-column=true +show-type-column=true +sidebar-width=261 +sort-column='modified' +sort-directories-first=false +sort-order='descending' +type-format='category' +window-position=(26, 23) +window-size=(1082, 651) + +[org/virt-manager/virt-manager/confirm] +forcepoweroff=true +removedev=true + +[org/virt-manager/virt-manager/connections] +autoconnect=['qemu:///system'] +uris=['qemu:///system'] + +[org/virt-manager/virt-manager/details] +show-toolbar=true + +[org/virt-manager/virt-manager/paths] +media-default='/home/das/Downloads' + +[org/virt-manager/virt-manager/urls] +isos=['/home/das/Downloads/ubuntu-24.04.1-live-server-amd64.iso', '/home/das/Downloads/debian-12.7.0-amd64-netinst.iso', '/home/das/Downloads/FreeBSD-14.1-RELEASE-amd64-bootonly.iso'] + +[org/virt-manager/virt-manager/vmlist-fields] +disk-usage=false +network-traffic=false + +[org/virt-manager/virt-manager/vms/662f8a9430494692bf4e887693099e2d] +autoconnect=1 +scaling=1 + +[org/virt-manager/virt-manager/vms/765cf673a06a4e0c9d77e9baf30cc8eb] +autoconnect=1 +scaling=1 + +[org/virt-manager/virt-manager/vms/de09cb1f2fd54fc2b6d64296996050fb] +autoconnect=1 +scaling=1 diff --git a/laptops/t/prometheus.nix b/laptops/t/prometheus.nix index 928dc67..24eabca 100644 --- a/laptops/t/prometheus.nix +++ b/laptops/t/prometheus.nix @@ -17,13 +17,46 @@ { job_name = "xtcp"; static_configs = [{ - targets = [ "localhost:9009" ]; + targets = [ "localhost:9088" ]; }]; } - { - job_name = "hp1xtcp"; + { + job_name = "hp1_xtcp"; + static_configs = [{ + targets = [ "hp1:9088" ]; + }]; + } + { + job_name = "clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "localhost:19363" ]; + }]; + } + { + job_name = "hp1"; + static_configs = [{ + targets = [ "hp1:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp1_clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "hp1:19363" ]; + }]; + } + { + job_name = "hp2"; + static_configs = [{ + targets = [ "hp2:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp2_clickhouse"; static_configs = [{ - targets = [ "hp1:9009" ]; + #targets = [ "localhost:9363" ]; + targets = [ "hp2:19363" ]; }]; } #{ diff --git a/laptops/t/readme.md b/laptops/t/readme.md new file mode 100644 index 0000000..c434f4d --- /dev/null +++ b/laptops/t/readme.md @@ -0,0 +1,36 @@ +# readme + + +## Nvidia nightmare + +Big thread, with feedback about my issue +https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/25 + + + +https://github.com/elFarto/nvidia-vaapi-driver/issues/311 + +``` +[das@t:~/Downloads/nixpkgs]$ ls -la /dev/dri/ +total 0 +drwxr-xr-x 3 root root 140 Jan 30 22:16 . +drwxr-xr-x 20 root root 4080 Jan 31 07:24 .. +drwxr-xr-x 2 root root 120 Jan 30 22:16 by-path +crw-rw----+ 1 root video 226, 1 Jan 31 07:24 card1 +crw-rw----+ 1 root video 226, 2 Jan 30 22:16 card2 +crw-rw-rw- 1 root render 226, 128 Jan 30 22:16 renderD128 +crw-rw-rw- 1 root render 226, 129 Jan 30 22:16 renderD129 + +[das@t:~/Downloads/nixpkgs]$ ls -la /dev/dri/by-path/ +total 0 +drwxr-xr-x 2 root root 120 Jan 30 22:16 . +drwxr-xr-x 3 root root 140 Jan 30 22:16 .. +lrwxrwxrwx 1 root root 8 Jan 30 22:16 pci-0000:00:02.0-card -> ../card2 +lrwxrwxrwx 1 root root 13 Jan 30 22:16 pci-0000:00:02.0-render -> ../renderD129 +lrwxrwxrwx 1 root root 8 Jan 30 22:16 pci-0000:01:00.0-card -> ../card1 +lrwxrwxrwx 1 root root 13 Jan 30 22:16 pci-0000:01:00.0-render -> ../renderD128 + +[das@t:~/Downloads/nixpkgs]$ lspci | grep VGA +00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) +01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) +``` \ No newline at end of file diff --git a/laptops/t/sysctl.nix b/laptops/t/sysctl.nix index ed11dac..b6fa4a8 100644 --- a/laptops/t/sysctl.nix +++ b/laptops/t/sysctl.nix @@ -25,7 +25,7 @@ #net.ipv4.tcp_tw_reuse=2 "net.ipv4.tcp_timestamps" = 1; "net.ipv4.tcp_ecn" = 1; - "net.core.default_qdisc" = "fq_codel"; + "net.core.default_qdisc" = "cake"; "net.ipv4.tcp_congestion_control" = "cubic"; #net.ipv4.tcp_congestion_control=bbr "net.core.rmem_default" = 26214400; diff --git a/laptops/t/systemPackages.nix b/laptops/t/systemPackages.nix index f795f7b..4378681 100644 --- a/laptops/t/systemPackages.nix +++ b/laptops/t/systemPackages.nix @@ -1,8 +1,11 @@ -{ config, pkgs, ... }: - { - # Allow unfree packages + config, + pkgs, + ... +}: +{ nixpkgs.config.allowUnfree = true; + # $ nix search wget environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. @@ -17,6 +20,9 @@ iptables pciutils usbutils + pciutils + virt-manager + pkgs.gnomeExtensions.appindicator iw wirelesstools wpa_supplicant @@ -24,10 +30,13 @@ lldpd #snmp seems to be needed by lldpd net-snmp - neofetch + unstable.neofetch + + # https://wiki.nixos.org/wiki/Flameshot + #(flameshot.override { enableWlrSupport = true; }) # hyprland - hyprland + unstable.hyprland swww # for wallpapers xdg-desktop-portal-gtk xdg-desktop-portal-hyprland @@ -37,5 +46,19 @@ wayland-utils wl-clipboard wlroots + + # + #nvidia + unstable.vdpauinfo # sudo vainfo + unstable.libva-utils # sudo vainfo + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + # + unstable.ffmpeg-full + # + # https://nixos.wiki/wiki/CUDA + unstable.cudatoolkit + unstable.linuxPackages.nvidia_x11 + unstable.libGLU + unstable.libGL ]; } \ No newline at end of file diff --git a/laptops/t/wireless_desktop.nix b/laptops/t/wireless_desktop.nix index 5efb014..c8f4a68 100644 --- a/laptops/t/wireless_desktop.nix +++ b/laptops/t/wireless_desktop.nix @@ -1,11 +1,9 @@ { config, pkgs, ... }: { - # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Enable networking networking = { networkmanager = { enable = true; diff --git a/laptops/t14/Makefile b/laptops/t14/Makefile index a213799..7dd7a31 100644 --- a/laptops/t14/Makefile +++ b/laptops/t14/Makefile @@ -1,14 +1,49 @@ # -# nixos/t14/Makefile +# nixos/laptops/t14/Makefile # -all: - sudo cp ../modules/* /etc/nixos/ - sudo cp ./configuration.nix /etc/nixos/ - sudo cp ./home-manager.nix /etc/nixos/ - sudo cp ./prometheus.nix /etc/nixos/ - sudo nixos-rebuild switch +EXPECTED_HOSTNAME := t14 + +ACTUAL_HOSTNAME := $(shell hostname) + +all: check_hostname rebuild + +check_hostname: +ifeq ($(ACTUAL_HOSTNAME),$(EXPECTED_HOSTNAME)) + @echo "Hostnames match: $(ACTUAL_HOSTNAME)" +else + @echo "Error: Hostname does not match. Expected: $(EXPECTED_HOSTNAME), Got: $(ACTUAL_HOSTNAME)" + @exit 1 +endif + +rebuild: + sudo nixos-rebuild switch --flake . + +impure: + sudo nixos-rebuild switch --impure --flake . + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . update: + sudo nix flake update; + +rebuild_old: + # sudo cp ./flake.nix /etc/nixos/ + # sudo cp ./flake.lock /etc/nixos/ + # sudo cp ../../modules/* /etc/nixos/ + # sudo cp ./configuration.nix /etc/nixos/ + # #sudo cp ./home-manager.nix /etc/nixos/ + # sudo cp ./home.nix /etc/nixos/ + # sudo cp ./prometheus.nix /etc/nixos/ + # sudo cp ./*.nix /etc/nixos/ + # sudo nix-channel --update + # sudo nixos-rebuild switch + #sudo cp ./* /etc/nixos/ + sudo nix flake update; + #sudo nix-channel --update; + sudo nixos-rebuild switch --flake . + +update_oldm.: sudo nix-channel --update sudo nixos-rebuild switch #nix-shell -p vim diff --git a/laptops/t14/configuration.nix b/laptops/t14/configuration.nix index e3591e6..3fcbb1f 100644 --- a/laptops/t14/configuration.nix +++ b/laptops/t14/configuration.nix @@ -8,28 +8,33 @@ # nmcli device wifi connect MYSSID password PWORD # systemctl restart display-manager.service -{ config, pkgs, ... }: +{ + inputs, + config, + pkgs, + lib, + ... +}: # https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F +# https://discourse.nixos.org/t/differences-between-nix-channels/13998 { # https://nixos.wiki/wiki/NixOS_modules + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager imports = - [ # Include the results of the hardware scan. + [ ./hardware-configuration.nix - # sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz home-manager - # sudo nix-channel --update - - # + #./hardware-graphics.nix ./sysctl.nix ./wireless_desktop.nix - ./sound.nix ./locale.nix ./hosts.nix ./firewall.nix #./systemdSystem.nix ./systemPackages.nix - ./home-manager.nix + # home manager is imported in the flake + #./home.nix ./nodeExporter.nix ./prometheus.nix ./grafana.nix @@ -37,25 +42,73 @@ #./docker-compose.nix ./docker-daemon.nix #./smokeping.nix + ./x.nix ]; + boot = { + loader.systemd-boot = { + enable = true; + consoleMode = "max"; + memtest86.enable = true; + }; - # Bootloader. - boot.loader.systemd-boot = { - enable = true; - consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. - memtest86.enable = true; - }; + loader.efi.canTouchEfiVariables = true; - boot.loader.efi.canTouchEfiVariables = true; + # https://nixos.wiki/wiki/Linux_kernel + #kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( + #kernelPackages = pkgs.unstable.linuxPackages; + kernelPackages = pkgs.linuxPackages_latest; + #boot.kernelPackages = pkgs.linuxPackages_rpi4 - # https://nixos.wiki/wiki/Linux_kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - #boot.kernelPackages = pkgs.linuxPackages_rpi4 + # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 + kernelParams = [ + #"nvidia-drm.modeset=1" + #"nvidia-drm.fbdev=1" + # https://www.reddit.com/r/NixOS/comments/u5l3ya/cant_start_x_in_nixos/?rdt=56160 + #"nomodeset" + ]; + + #blacklistedKernelModules = [ + # "nouveau" + # #"i915" + #]; - #boot.kernelParams = [ - # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 + # https://wiki.nixos.org/wiki/NixOS_on_ARM/Building_Images#Compiling_through_binfmt_QEMU + # https://nixos.org/manual/nixos/stable/options#opt-boot.binfmt.emulatedSystems + binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; + + extraModulePackages = with config.boot.kernelPackages; [ + v4l2loopback + #nvidia_x11 + ]; + + # # https://nixos.wiki/wiki/Libvirt#Nested_virtualization + # #extraModprobeConfig = "options kvm_intel nested=1"; + # # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config_working-nix-L19 + # extraModprobeConfig = + # "options nvidia " + # #"" + # + lib.concatStringsSep " " [ + # # nvidia assume that by default your CPU does not support PAT, + # # but this is effectively never the case in 2023 + # "NVreg_UsePageAttributeTable=1" + # # This is sometimes needed for ddc/ci support, see + # # https://www.ddcutil.com/nvidia/ + # # + # # Current monitor does not support it, but this is useful for + # # the future + # "NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" + # "options kvm_intel nested=1" + # # # https://nixos.wiki/wiki/OBS_Studio + # '' + # options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1 + # '' + # ]; + }; + + # For OBS + security.polkit.enable = true; nix = { gc = { @@ -67,53 +120,71 @@ settings = { auto-optimise-store = true; experimental-features = [ "nix-command" "flakes" ]; + download-buffer-size = "500000000"; }; }; # https://nixos.wiki/wiki/Networking networking.hostName = "t14"; - services.lldpd.enable = true; - - # Set your time zone. time.timeZone = "America/Los_Angeles"; - hardware.opengl = { + services.udev.packages = [ pkgs.gnome-settings-daemon ]; + # services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; + + # https://nixos.wiki/wiki/NixOS_Wiki:Audio + hardware.pulseaudio.enable = false; # Use Pipewire, the modern sound subsystem + + security.rtkit.enable = true; # Enable RealtimeKit for audio purposes + + services.pipewire = { enable = true; - driSupport = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # Uncomment the following line if you want to use JACK applications + # jack.enable = true; }; - services.xserver = { + services.lldpd.enable = true; + services.openssh.enable = true; + services.timesyncd.enable = true; + services.fstrim.enable = true; + services.avahi = { enable = true; + nssmdns4 = true; + ipv4 = true; + ipv6 = true; + openFirewall = true; + }; - # Display Managers are responsible for handling user login - displayManager = { - gdm.enable = true; - }; - # Enable the GNOME Desktop Environment. - desktopManager = { - gnome.enable = true; - plasma5.enable = false; - xterm.enable = false; - }; - # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 + services.bpftune.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + services.libinput.enable = true; - # Configure keymap in X11 - xkb.layout = "us"; - xkb.variant = ""; - }; + # https://nixos.wiki/wiki/Printing + services.printing.enable = true; - services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; + # https://wiki.nixos.org/wiki/Flameshot + # services.flameshot = { + # enable = true; + # settings.General = { + # showStartupLaunchMessage = false; + # saveLastRegion = true; + # }; + # }; systemd.services.modem-manager.enable = false; systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; - - # Enable CUPS to print documents. - services.printing.enable = true; + services.clickhouse.enable = false; + # https://nixos.wiki/wiki/PostgreSQL + services.postgresql.enable = true; + # https://nixos.wiki/wiki/Mysql + services.mysql.package = pkgs.mariadb; + services.mysql.enable = true; + # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { TERM = "xterm-256color"; #MY_VARIABLE = "my-value"; @@ -132,48 +203,48 @@ ]; }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - vim - curl - wget - tcpdump - iproute2 - nftables - iptables - pciutils - usbutils - pciutils - virt-manager - #cudatoolkit #t14 is not nvidia - pkgs.gnomeExtensions.appindicator - ]; + # package moved to systemPackages.nix + # environment.systemPackages = with pkgs; [ # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - #programs.hyprland.enable = true; - - services.openssh.enable = true; - - services.timesyncd.enable = true; + # # https://wiki.hyprland.org/Nix/Hyprland-on-NixOS/ + programs.hyprland = { + enable = true; + # Nvidia patches are no longer needed + #nvidiaPatches = true; + xwayland.enable = true; + }; + # programs.hyprland = { + # enable = true; + # # set the flake package + # package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; + # # make sure to also set the portal package, so that they are in sync + # portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; + # }; - services.fstrim.enable = true; + # programs.chromium.enable = true; + # # programs.chromium.package = pkgs.google-chrome; + # # https://nixos.wiki/wiki/Chromium#Enabling_native_Wayland_support + # nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; + # #programs.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; + + # programs.firefox.enable = true; + # # # https://github.com/TLATER/dotfiles/blob/master/nixos-modules/nvidia/default.nix + # programs.firefox.preferences = { + # "media.ffmpeg.vaapi.enabled" = true; + # "media.rdd-ffmpeg.enabled" = true; + # "media.av1.enabled" = true; # Won't work on the 2060 + # "gfx.x11-egl.force-enabled" = true; + # "widget.dmabuf.force-enabled" = true; + # }; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; @@ -188,6 +259,7 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). #system.stateVersion = "23.11"; + system.stateVersion = "24.05"; virtualisation.containers = { @@ -210,9 +282,16 @@ # # }; # # }; + # https://nixos.wiki/wiki/Virt-manager virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; + virtualisation.spiceUSBRedirection.enable = true; + + # guest # services.qemuGuest.enable = true; + # services.spice-vdagentd.enable = true; + + nixpkgs.config.allowUnfree = true; # https://wiki.nixos.org/wiki/Laptop } diff --git a/laptops/t14/docker-daemon.nix b/laptops/t14/docker-daemon.nix new file mode 100644 index 0000000..fe72a86 --- /dev/null +++ b/laptops/t14/docker-daemon.nix @@ -0,0 +1,27 @@ + +{ config, pkgs, ... }: + +{ + # https://nixos.wiki/wiki/Docker + # https://search.nixos.org/options?from=0&size=50&sort=alpha_asc&query=virtualisation.docker + # https://search.nixos.org/options?channel=24.05&show=virtualisation.docker.extraOptions&from=0&size=50&sort=alpha_asc&type=packages&query=virtualisation.docker + # https://github.com/NixOS/nixpkgs/issues/68349 + virtualisation.docker.enable = true; + virtualisation.docker.daemon.settings = { + data-root = "/home/das/docker/"; + userland-proxy = false; + experimental = true; + ipv6 = true; + fixed-cidr-v6 = "fd00::/80"; + metrics-addr = "0.0.0.0:9323"; + # log-driver = "json-file"; + # log-opts.max-size = "10m"; + # log-opts.max-file = "10"; + }; + #this doesn't work + #virtualisation.docker.daemon.settings.log-opts.max-size = "10m"; + # https://docs.docker.com/reference/cli/dockerd/ + #virtualisation.docker.extraOptions = "--userland-proxy=false"; + #virtualisation.docker.extraOptions = "--log-opt=max-size=10m"; + #virtualisation.docker.extraOptions = "--ipv6"; +} \ No newline at end of file diff --git a/laptops/t14/firewall.nix b/laptops/t14/firewall.nix new file mode 100644 index 0000000..449b44f --- /dev/null +++ b/laptops/t14/firewall.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: + +{ + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # https://nixos.wiki/wiki/Firewall + # https://scvalex.net/posts/54/ + # sudo nft --stateless list table filter + # sudo sudo iptables-save + networking.firewall = { + enable = false; + allowedTCPPorts = [ + 22 # ssh + 5001 # iperf2 + ]; + # allowedTCPPorts = [ 22 5001 ]; + # #allowedUDPPortRanges = [ + # # { from = 4000; to = 4007; } + # # { from = 8000; to = 8010; } + # #]; + # NixOS automagically creates stateful connection tracking, which we don't want + # for performance reasons + # extraCommands = '' + # iptables --delete nixos-fw -m conntrack --ctstate RELATED,ESTABLISHED -j nixos-fw-accept || true + # ''; + }; + # networking.firewall.interfaces."eth0".allowedTCPPorts = [ 80 443 ]; +} \ No newline at end of file diff --git a/laptops/t14/flake.lock b/laptops/t14/flake.lock new file mode 100644 index 0000000..7557246 --- /dev/null +++ b/laptops/t14/flake.lock @@ -0,0 +1,523 @@ +{ + "nodes": { + "aquamarine": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1744289235, + "narHash": "sha256-ZFkHLdimtFzQACsVVyZkZlfYdj4iNy3PkzXfrwmlse8=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "c8282f4982b56dfa5e9b9f659809da93f8d37e7a", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744743431, + "narHash": "sha256-iyn/WBYDc7OtjSawbegINDe/gIkok888kQxk3aVnkgg=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "c61bfe3ae692f42ce688b5865fac9e0de58e1387", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1742215578, + "narHash": "sha256-zfs71PXVVPEe56WEyNi2TJQPs0wabU4WAlq0XV7GcdE=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "2fd36421c21aa87e2fe3bee11067540ae612f719", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743953322, + "narHash": "sha256-prQ5JKopXtzCMX2eT3dXbaVvGmzjMRE2bXStQDdazpM=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "9d7f2687c84c729afbc3b13f7937655570f2978d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1744849150, + "narHash": "sha256-eaKqF4Oc7atN7Y2yTTeAOLN05q+G2YY0597ukgAD2Cs=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "225e13c3cc83308175f0a9aa18cfa31324155034", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-plugins": { + "inputs": { + "hyprland": [ + "hyprland" + ], + "nixpkgs": [ + "hyprland-plugins", + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland-plugins", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743950622, + "narHash": "sha256-8qjDapcQeDqxQUIm5gA0x6XZtowV/14bOs3K0tCSMoU=", + "owner": "hyprwm", + "repo": "hyprland-plugins", + "rev": "be6b9875dd5c586fb401d294bb98c31973849651", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-plugins", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743714874, + "narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1737634706, + "narHash": "sha256-nGCibkfsXz7ARx5R+SnisRtMq21IQIhazp6viBU8I/A=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "8810df502cdee755993cb803eba7b23f189db795", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1739048983, + "narHash": "sha256-REhTcXq4qs3B3cCDtLlYDz0GZvmsBSh947Ub6pQWGTQ=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "3504a293c8f8db4127cb0f7cfc1a318ffb4316f8", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1744468525, + "narHash": "sha256-9HySx+EtsbbKlZDlY+naqqOV679VdxP6x6fP3wxDXJk=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "f1000c54d266e6e4e9d646df0774fac5b8a652df", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743950287, + "narHash": "sha256-/6IAEWyb8gC/NKZElxiHChkouiUOrVYNq9YqG0Pzm4Y=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "f2dc70e448b994cef627a157ee340135bd68fbc6", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1739870480, + "narHash": "sha256-SiDN5BGxa/1hAsqhgJsS03C3t2QrLgBT8u+ENJ0Qzwc=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "206367a08dc5ac4ba7ad31bdca391d098082e64b", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "hyprland": "hyprland", + "hyprland-plugins": "hyprland-plugins", + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1744644585, + "narHash": "sha256-p0D/e4J6Sv6GSb+9u8OQcVHSE2gPNYB5ygIfGDyEiXQ=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "be6771e754345f18244fb00aae5c9e5ab21ccc26", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/laptops/t14/flake.nix b/laptops/t14/flake.nix new file mode 100644 index 0000000..103c83c --- /dev/null +++ b/laptops/t14/flake.nix @@ -0,0 +1,74 @@ +{ + description = "t14 Flake"; + + # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + # https://docs.github.com/en/rest/branches/branches?apiVersion=2022-11-28#get-a-branch + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#iperf2_2.2.1 + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/c9580e24eb621d72eda63355d7c8dbfb1654d333"; + # https://github.com/NixOS/nix/issues/12022 + #nix flake lock --override-input nixpkgs /home/eelco/Dev/nixpkgs + #nix flake lock --override-input nixpkgs "/home/das/Downloads/nixpkgs + #nixpkgs.url = "/home/das/Downloads/nixpkgs"; + #nixpkgs = "../../../Downloads/nixpkgs/"; + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager + home-manager = { + url = "github:nix-community/home-manager/release-24.11"; + # The `follows` keyword in inputs is used for inheritance. + # Here, `inputs.nixpkgs` of home-manager is kept consistent with + # the `inputs.nixpkgs` of the current flake, + # to avoid problems caused by different versions of nixpkgs. + inputs.nixpkgs.follows = "nixpkgs"; + }; + hyprland.url = "github:hyprwm/Hyprland"; + hyprland-plugins = { + url = "github:hyprwm/hyprland-plugins"; + # https://github.com/hyprwm/hyprland-plugins + inputs.hyprland.follows = "hyprland"; + }; + }; + + #outputs = inputs@{ nixpkgs, home-manager, hyprland, ... }: + outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, hyprland, ... }: + let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + config = { allowUnfree = true; }; + }; + # https://nixos.wiki/wiki/Flakes#Importing_packages_from_multiple_channels + # overlay-unstable = final: prev: { + # unstable = nixpkgs-unstable.legacyPackages.${prev.system}; + # }; + overlay-unstable = final: prev: { + unstable = import nixpkgs-unstable { + inherit system; + config = { allowUnfree = true; }; + }; + }; + lib = nixpkgs.lib; + in { + nixosConfigurations = { + t14 = lib.nixosSystem rec { + #system ="x86_64-linux"; + inherit system; + specialArgs = { inherit hyprland; }; + modules = [ + ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; }) + ./configuration.nix + hyprland.nixosModules.default + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.das = import ./home.nix; + home-manager.extraSpecialArgs = specialArgs; + # see also: https://github.com/HeinzDev/Hyprland-dotfiles/blob/main/flake.nix + } + ]; + }; + }; + }; +} diff --git a/laptops/t14/grafana.nix b/laptops/t14/grafana.nix new file mode 100644 index 0000000..471b71d --- /dev/null +++ b/laptops/t14/grafana.nix @@ -0,0 +1,23 @@ +{ config, pkgs, ... }: +{ + # https://nixos.wiki/wiki/Grafana + # https://search.nixos.org/options?query=services.grafana + # https://xeiaso.net/blog/prometheus-grafana-loki-nixos-2020-11-20/ + # https://grafana.com/grafana/dashboards/1860-node-exporter-full/ + services.grafana = { + enable = true; + settings = { + server = { + # Listening Address + http_addr = "0.0.0.0"; + # and Port + http_port = 3000; + # Grafana needs to know on which domain and URL it's running + #domain = "your.domain"; + #root_url = "https://your.domain/grafana/"; # Not needed if it is `https://your.domain/` + serve_from_sub_path = true; + enable_gzip = true; + }; + }; + }; +} \ No newline at end of file diff --git a/laptops/t14/home.nix b/laptops/t14/home.nix new file mode 100644 index 0000000..8ea29d6 --- /dev/null +++ b/laptops/t14/home.nix @@ -0,0 +1,525 @@ +{ + hyprland, + config, + pkgs, + ... +}: +#{ config, pkgs, ... }: +#{ config, inputs, pkgs, ... }: + +# sudo cp ./nixos/modules/* /etc/nixos/ +# sudo nixos-rebuild switch + +{ + imports = [ + hyprland.homeManagerModules.default + # other imports to go here + ]; + + home = { + username = "das"; + homeDirectory = "/home/das"; + }; + + # https://nix-community.github.io/home-manager/index.xhtml#ch-installation + #home-manager.users.das = { pkgs, ... }: { + + # https://nix-community.github.io/home-manager/options.xhtml#opt-home.sessionVariables + home.sessionVariables = { + QT_QPA_PLATFORM = "wayland"; + GI_TYPELIB_PATH = "/run/current-system/sw/lib/girepository-1.0"; + # disable wayland + NIXOS_OZONE_WL = "1"; + GOPRIVATE = "gitlab.com/sidenio/*"; + TERM = "xterm-256color"; + }; + + home.packages = with pkgs; [ + # + killall + hw-probe + # + gparted + # + ncdu + # + hw-probe + lshw + # + tmux + screen + # + libgcc + # https://nixos.wiki/wiki/C + # https://search.nixos.org/packages?channel=24.05&show=gcc&from=0&size=50&sort=relevance&type=packages&query=gcc + gcc + automake + gnumake + #cmake + pkg-config + # + + # + # alsa-lib + # alsa-lib-with-plugins + # + perl + #3.12.8 on 12th of Feb 2025 + python3Full + # + gawk + jq + git + htop + btop + minicom + # + bzip2 + gzip + lz4 + zip + unzip + xz + zstd + # + rsync + tree + file + # + alacritty + kitty + #https://ghostty.org/ + ghostty + # + ethtool + iproute2 + vlan + tcpdump + wireshark + unstable.iperf2 + netperf + flent + bpftools + fping + inetutils + # + hwloc + bpftools + # + inotify-tools + # + # HP Printers + hplip + #hplipWithPlugin + # + gnuradio + hackrf + gqrx + cubicsdr + # + neofetch + # + vlc + # ffmpeg moved to system package + #ffmpeg_7-full + #ffmpeg-full + # go + # https://nixos.wiki/wiki/Go + # https://nixos.org/manual/nixpkgs/stable/#sec-language-go + # https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F + libcap + gcc + #gcc_multi + #glibc_multi + # thunderbird + #go_1_23 + unstable.go + unstable.gopls + unstable.golint + golangci-lint + unstable.golangci-lint-langserver + # trunk is unfree, and i can't work out how to enable unfree + #trunk-io + # https://github.com/go-delve/delve + unstable.delve + # https://github.com/aarzilli/gdlv + gdlv + unstable.buf + protobuf_27 + grpcurl + # https://github.com/go-gorm/gen + # https://github.com/infobloxopen/protoc-gen-gorm/blob/main/example/postgres_arrays/buf.gen.yaml + gorm-gentool + # removed 24.11 + #buf-language-server + # https://tinygo.org/ + #tinygo + # + graphviz + # + meld + # + # https://nixos.wiki/wiki/Helix + helix + # rust + # https://nixos.wiki/wiki/Rust + #pkgs.cargo + #pkgs.rustc + cargo + rustc + rustfmt + rust-analyzer + clippy + #clang_multi + # + flutter + android-studio + android-tools + android-udev-rules + # + # debug + strace + # Gnome related / extensions + # gnomeExtensions.emoji-copy + # unstable.gnomeExtensions.workspace-switcher-manager + gnome-extension-manager + gnome-usage + dconf-editor + gnome-settings-daemon + gnome-disk-utility + gnome-software + gnome-tweaks + simple-scan + gnomeExtensions.appindicator + gnomeExtensions.settingscenter + gnomeExtensions.system-monitor + gnomeExtensions.dash-to-dock + gnomeExtensions.just-perfection + gnomeExtensions.logo-menu + gnomeExtensions.wifi-qrcode + gnomeExtensions.wireless-hid + gnomeExtensions.user-themes + gnomeExtensions.tray-icons-reloaded + gnomeExtensions.vitals + gnomeExtensions.dash-to-panel + gnomeExtensions.sound-output-device-chooser + gnomeExtensions.space-bar + # https://github.com/AstraExt/astra-monitor + gnomeExtensions.astra-monitor + libgtop + # + libreoffice-qt + hunspell + hunspellDicts.en_AU + #hunspellDicts.en_US + # + evince + # https://nixos.wiki/wiki/Firefox + firefox + # https://nixos.wiki/wiki/Chromium + chromium + #google-chrome + # https://discourse.nixos.org/t/google-chrome-not-working-after-recent-nixos-rebuild/43746 + (google-chrome.override { + commandLineArgs = [ + "--enable-features=UseOzonePlatform" + "--ozone-platform=wayland" + ]; + }) + # https://nixos.wiki/wiki/Slack + slack + # + zoom-us + # + # https://wiki.nixos.org/wiki/Flameshot + (flameshot.override { enableWlrSupport = true; }) + grim # screenshot functionality + slurp # screenshot functionality + # + gimp-with-plugins + # + simplescreenrecorder + # https://wiki.nixos.org/wiki/Gpu-screen-recorder + gpu-screen-recorder # CLI + gpu-screen-recorder-gtk # GUI + # + gedit + # + # https://nixos.wiki/wiki/Podman + dive + podman + runc + skopeo + podman-tui + podman-compose + docker-buildx + # + rofi-wayland + wofi + # + #clickhouse + #clickhouse-cli + # https://github.com/int128/kubelogin + kubelogin-oidc + kubectl + kubernetes-helm + istioctl + krew + kubeshark + kubectl-ktop + kubectl-klock + kube-capacity + kubectl-images + kubectl-gadget + kdash + # k9s --kubeconfig=dev-d.kubeconfig + k9s + # + # https://github.com/jrincayc/ucblogo-code + ucblogo + # https://github.com/wagoodman/dive + dive + # https://github.com/sharkdp/hyperfine + hyperfine + # app launchers + rofi-wayland + wofi + # + # raspberry pi + rpi-imager + ]; + + # vscode + # https://nixos.wiki/wiki/Visual_Studio_Code + # https://github.com/thexyno/nixos-config/blob/main/hm-modules/vscode/default.nix + # nix run github:nix-community/nix-vscode-extensions# -- --list-extensions + # https://mynixos.com/home-manager/options/programs.vscode + programs.vscode = { + enable = true; + package = pkgs.vscode; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + dart-code.dart-code + dart-code.flutter + golang.go + hashicorp.terraform + #k6.k6 + ms-azuretools.vscode-docker + # https://github.com/orgs/microsoft/repositories?q=vscode + ms-vscode-remote.remote-containers + ms-vscode-remote.remote-ssh + #ms-vscode-remote.remote-ssh-edit + ms-vscode.makefile-tools + ms-vscode.cmake-tools + ms-vscode.cpptools + #ms-vscode.cpptools-extension-pack + #ms-vscode.cpptools-themes + ms-vscode.hexeditor + ms-vscode.makefile-tools + ms-python.python + ms-python.vscode-pylance + #ms-vscode.remote-explorer + #ms-vscode.remote-repositories + #ms-vscode.remote-server + ms-kubernetes-tools.vscode-kubernetes-tools + redhat.vscode-yaml + rust-lang.rust-analyzer + #crates is depreciated + #serayuzgur.crates + tamasfe.even-better-toml + timonwong.shellcheck + #trunk.io + zxh404.vscode-proto3 + yzhang.markdown-all-in-one + #platformio.platformio-ide + github.copilot + # nix + #brettm12345.nixfmt.vscode + jnoortheen.nix-ide + #jeff-hykin.better-nix-syntax + rust-lang.rust-analyzer + ]; + }; + + #fonts.fonts = with pkgs; [ + # nerdfonts + # meslo-lgs-nf + #]; + + programs.bash = { + enable = true; + enableCompletion = true; + shellAliases = { + k = "kubectl"; + }; + }; + + programs.vim = { + enable = true; + plugins = with pkgs.vimPlugins; [ vim-airline ]; + settings = { ignorecase = true; }; + extraConfig = '' + set mouse=a + ''; + }; + #ldflags = [ + # "-X main.Version=${version}" + # "-X main.Commit=${version}" + #]; + + programs.git = { + enable = true; + userEmail = "dave.seddon.ca@gmail.com"; + userName = "randomizedcoder"; + #signing.key = "GPG-KEY-ID"; + #signing.signByDefault = true; + }; + + # https://nixos.wiki/wiki/OBS_Studio + # TODO add kernel module for virtual camera + programs.obs-studio = { + enable = true; + plugins = with pkgs.obs-studio-plugins; [ + wlrobs + obs-backgroundremoval + obs-pipewire-audio-capture + ]; + }; + + # another example with dark colors: + # https://github.com/HeinzDev/Hyprland-dotfiles/blob/main/home/home.nix#L70 + # + # https://heywoodlh.io/nixos-gnome-settings-and-keyboard-shortcuts + # https://rycee.gitlab.io/home-manager/options.xhtml#opt-dconf.settings + dconf.settings = { + "org/gnome/desktop/wm/preferences" = { + #button-layout = "close,minimize,maximize,above:appmenu"; + button-layout = ":minimize,maximize,above,close"; + num-workspaces = 2; + }; + # "org/gnome/desktop/interface" = { + # color-scheme = "prefer-dark"; + # }; + "org/gnome/desktop/interface" = { + clock-show-seconds = true; + clock-show-weekday = true; + color-scheme = "prefer-dark"; + enable-hot-corners = false; + font-antialiasing = "grayscale"; + font-hinting = "slight"; + gtk-theme = "Nordic"; + # toolkit-accessibility = true; + toolkit-accessibility = false; + }; + "org/gnome/shell" = { + disable-user-extensions = false; + favorite-apps = [ + "firefox.desktop" + "google-chrome.desktop" + "code.desktop" + "chromium.desktop" + "alacritty.desktop" + #"kitty.desktop" + "slack.desktop" + "ghostty.desktop" + ]; + enabled-extensions = with pkgs.gnomeExtensions; [ + blur-my-shell.extensionUuid + gsconnect.extensionUuid + ]; + }; + }; + + # disable wayland + # # https://nixos.wiki/wiki/Hyprland + # # https://josiahalenbrown.substack.com/p/installing-nixos-with-hyprland + # #programs.hyprland.enable = true; + # wayland.windowManager.hyprland = { + # # Whether to enable Hyprland wayland compositor + # enable = true; + # # The hyprland package to use + # package = pkgs.hyprland; + # # Whether to enable XWayland + # xwayland.enable = true; + + # https://wiki.hyprland.org/Nix/Hyprland-on-Home-Manager/ + # wayland.windowManager.hyprland.enable = true; # enable Hyprland + # Example: https://github.com/JaKooLit/NixOS-configs/blob/main/Ja-OS%20(configs%20using%20install%20script)/Asus-G15/hosts/G15-NixOS/config.nix#L144 + wayland.windowManager.hyprland = { + enable = true; + xwayland.enable = true; + #extraConfig = '' plugin = ${inputs.hy3.packages.${pkgs.system}.hy3}/lib/libhy3.so ''; + # plugins = [ + # inputs.hyprland-plugins.packages.${pkgs.system}.hyprbars + # # ... + #]; + }; + + # # Optional + # # Whether to enable hyprland-session.target on hyprland startup + # systemd.enable = true; + # }; + # # home.file.".config/hypr/hyprland.conf".text = '' + # # ''; + + home.file."containers.conf" = { + target = ".config/containers/containers.conf"; + # https://docs.podman.io/en/v4.6.0/markdown/options/security-opt.html + # https://github.com/containers/common/blob/main/docs/containers.conf.5.md + text = '' + [containers] + annotations=["run.oci.keep_original_groups=1",] + label=false + #seccomp=unconfined + ''; + }; + home.file."registries.conf" = { + target = ".config/containers/registries.conf"; + text = '' + [registries.search] + registries = ['docker.io'] + ''; + # text = '' + # [registries.search] + # registries = ['docker.io', 'registry.gitlab.com'] + # ''; + }; + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = '' + { + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } + } + ''; + }; + home.file.".config/ghostty/ghostty.toml" = { + target = ".config/ghostty/ghostty.toml"; + text = '' + [window] + # Whether to show the scrollback sidebar. + sidebar = true + + # The width of the scrollback sidebar. + sidebar_width = 10 + + # Whether to show the scrollback sidebar on the left or right. + sidebar_position = "right" + ''; + }; + + nixpkgs.config.allowUnfree = true; + + #home.stateVersion = "23.11"; + home.stateVersion = "24.11"; +} diff --git a/laptops/t14/hosts.nix b/laptops/t14/hosts.nix index b60a4f0..3af6575 100644 --- a/laptops/t14/hosts.nix +++ b/laptops/t14/hosts.nix @@ -12,5 +12,6 @@ "172.16.40.70" = ["hp5" "hp5eth"]; "172.16.40.122" = ["pi5-1" "pi5-1-eth"]; "172.16.40.62" = ["chromebox3" "chromebox3-eth"]; + "127.0.0.1" = ["redpanda-0"]; }; } \ No newline at end of file diff --git a/laptops/t14/locale.nix b/laptops/t14/locale.nix new file mode 100644 index 0000000..6a67b6f --- /dev/null +++ b/laptops/t14/locale.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; +} \ No newline at end of file diff --git a/laptops/t14/nodeExporter.nix b/laptops/t14/nodeExporter.nix new file mode 100644 index 0000000..f26d49b --- /dev/null +++ b/laptops/t14/nodeExporter.nix @@ -0,0 +1,27 @@ +{ + config, + pkgs, + ... +}: +{ + # https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters + # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix + services.prometheus.exporters.node = { + enable = true; + port = 19000; + # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix + enabledCollectors = [ "systemd" ]; + # /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help + extraFlags = [ + "--collector.ethtool" + "--collector.softirqs" + "--collector.tcpstat" + "--collector.wifi" + "--collector.filesystem.ignored-mount-points='/nix/store'"]; + }; + + # https://search.nixos.org/options?channel=24.05&from=200&size=50&sort=relevance&type=packages&query=services.prometheus.exporters + services.prometheus.exporters.systemd.enable = true; + services.prometheus.exporters.smartctl.enable = true; + services.prometheus.exporters.process.enable = true; +} \ No newline at end of file diff --git a/laptops/t14/prometheus.nix b/laptops/t14/prometheus.nix index 78d43a3..24eabca 100644 --- a/laptops/t14/prometheus.nix +++ b/laptops/t14/prometheus.nix @@ -17,9 +17,54 @@ { job_name = "xtcp"; static_configs = [{ - targets = [ "localhost:9009" ]; + targets = [ "localhost:9088" ]; }]; } + { + job_name = "hp1_xtcp"; + static_configs = [{ + targets = [ "hp1:9088" ]; + }]; + } + { + job_name = "clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "localhost:19363" ]; + }]; + } + { + job_name = "hp1"; + static_configs = [{ + targets = [ "hp1:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp1_clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "hp1:19363" ]; + }]; + } + { + job_name = "hp2"; + static_configs = [{ + targets = [ "hp2:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp2_clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "hp2:19363" ]; + }]; + } + #{ + # job_name = "chromebox1"; + # static_configs = [{ + # targets = [ "172.16.40.179:9105" ]; + # }]; + #} ]; }; -} +} \ No newline at end of file diff --git a/laptops/t14/sysctl.nix b/laptops/t14/sysctl.nix new file mode 100644 index 0000000..b6fa4a8 --- /dev/null +++ b/laptops/t14/sysctl.nix @@ -0,0 +1,43 @@ +{ config, pkgs, ... }: + +{ + # https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html + boot.kernel.sysctl = { + # detect dead connections more quickly + "net.ipv4.tcp_keepalive_intvl" = 30; + #net.ipv4.tcp_keepalive_intvl = 75 + "net.ipv4.tcp_keepalive_probes" = 4; + #net.ipv4.tcp_keepalive_probes = 9 + "net.ipv4.tcp_keepalive_time" = 120; + #net.ipv4.tcp_keepalive_time = 7200 + # 30 * 4 = 120 seconds. / 60 = 2 minutes + # default: 75 seconds * 9 = 675 seconds. /60 = 11.25 minutes + "net.ipv4.tcp_rmem" = "4096 1000000 16000000"; + "net.ipv4.tcp_wmem" = "4096 1000000 16000000"; + #net.ipv4.tcp_rmem = 4096 131072 6291456 + #net.ipv4.tcp_wmem = 4096 16384 4194304 + # https://github.com/torvalds/linux/blob/master/Documentation/networking/ip-sysctl.rst?plain=1#L1042 + # https://lwn.net/Articles/560082/ + "net.ipv4.tcp_notsent_lowat" = "131072"; + #net.ipv4.tcp_notsent_lowat = 4294967295 + # enable Enable reuse of TIME-WAIT sockets globally + "net.ipv4.tcp_tw_reuse" = 1; + #net.ipv4.tcp_tw_reuse=2 + "net.ipv4.tcp_timestamps" = 1; + "net.ipv4.tcp_ecn" = 1; + "net.core.default_qdisc" = "cake"; + "net.ipv4.tcp_congestion_control" = "cubic"; + #net.ipv4.tcp_congestion_control=bbr + "net.core.rmem_default" = 26214400; + "net.core.rmem_max" = 26214400; + "net.core.wmem_default" = 26214400; + "net.core.wmem_max" = 26214400; + #net.core.optmem_max = 20480 + #net.core.rmem_default = 212992 + #net.core.rmem_max = 212992 + #net.core.wmem_default = 212992 + #net.core.wmem_max = 212992 + "net.ipv4.ip_local_port_range" = "1025 65535"; + #net.ipv4.ip_local_port_range ="32768 60999" + }; +} \ No newline at end of file diff --git a/laptops/t14/systemPackages.nix b/laptops/t14/systemPackages.nix new file mode 100644 index 0000000..7436b7f --- /dev/null +++ b/laptops/t14/systemPackages.nix @@ -0,0 +1,64 @@ +{ + config, + pkgs, + ... +}: +{ + nixpkgs.config.allowUnfree = true; + + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + psmisc + vim + curl + wget + tcpdump + iproute2 + nftables + iptables + pciutils + usbutils + pciutils + virt-manager + pkgs.gnomeExtensions.appindicator + iw + wirelesstools + wpa_supplicant + #wpa_supplicant_ro_ssids + lldpd + #snmp seems to be needed by lldpd + net-snmp + unstable.neofetch + + # https://wiki.nixos.org/wiki/Flameshot + #(flameshot.override { enableWlrSupport = true; }) + + # hyprland + unstable.hyprland + swww # for wallpapers + xdg-desktop-portal-gtk + xdg-desktop-portal-hyprland + xwayland + meson + wayland-protocols + wayland-utils + wl-clipboard + wlroots + + # # + # #nvidia + # unstable.vdpauinfo # sudo vainfo + # unstable.libva-utils # sudo vainfo + # # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + # # + # unstable.ffmpeg-full + # # + # # https://nixos.wiki/wiki/CUDA + # unstable.cudatoolkit + # unstable.linuxPackages.nvidia_x11 + # unstable.libGLU + # unstable.libGL + ]; +} \ No newline at end of file diff --git a/laptops/t14/wireless_desktop.nix b/laptops/t14/wireless_desktop.nix new file mode 100644 index 0000000..c8f4a68 --- /dev/null +++ b/laptops/t14/wireless_desktop.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: + +{ + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + networking = { + networkmanager = { + enable = true; + #wifi.powersave = true; + wifi.powersave = false; + }; + }; + + #networking.hosts = { + # "172.16.50.216" = ["hp0"]; + # "172.16.40.35" = ["hp1"]; + # "172.16.40.71" = ["hp2"]; + #}; +} \ No newline at end of file diff --git a/laptops/t14/x.nix b/laptops/t14/x.nix new file mode 100644 index 0000000..7fe7a23 --- /dev/null +++ b/laptops/t14/x.nix @@ -0,0 +1,163 @@ +# +# nixos/laptops/t/hardware-graphics.nix +# +{ config, + pkgs, + lib, + ... +}: +{ + # hardware.opengl.enable = true; + # was renamed to: + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + nvidia-vaapi-driver + vaapiVdpau + libvdpau + libvdpau-va-gl + vdpauinfo + libva + libva-utils + # https://wiki.nixos.org/wiki/Intel_Graphics + #vpl-gpu-rt + # added 2025/02/03 not tested + vaapiIntel + intel-media-driver + ]; + }; + + # TODO try displaylink + # https://nixos.wiki/wiki/Displaylink + # nix-prefetch-url --name displaylink-600.zip https://www.synaptics.com/sites/default/files/exe_files/2024-05/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.0-EXE.zip + #services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; + + # https://wiki.nixos.org/w/index.php?title=NVIDIA + # https://nixos.wiki/wiki/Nvidia + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix + hardware.nvidia = { + + # This will no longer be necessary when + # https://github.com/NixOS/nixpkgs/pull/326369 hits stable + #modesetting.enable = true; + modesetting.enable = lib.mkDefault true; + + powerManagement = { + enable = true; + #finegrained = true; + }; + + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + # Currently alpha-quality/buggy, so false is currently the recommended setting. + # prioritry drivers don't compile on 6.10.3 + # Set to false for proprietary drivers -> https://download.nvidia.com/XFree86/Linux-x86_64/565.77/README/kernel_open.html + open = true; + + nvidiaSettings = true; + + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this + #package = config.boot.kernelPackages.nvidiaPackages.production; + # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version + # https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/nv/nvidia-modprobe/package.nix + #package = pkgs.linuxPackages.nvidia_x11; + package = pkgs.unstable.linuxPackages.nvidia_x11; + }; + + # https://theo.is-a.dev/blog/post/hyprland-adventure/ + #[das@t:~]$ lshw -c video | grep config + #WARNING: you should run this program as super-user. + # configuration: depth=32 driver=nouveau latency=0 resolution=3840,2160 + # configuration: depth=32 driver=i915 latency=0 resolution=3840,2160 + # + #[das@t:~]$ lspci -nnk | egrep -i --color 'vga|3d|2d' -A3 | grep 'in use' + #Kernel driver in use: i915 + #Kernel driver in use: nouveau + # + #[das@t:~]$ lspci -nnk | grep -i vga -A2 + #00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: i915 + #-- + #01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: nouveau + # + # hwinfo --gfxcard + + services.xserver = { + enable = true; + + #videoDrivers = [ "nvidia" "modesetting" ]; # modesetting ~= intel + # intel does NOT exist + # videoDrivers = [ "nvidia" "intel" ]; + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/displaylink.nix + #videoDrivers = [ "nvidia" "displaylink" ]; + + # Display Managers are responsible for handling user login + displayManager = { + gdm.enable = true; + }; + + # Enable the GNOME Desktop Environment + desktopManager = { + gnome.enable = true; + plasma5.enable = false; + xterm.enable = false; + }; + # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 + + # Configure keymap in X11 + xkb.layout = "us"; + xkb.variant = ""; + }; + + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/12?u=randomizedcoder + # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config-nix-L193 + environment.variables = { + # MOZ_DISABLE_RDD_SANDBOX = "1"; + # LIBVA_DRIVER_NAME = "nvidia"; + # GBM_BACKEND = "nvidia-drm"; + # __GLX_VENDOR_LIBRARY_NAME = "nvidia"; + #NVD_BACKEND = "direct"; + EGL_PLATFORM = "wayland"; + # prevents cursor disappear when using Nvidia drivers + WLR_NO_HARDWARE_CURSORS = "1"; + + MOZ_ENABLE_WAYLAND = "1"; + XDG_SESSION_TYPE = "wayland"; + NIXOS_OZONE_WL = "1"; + + # CUDA_PATH = "${pkgs.linuxPackages.nvidia_x11}/lib"; + # # export LD_LIBRARY_PATH=${pkgs.linuxPackages.nvidia_x11}/lib + # EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; + # EXTRA_CCFLAGS = "-I/usr/include"; + # LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; + + # flameshot + QT_QPA_PLATFORM = "wayland"; + }; +} + + # i tried prime, but it didn't seem to work + # prime = { + # # ([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?' + # # 00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) + # intelBusId = "PCI:0:2:0"; + # # 01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) + # nvidiaBusId = "PCI:1:0:0"; + # sync.enable = true; + # #offload = { + # # enable = true; + # # #sync.enable = true; + # # enableOffloadCmd = true; + # #}; + # }; + +# [LOG] GPU information: +# 00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) (prog-if 00 [VGA controller]) +# 01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) (prog-if 00 [VGA controller]) \ No newline at end of file