From d39cb72a4d47d7226178c0f5bed444bd3d59555e Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Fri, 31 Jan 2025 13:50:55 -0800 Subject: [PATCH 1/8] blacklist i915 --- laptops/t/configuration.nix | 26 ++++++++++++++++++-------- laptops/t/readme.md | 36 ++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+), 8 deletions(-) create mode 100644 laptops/t/readme.md diff --git a/laptops/t/configuration.nix b/laptops/t/configuration.nix index e9bf3e3..19a85fe 100644 --- a/laptops/t/configuration.nix +++ b/laptops/t/configuration.nix @@ -69,8 +69,15 @@ #boot.kernelParams # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 kernelParams = [ - "nvidia-drm.modeset=1" - "nvidia-drm.fbdev=1" + #"nvidia-drm.modeset=1" + #"nvidia-drm.fbdev=1" + # https://www.reddit.com/r/NixOS/comments/u5l3ya/cant_start_x_in_nixos/?rdt=56160 + "nomodeset" + ]; + + blacklistedKernelModules = [ + "nouveau" + "i915" ]; # https://wiki.nixos.org/wiki/NixOS_on_ARM/Building_Images#Compiling_through_binfmt_QEMU @@ -79,24 +86,25 @@ extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback - nvidia_x11 + #nvidia_x11 ]; # https://nixos.wiki/wiki/Libvirt#Nested_virtualization #extraModprobeConfig = "options kvm_intel nested=1"; # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config_working-nix-L19 extraModprobeConfig = - "options nvidia " + #"options nvidia " + "" + lib.concatStringsSep " " [ # nvidia assume that by default your CPU does not support PAT, # but this is effectively never the case in 2023 - "NVreg_UsePageAttributeTable=1" + #"NVreg_UsePageAttributeTable=1" # This is sometimes needed for ddc/ci support, see # https://www.ddcutil.com/nvidia/ # # Current monitor does not support it, but this is useful for # the future - "NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" + #"NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" "options kvm_intel nested=1" # # https://nixos.wiki/wiki/OBS_Studio '' @@ -132,8 +140,6 @@ hardware.graphics = { enable = true; extraPackages = with pkgs; [ - vdpauinfo # sudo vainfo - libva-utils # sudo vainfo # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 nvidia-vaapi-driver vaapiVdpau @@ -142,6 +148,8 @@ vdpauinfo libva libva-utils + # https://wiki.nixos.org/wiki/Intel_Graphics + #vpl-gpu-rt ]; }; @@ -368,6 +376,8 @@ # vdpauinfo # libva # libva-utils + vdpauinfo # sudo vainfo + libva-utils # sudo vainfo ]; # Some programs need SUID wrappers, can be configured further or are diff --git a/laptops/t/readme.md b/laptops/t/readme.md new file mode 100644 index 0000000..c434f4d --- /dev/null +++ b/laptops/t/readme.md @@ -0,0 +1,36 @@ +# readme + + +## Nvidia nightmare + +Big thread, with feedback about my issue +https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/25 + + + +https://github.com/elFarto/nvidia-vaapi-driver/issues/311 + +``` +[das@t:~/Downloads/nixpkgs]$ ls -la /dev/dri/ +total 0 +drwxr-xr-x 3 root root 140 Jan 30 22:16 . +drwxr-xr-x 20 root root 4080 Jan 31 07:24 .. +drwxr-xr-x 2 root root 120 Jan 30 22:16 by-path +crw-rw----+ 1 root video 226, 1 Jan 31 07:24 card1 +crw-rw----+ 1 root video 226, 2 Jan 30 22:16 card2 +crw-rw-rw- 1 root render 226, 128 Jan 30 22:16 renderD128 +crw-rw-rw- 1 root render 226, 129 Jan 30 22:16 renderD129 + +[das@t:~/Downloads/nixpkgs]$ ls -la /dev/dri/by-path/ +total 0 +drwxr-xr-x 2 root root 120 Jan 30 22:16 . +drwxr-xr-x 3 root root 140 Jan 30 22:16 .. +lrwxrwxrwx 1 root root 8 Jan 30 22:16 pci-0000:00:02.0-card -> ../card2 +lrwxrwxrwx 1 root root 13 Jan 30 22:16 pci-0000:00:02.0-render -> ../renderD129 +lrwxrwxrwx 1 root root 8 Jan 30 22:16 pci-0000:01:00.0-card -> ../card1 +lrwxrwxrwx 1 root root 13 Jan 30 22:16 pci-0000:01:00.0-render -> ../renderD128 + +[das@t:~/Downloads/nixpkgs]$ lspci | grep VGA +00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) +01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) +``` \ No newline at end of file From b204a3441b848d34e5d8b161252f53b0516b1f35 Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Tue, 4 Feb 2025 16:14:26 -0800 Subject: [PATCH 2/8] ./hardware-graphics.nix --- containers/nginx/flake.nix | 2 +- containers/nginx/old.flake.nix.old | 68 ++++++ hp/hp1/Makefile | 8 +- hp/hp1/configuration.nix | 15 +- hp/hp1/ffmpeg_systemd_service.nix | 164 ++++++++++++++ hp/hp1/flake.nix | 2 + hp/hp1/home.nix | 8 +- hp/hp1/not.ffmpeg_service.nix.not | 31 +++ hp/hp1/systemPackages.nix | 3 + hp/hp5/Makefile | 12 +- hp/hp5/configuration.nix | 14 +- hp/hp5/ffmpeg-hls-service.nix | 202 +++++++++++++++++ hp/hp5/hls_tmpfs.nix | 9 + hp/hp5/home.nix | 2 +- hp/hp5/nginx.nix | 47 ++++ hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix | 236 ++++++++++++++++++++ hp/hp5/systemPackages.nix | 9 +- laptops/t/Makefile | 3 + laptops/t/configuration.nix | 235 ++----------------- laptops/t/flake.lock | 50 ++--- laptops/t/flake.nix | 6 +- laptops/t/hardware-graphics.nix | 151 +++++++++++++ laptops/t/home.nix | 7 +- laptops/t/systemPackages.nix | 18 ++ 24 files changed, 1049 insertions(+), 253 deletions(-) create mode 100644 containers/nginx/old.flake.nix.old create mode 100644 hp/hp1/ffmpeg_systemd_service.nix create mode 100644 hp/hp1/not.ffmpeg_service.nix.not create mode 100644 hp/hp5/ffmpeg-hls-service.nix create mode 100644 hp/hp5/hls_tmpfs.nix create mode 100644 hp/hp5/nginx.nix create mode 100644 hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix create mode 100644 laptops/t/hardware-graphics.nix diff --git a/containers/nginx/flake.nix b/containers/nginx/flake.nix index 47e9411..fffba84 100644 --- a/containers/nginx/flake.nix +++ b/containers/nginx/flake.nix @@ -2,7 +2,7 @@ description = "OpenTechLab Docker Example"; inputs = { - nixpkgs.url = github:NixOS/nixpkgs/nixos-24.05; + nixpkgs.url = github:NixOS/nixpkgs/nixos-24.11; }; outputs = { self, nixpkgs }: { diff --git a/containers/nginx/old.flake.nix.old b/containers/nginx/old.flake.nix.old new file mode 100644 index 0000000..47e9411 --- /dev/null +++ b/containers/nginx/old.flake.nix.old @@ -0,0 +1,68 @@ +{ + description = "OpenTechLab Docker Example"; + + inputs = { + nixpkgs.url = github:NixOS/nixpkgs/nixos-24.05; + }; + + outputs = { self, nixpkgs }: { + packages."x86_64-linux" = + let + pkgs = import nixpkgs { system = "x86_64-linux"; }; + in + rec { + dockerImage = + pkgs.dockerTools.buildLayeredImage (let + nginxPort = "80"; + nginxConf = pkgs.writeText "nginx.conf" '' + user nginx nginx; + daemon off; + events {} + http { + server { + listen ${nginxPort}; + location / { + root ${./html}; + } + } + } + ''; + + in rec { + name = "otl-nix-demo"; + tag = "latest"; + + contents = with pkgs; [ + # Set up users and groups + (writeTextDir "etc/shadow" '' + root:!x::::::: + nginx:!::::::: + '') + (writeTextDir "etc/passwd" '' + root:x:0:0::/root:${runtimeShell} + nginx:x:999:999::/home/nginx: + '') + (writeTextDir "etc/group" '' + root:x:0: + nginx:x:999: + '') + (writeTextDir "etc/gshadow" '' + root:x:: + nginx:x:: + '') + + # Workaround: create directories required by nginx + (writeTextDir "var/cache/nginx/.placeholder" "") + (writeTextDir "var/log/nginx/.placeholder" "") + ]; + + config = { + Cmd = [ "${pkgs.nginx}/bin/nginx" "-c" nginxConf ]; + ExposedPorts = { + "${nginxPort}/tcp" = { }; + }; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/hp/hp1/Makefile b/hp/hp1/Makefile index f9a8c44..159e2e9 100644 --- a/hp/hp1/Makefile +++ b/hp/hp1/Makefile @@ -20,9 +20,15 @@ rebuild: #sudo cp ./*.nix /etc/nixos/ #sudo nix-channel --update #sudo nixos-rebuild switch - sudo nix flake update; #sudo nix-channel --update; sudo nixos-rebuild switch --flake . + systemctl --user restart ffmpeg-stream + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . + +update: + sudo nix flake update; sync: rsync -av /home/das/nixos/hp/hp1/ hp1:/home/das/nixos/hp/hp1/ diff --git a/hp/hp1/configuration.nix b/hp/hp1/configuration.nix index fec849a..14305ee 100644 --- a/hp/hp1/configuration.nix +++ b/hp/hp1/configuration.nix @@ -67,6 +67,16 @@ }; }; + # find /run/opengl-driver -name "libamfrt64.so.1" + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + amdvlk # AMD Vulkan driver, includes AMF runtime + #rocm-opencl-runtime # Optional: ROCm OpenCL support + #rocm-smi # AMD System Management Interface (for monitoring GPU) + ]; + }; + # https://nixos.wiki/wiki/Networking # https://nlewo.github.io/nixos-manual-sphinx/configuration/ipv4-config.xml.html networking.hostName = "hp1"; @@ -95,7 +105,7 @@ users.users.das = { isNormalUser = true; description = "das"; - extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" ]; + extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" "video" ]; packages = with pkgs; [ ]; # https://nixos.wiki/wiki/SSH_public_key_authentication @@ -122,6 +132,9 @@ services.fstrim.enable = true; + # AMD GPU power management + #services.udev.packages = with pkgs; [ rocm-smi ]; + # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. Itβ€˜s perfectly fine and recommended to leave diff --git a/hp/hp1/ffmpeg_systemd_service.nix b/hp/hp1/ffmpeg_systemd_service.nix new file mode 100644 index 0000000..30c108a --- /dev/null +++ b/hp/hp1/ffmpeg_systemd_service.nix @@ -0,0 +1,164 @@ +# +# nixos/hp/hp1/ffmpeg_systemd_service.nix +# +# systemctl --user restart ffmpeg-stream +# systemctl --user status ffmpeg-stream +# +# [das@hp1:~/nixos/hp/hp1]$ systemctl --user restart ffmpeg-stream + +# [das@hp1:~/nixos/hp/hp1]$ systemctl --user status ffmpeg-stream +# ● ffmpeg-stream.service +# Loaded: loaded (/home/das/.config/systemd/user/ffmpeg-stream.service; enabled; preset: ignored) +# Active: active (running) since Sun 2025-02-02 15:16:54 PST; 3min 41s ago +# Invocation: ac9c5b7820cd40fe85f95d610a184c46 +# Main PID: 394915 (ffmpeg) +# Tasks: 37 (limit: 37129) +# Memory: 230.4M (peak: 230.9M) +# CPU: 2min 13.669s +# CGroup: /user.slice/user-1000.slice/user@1000.service/app.slice/ffmpeg-stream.service +# └─394915 /nix/store/hk1a30i7a4nhc16sc407z0fi1yxgfgjp-ffmpeg-7.1-bin/bin/ffmpeg -f lavfi -re -i testsrc2=rate=30:size=1920x1080 -codec:v libx264 -b:v 10240k -maxrate:v 10000k -bu> + +# [das@hp1:~/nixos/hp/hp1]$ journalctl --user -u ffmpeg-stream -f +# Feb 02 15:16:54 hp1 ffmpeg[394915]: [libx264 @ 0x352394c0] using cpu capabilities: MMX2 SSE2Fast SSSE3 SSE4.2 AVX FMA3 BMI2 AVX2 +# Feb 02 15:16:54 hp1 ffmpeg[394915]: [libx264 @ 0x352394c0] profile Constrained Baseline, level 4.0, 4:2:0, 8-bit +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Output #0, mpegts, to 'udp://239.0.0.1:6000?ttl=4&pkt_size=1326&localddr=172.16.40.142': +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Metadata: +# Feb 02 15:16:54 hp1 ffmpeg[394915]: encoder : Lavf61.7.100 +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Stream #0:0: Video: h264, yuv420p(tv, progressive), 1920x1080 [SAR 1:1 DAR 16:9], q=2-31, 10240 kb/s, 25 fps, 90k tbn +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Metadata: +# Feb 02 15:16:54 hp1 ffmpeg[394915]: encoder : Lavc61.19.100 libx264 +# Feb 02 15:16:54 hp1 ffmpeg[394915]: Side data: +# Feb 02 15:16:54 hp1 ffmpeg[394915]: cpb: bitrate max/min/avg: 10000000/0/10240000 buffer size: 10240000 vbv_delay: N/A + +# [das@hp1:~/nixos/hp/hp1]$ sudo tcpdump -ni eno1 -c 5 host 239.0.0.1 +# tcpdump: verbose output suppressed, use -v[v]... for full protocol decode +# listening on eno1, link-type EN10MB (Ethernet), snapshot length 262144 bytes +# 15:21:39.577834 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577866 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577885 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577907 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 15:21:39.577927 IP 172.16.40.142.4032 > 239.0.0.1.6000: UDP, length 1326 +# 5 packets captured +# 35 packets received by filter +# 0 packets dropped by kernel + +{ + config, + lib, + pkgs, + ... +}: + +# ${pkgs.ffmpeg}/bin/ffmpeg \ +# ${home.packages.ffmpeg-full}/bin/ffmpeg \ +# ffmpeg -f lavfi -i "sine=frequency=1000:duration=10" -c:a aac -b:a 128k /home/das/test_audio.aac +let + ffmpegCmd = + + '' + ${pkgs.ffmpeg-full}/bin/ffmpeg -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + -f lavfi -i "sine=frequency=1000" \ + -c:v libx264 -b:v 10000k -preset ultrafast -r 25 \ + -x264-params "nal-hrd=cbr:force-cfr=1:aud=1:intra-refresh=1" \ + -tune zerolatency \ + -bsf:v h264_mp4toannexb \ + -c:a aac -b:a 128k -ac 2 \ + -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + -f rtp_mpegts "rtp://239.0.0.1:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + ''; + # Ensures SPS/PPS is sent in every keyframe (prevents decoder from losing parameter sets). + # Forces constant frame rate (force-cfr=1), improving stream stability. + + # '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + # -f lavfi -i "sine=frequency=1000" \ + # -c:v libx264 -b:v 10000k -preset ultrafast -r 25 \ + # -c:a aac -b:a 128k -ac 2 \ + # -x264opts "keyint=50:min-keyint=50:no-scenecut" \ + # -bsf:v h264_mp4toannexb \ + # -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + # -f rtp_mpegts "rtp://239.0.0.1:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + # ''; + #-x264opts "keyint=50:min-keyint=50:no-scenecut" ensures regular keyframes. + #-bsf:v h264_mp4toannexb converts H.264 to Annex B format, which is better for streaming. + + # '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + # -f lavfi -i "sine=frequency=1000" \ + # -c:v libx264 -b:v 10000k -preset ultrafast -r 25 \ + # -c:a aac -b:a 128k -ac 2 \ + # -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + # -f rtp_mpegts \ + # "rtp://239.0.0.1:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + # ''; + + # '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ + # -re -i /home/das/test_audio/test_audio.aac \ + # -c:v libx264 -b:v 10240k -maxrate:v 10000k -bufsize:v 10240k -preset ultrafast -r 25 -g 50 -pix_fmt yuv420p -flags2 local_header \ + # -c:a aac -b:a 128k -ac 2 \ + # -max_delay 500000 -bufsize 2000000 -fflags +genpts \ + # -f rtp_mpegts \ + # "rtp://239.0.0.1:6000?ttl=4&pkt_size=1326&localaddr=172.16.40.142" + # ''; + # '' + # ${pkgs.ffmpeg}/bin/ffmpeg \ + # -f lavfi \ + # -re \ + # -i testsrc2=rate=30:size=1920x1080 \ + # -codec:v libx264 \ + # -b:v 10240k \ + # -maxrate:v 10000k \ + # -bufsize:v 10240k \ + # -preset ultrafast \ + # -r 25 \ + # -g 50 \ + # -pix_fmt yuv420p \ + # -flags2 local_header \ + # -f mpegts \ + # -transtype live \ + # "rtp://239.0.0.1:6000?ttl=4&pkt_size=1326&localddr=172.16.40.142" + # ''; +in +{ + systemd.user.services.ffmpeg-stream = { + + Unit = { + description = "FFmpeg Multicast Service"; + }; + + Service = { + ExecStart = "${ffmpegCmd}"; + Restart = "always"; + RestartSec = 2; + StandardOutput = "journal"; + StandardError = "journal"; + + ### πŸ” Security Hardening Options ### + NoNewPrivileges = true; # Prevents privilege escalation + PrivateTmp = true; # Isolates service temporary files + ProtectSystem = "strict"; # Restricts access to system files + ProtectHome = "read-only"; # Readonly access to home directory + #ProtectHome = "yes"; # Blocks access to home directory + ProtectKernelModules = true; # Blocks module loading + ProtectKernelLogs = true; # Prevents access to kernel logs + ProtectControlGroups = true; # Restricts cgroup modifications + MemoryDenyWriteExecute = true; # Prevents memory exploits + RestrictRealtime = true; # Blocks real-time priority settings + RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # Restricts network access + SystemCallFilter = [ "~@mount" "~@privileged" "~@resources" ]; # Blocks dangerous system calls + LockPersonality = true; # Prevents personality changes (defense against exploits) + ReadOnlyPaths = "/etc /usr /home/das/test_audio/"; # Makes important paths read-only + #wReadWritePaths = "/var/www/html"; # Only allow writing in this directory + ProtectClock = true; # Blocks modification of system clock + }; + + Install = { + after = [ "network.target" ]; + WantedBy = [ "default.target" ]; + }; + }; +} diff --git a/hp/hp1/flake.nix b/hp/hp1/flake.nix index 87395ff..4ff9a24 100644 --- a/hp/hp1/flake.nix +++ b/hp/hp1/flake.nix @@ -1,8 +1,10 @@ { description = "HP1 Flake"; + # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager home-manager = { url = "github:nix-community/home-manager/release-24.11"; diff --git a/hp/hp1/home.nix b/hp/hp1/home.nix index e123cda..707af40 100644 --- a/hp/hp1/home.nix +++ b/hp/hp1/home.nix @@ -7,6 +7,10 @@ home.username = "das"; home.homeDirectory = "/home/das"; + imports = [ + ./ffmpeg_systemd_service.nix + ]; + # https://nix-community.github.io/home-manager/index.xhtml#ch-installation #home-manager.users.das = { pkgs, ... }: { @@ -100,7 +104,7 @@ graphviz # #ffmpeg - ffmpeg-full + #ffmpeg-full ]; programs.bash = { @@ -134,7 +138,7 @@ nixpkgs.config.allowUnfree = true; - home.stateVersion = "24.05"; programs.home-manager.enable = true; + home.stateVersion = "24.11"; #}; } diff --git a/hp/hp1/not.ffmpeg_service.nix.not b/hp/hp1/not.ffmpeg_service.nix.not new file mode 100644 index 0000000..4ffa54c --- /dev/null +++ b/hp/hp1/not.ffmpeg_service.nix.not @@ -0,0 +1,31 @@ +{ + config, + pkgs, + ... +}: +{ + systemd.user.services.onedrive-UMFC = { + Unit = { + Description = "start ffmpeg"; + }; + Service = { + ProtectSystem = "full"; + ProtectHostname = true; + ProtectKernelTunables = true; + ProtectControlGroups = true; + RestrictRealtime = true; + Group = "users"; + ExecStartPre = "${pkgs.coreutils}/bin/sleep 15"; + ExecStart= "${pkgs.ffmpeg}/bin/onedrive --monitor --confdir=/home/kazimierzkrauze/.config/onedrive/onedrive-UMFC"; + Restart = "on-failure"; + RestartSec = 3; + # Do not restart the service if a --resync is required which is done via a 126 exit code + RestartPreventExitStatus = 126; + # Time to wait for the service to stop gracefully before forcefully terminating it + TimeoutStopSec = 90; + }; + Install = { + WantedBy = [ "default.target" ]; + }; + }; +}; \ No newline at end of file diff --git a/hp/hp1/systemPackages.nix b/hp/hp1/systemPackages.nix index 99c5975..5931d2e 100644 --- a/hp/hp1/systemPackages.nix +++ b/hp/hp1/systemPackages.nix @@ -25,5 +25,8 @@ #snmp seems to be needed by lldpd net-snmp neofetch + # + ffmpeg-full + radeontop # GPU monitoring tool ]; } diff --git a/hp/hp5/Makefile b/hp/hp5/Makefile index 050ca2a..39f50cb 100644 --- a/hp/hp5/Makefile +++ b/hp/hp5/Makefile @@ -20,9 +20,19 @@ rebuild: #sudo cp ./*.nix /etc/nixos/ #sudo nix-channel --update #sudo nixos-rebuild switch - sudo nix flake update; #sudo nix-channel --update; sudo nixos-rebuild switch --flake . + sudo systemctl daemon-reexec + sudo systemctl restart create-stream-sdp.service + sudo systemctl restart create-stream-m3u8.service + sudo systemctl restart ffmpeg-hls + + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . + +update: + sudo nix flake update; sync: rsync -av /home/das/nixos/hp/hp5/ hp5:/home/das/nixos/hp/hp5/ diff --git a/hp/hp5/configuration.nix b/hp/hp5/configuration.nix index afca9a1..a4606db 100644 --- a/hp/hp5/configuration.nix +++ b/hp/hp5/configuration.nix @@ -43,6 +43,9 @@ ./k3s_node.nix ./systemd.services.ethtool-enp3s0f0.nix ./systemd.services.ethtool-enp3s0f1.nix + #./hls_tmpfs.nix + ./nginx.nix + ./ffmpeg-hls-service.nix ]; # Bootloader. @@ -123,14 +126,17 @@ # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix hardware.nvidia = { + open = false; # https://github.com/NixOS/nixpkgs/pull/326369 hits stable modesetting.enable = true; powerManagement = { enable = true; }; nvidiaSettings = true; + package = pkgs.linuxPackages.nvidia_x11; }; + services.xserver.videoDrivers = [ "nvidia" ]; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; @@ -138,13 +144,19 @@ TERM = "xterm-256color"; #MY_VARIABLE = "my-value"; #ANOTHER_VARIABLE = "another-value"; + #CUDA_PATH = "${pkgs.cudatoolkit}"; + CUDA_PATH = "${pkgs.linuxPackages.nvidia_x11}/lib"; + # export LD_LIBRARY_PATH=${pkgs.linuxPackages.nvidia_x11}/lib + EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; + EXTRA_CCFLAGS = "-I/usr/include"; + LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; }; # Define a user account. Don't forget to set a password with β€˜passwd’. users.users.das = { isNormalUser = true; description = "das"; - extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" ]; + extraGroups = [ "wheel" "libvirtd" "docker" "kubernetes" "video" "nginx" ]; packages = with pkgs; [ ]; # https://nixos.wiki/wiki/SSH_public_key_authentication diff --git a/hp/hp5/ffmpeg-hls-service.nix b/hp/hp5/ffmpeg-hls-service.nix new file mode 100644 index 0000000..9c2f646 --- /dev/null +++ b/hp/hp5/ffmpeg-hls-service.nix @@ -0,0 +1,202 @@ +# +# sudo systemctl start ffmpeg-hls +# sudo systemctl enable ffmpeg-hls +# journalctl -u ffmpeg-hls -f +# + +{ config, lib, pkgs, ... }: + +let + + streamManifest = pkgs.writeText "stream.m3u8" + '' + #EXTM3U + #EXT-X-STREAM-INF:BANDWIDTH=1000000,RESOLUTION=640x360 + stream_1.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=5000000,RESOLUTION=1280x720 + stream_5.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=10000000,RESOLUTION=1920x1080 + stream_10.m3u8 + ''; + + sdpFile = pkgs.writeText "stream.sdp" + '' + v=0 + o=- 0 0 IN IP4 239.0.0.1 + s=MPEG-TS Over RTP Stream + c=IN IP4 239.0.0.1 + t=0 0 + a=recvonly + m=video 6000 RTP/AVP 33 + a=rtpmap:33 MP2T/90000 + ''; + + # sdpFile = pkgs.writeText "stream.sdp" + # '' + # v=0 + # o=- 0 0 IN IP4 239.0.0.1 + # s=RTP Stream + # c=IN IP4 239.0.0.1 + # t=0 0 + # m=video 6000 RTP/AVP 96 + # a=rtpmap:96 H264/90000 + # a=fmtp:96 packetization-mode=1; profile-level-id=42E01F; sprop-parameter-sets=Z0IAH5WoFAFuQA==,aM48gA== + # m=audio 6002 RTP/AVP 97 + # a=rtpmap:97 MP4A-LATM/44100/2 + # ''; + + # '' + # v=0 + # o=- 0 0 IN IP4 239.0.0.1 + # s=RTP Stream + # c=IN IP4 239.0.0.1 + # t=0 0 + # m=video 6000 RTP/AVP 96 + # a=rtpmap:96 H264/90000 + # m=audio 6002 RTP/AVP 97 + # a=rtpmap:97 MP4A-LATM/44100/2 + # ''; + + # '' + # v=0 + # o=- 0 0 IN IP4 172.16.40.142 + # s=MPEG-TS Over RTP Stream + # c=IN IP4 239.0.0.1/32 + # t=0 0 + # a=recvonly + # m=video 6000 RTP/AVP 33 + # a=rtpmap:33 MP2T/90000 + # ''; + + ffmpegCmd = '' + ${pkgs.ffmpeg-full}/bin/ffmpeg \ + -hwaccel cuda -hwaccel_output_format cuda \ + -protocol_whitelist "file,udp,rtp" \ + -analyzeduration 200000000 \ + -probesize 150M \ + -fflags +genpts -max_delay 5000000 \ + -f mpegts \ + -i /hls/stream.sdp \ + -filter_complex "[0:v]hwupload_cuda,split=3[v10_in][v5_in][v1_in]; \ + [v10_in]scale_cuda=w=1920:h=1080,hwdownload,format=yuv420p[v10_scaled]; \ + [v5_in]scale_cuda=w=1280:h=720,hwdownload,format=yuv420p[v5_scaled]; \ + [v1_in]scale_cuda=w=640:h=360,hwdownload,format=yuv420p[v1_scaled]" \ + -map "[v10_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_10Mbps/stream_10.m3u8" \ + -map "[v5_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_5Mbps/stream_5.m3u8" \ + -map "[v1_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_1Mbps/stream_1.m3u8" + ''; + # -i "rtp://239.0.0.1:6000" \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]split=3[v10][v5][v1]; \ + # [v10]scale_cuda=1920:1080[v10_scaled]; \ + # [v5]scale_cuda=1280:720[v5_scaled]; \ + # [v1]scale_cuda=640:360[v1_scaled]" \ + +in +{ + # fileSystems."/hls" = { + # device = "tmpfs"; + # fsType = "tmpfs"; + # options = [ "size=1G" "mode=0770" "uid=nginx" "gid=nginx" "noatime" ]; + # }; + systemd.mounts = [ + { + what = "tmpfs"; + where = "/hls"; + type = "tmpfs"; + options = "size=1G,mode=0770,uid=nginx,gid=nginx,noatime"; + } + ]; + + systemd.tmpfiles.rules = [ + "d /hls 0770 nginx nginx -" + "d /hls/hls_10Mbps 0770 nginx nginx -" + "d /hls/hls_5Mbps 0770 nginx nginx -" + "d /hls/hls_1Mbps 0770 nginx nginx -" + ]; + + # sudo systemctl restart create-stream-sdp.service + systemd.services.create-stream-sdp = { + description = "Generate RTP stream SDP file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${sdpFile} /hls/stream.sdp"; + }; + }; + + # sudo systemctl restart create-stream-m3u8.service + systemd.services.create-stream-m3u8 = { + description = "Generate stream.m3u8 file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${streamManifest} /hls/stream.m3u8"; + }; + }; + + # cat /etc/systemd/system/ffmpeg-hls.service + # sudo systemctl restart ffmpeg-hls.service + # sudo systemctl status ffmpeg-hls.service + # sudo journalctl -u ffmpeg-hls -f + systemd.services.ffmpeg-hls = { + description = "FFmpeg RTP to HLS Streaming Service"; + after = [ "network.target" "create-stream-sdp.service" "create-stream-m3u8.service" "nginx.service" ]; + #after = [ "network.target" "nginx.service" ]; + #requires = [ "create-hls-tmpfs.service" ]; + requires = [ "create-stream-sdp.service" "create-stream-m3u8.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + WorkingDirectory = "/hls"; + RuntimeDirectory = "/hls"; + ExecStart = ffmpegCmd; + Restart = "always"; + RestartSec = 10; + #ExecStartPre = "/bin/sleep 5"; # this is wrong. needs path to the nix package. + User = "nginx"; + Group = "nginx"; + StandardOutput = "journal"; + StandardError = "journal"; + LimitNOFILE = 1048576; + + Environment = [ + "CUDA_PATH=${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_LDFLAGS=-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_CCFLAGS=-I/usr/include" + "LD_LIBRARY_PATH=/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib" + "NVIDIA_DRIVER_CAPABILITIES=all" + "CUDA_VISIBLE_DEVICES=0" + ##"FFMPEG_OUTPUT_DIR=/hls" + ]; + + SupplementaryGroups = [ "video" "render" ]; + DeviceAllow = [ "/dev/nvidia0 rw" "/dev/nvidiactl rw" "/dev/nvidia-uvm rw" "/dev/dri/card0 rw" ]; + UMask = "0002"; + + NoNewPrivileges = false; + ProtectSystem = "full"; + ProtectKernelModules = false; + MemoryDenyWriteExecute = false; + + }; + }; +} diff --git a/hp/hp5/hls_tmpfs.nix b/hp/hp5/hls_tmpfs.nix new file mode 100644 index 0000000..a342ae0 --- /dev/null +++ b/hp/hp5/hls_tmpfs.nix @@ -0,0 +1,9 @@ +{ config, pkgs, ... }: + +{ + fileSystems."/hls" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "defaults" "size=1G" "mode=1777" "noatime" ]; + }; +} \ No newline at end of file diff --git a/hp/hp5/home.nix b/hp/hp5/home.nix index bcd4d5a..3ea5024 100644 --- a/hp/hp5/home.nix +++ b/hp/hp5/home.nix @@ -99,7 +99,7 @@ # for pprof graphviz # - ffmpeg + #ffmpeg #ffmpeg-full ]; diff --git a/hp/hp5/nginx.nix b/hp/hp5/nginx.nix new file mode 100644 index 0000000..29c0182 --- /dev/null +++ b/hp/hp5/nginx.nix @@ -0,0 +1,47 @@ +{ config, pkgs, ... }: + +{ + services.nginx = { + enable = true; + + recommendedGzipSettings = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts."localhost" = { + root = "/home/das/hls"; + locations."/" = { + index = "index.html"; + extraConfig = '' + types { + application/vnd.apple.mpegurl m3u8; + video/mp2t ts; + } + + # Allow CORS (for external players) + add_header Access-Control-Allow-Origin *; + add_header Access-Control-Allow-Methods 'GET, OPTIONS'; + add_header Access-Control-Allow-Headers 'Range'; + add_header Access-Control-Expose-Headers 'Content-Length,Content-Range'; + add_header Access-Control-Max-Age 345600 always; # 4 days (345600 seconds) + + # Cache settings for HLS playlists + location ~* \.m3u8$ { + expires 30s; + add_header Cache-Control "public, max-age=30, stale-while-revalidate=60, stale-if-error=600"; + } + + # Cache settings for HLS segments (TS files) + location ~* \.ts$ { + expires 24h; + add_header Cache-Control "public, max-age=86400, stale-while-revalidate=3600, stale-if-error=86400"; + } + ''; + }; + }; + }; + + systemd.services.nginx.serviceConfig = { + LimitNOFILE = 100000; # Increase file descriptor limit for better performance + }; +} \ No newline at end of file diff --git a/hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix b/hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix new file mode 100644 index 0000000..c7bdafe --- /dev/null +++ b/hp/hp5/ok_2025_02_03.ffmpeg-hls-service.nix @@ -0,0 +1,236 @@ +# +# sudo systemctl start ffmpeg-hls +# sudo systemctl enable ffmpeg-hls +# journalctl -u ffmpeg-hls -f +# + +{ config, lib, pkgs, ... }: + +let + + streamManifest = pkgs.writeText "stream.m3u8" + '' + #EXTM3U + #EXT-X-STREAM-INF:BANDWIDTH=1000000,RESOLUTION=640x360 + stream_1.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=5000000,RESOLUTION=1280x720 + stream_5.m3u8 + #EXT-X-STREAM-INF:BANDWIDTH=10000000,RESOLUTION=1920x1080 + stream_10.m3u8 + ''; + + sdpFile = pkgs.writeText "stream.sdp" + '' + v=0 + o=- 0 0 IN IP4 172.16.40.142 + s=MPEG-TS Over RTP Stream + c=IN IP4 239.0.0.1/32 + t=0 0 + a=recvonly + m=video 6000 RTP/AVP 33 + a=rtpmap:33 MP2T/90000 + ''; + + # sdpContent = '' + # v=0 + # o=- 0 0 IN IP4 172.16.40.142 + # s=MPEG-TS Over RTP Stream + # c=IN IP4 239.0.0.1/32 + # t=0 0 + # a=recvonly + # m=video 6000 RTP/AVP 33 + # a=rtpmap:33 MP2T/90000 + # ''; + + ffmpegCmd = '' + ${pkgs.ffmpeg-full}/bin/ffmpeg \ + -hwaccel cuda -hwaccel_output_format cuda \ + -protocol_whitelist "file,udp,rtp" \ + -analyzeduration 100000000 -probesize 500M -fflags +genpts -max_delay 5000000 \ + -i /hls/stream.sdp \ + -filter_complex "[0:v]split=3[v10][v5][v1]; \ + [v10]scale_cuda=1920:1080[v10_scaled]; \ + [v5]scale_cuda=1280:720[v5_scaled]; \ + [v1]scale_cuda=640:360[v1_scaled]" \ + -map "[v10_scaled]" -map a:0 -c:v h264_nvenc -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_10Mbps/stream_10.m3u8" \ + -map "[v5_scaled]" -map a:0 -c:v h264_nvenc -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_5Mbps/stream_5.m3u8" \ + -map "[v1_scaled]" -map a:0 -c:v h264_nvenc -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_1Mbps/stream_1.m3u8" + ''; + + # ffmpegCmd = '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -protocol_whitelist "file,udp,rtp" \ + # -analyzeduration 100000000 -probesize 500M -fflags +genpts -max_delay 5000000 \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]split=3[v10][v5][v1]; \ + # [v10]scale=1920:1080[v10_scaled]; \ + # [v5]scale=1280:720[v5_scaled]; \ + # [v1]scale=640:360[v1_scaled]" \ + # -map "[v10_scaled]" -map a:0 -c:v h264_nvenc -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_10Mbps/stream_10.m3u8" \ + # -map "[v5_scaled]" -map a:0 -c:v h264_nvenc -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_5Mbps/stream_5.m3u8" \ + # -map "[v1_scaled]" -map a:0 -c:v h264_nvenc -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_1Mbps/stream_1.m3u8" + # ''; + + # ffmpegCmd = '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -protocol_whitelist "file,udp,rtp" \ + # -analyzeduration 100000000 -probesize 500M -fflags +genpts -max_delay 5000000 \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]split=3[v10][v5][v1]; \ + # [v10]scale=1920:1080[v10_scaled]; \ + # [v5]scale=1280:720[v5_scaled]; \ + # [v1]scale=640:360[v1_scaled]" \ + # -map "[v10_scaled]" -map a:0 -c:v h264_nvenc -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -hls_segment_filename "$FFMPEG_OUTPUT_DIR/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" -strftime 1 \ + # "$FFMPEG_OUTPUT_DIR/hls_10Mbps/stream_10.m3u8" \ + # -map "[v5_scaled]" -map a:0 -c:v h264_nvenc -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -hls_segment_filename "$FFMPEG_OUTPUT_DIR/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" -strftime 1 \ + # "$FFMPEG_OUTPUT_DIR/hls_5Mbps/stream_5.m3u8" \ + # -map "[v1_scaled]" -map a:0 -c:v h264_nvenc -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -hls_segment_filename "$FFMPEG_OUTPUT_DIR/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" -strftime 1 \ + # "$FFMPEG_OUTPUT_DIR/hls_1Mbps/stream_1.m3u8" + # ''; + # -hls_segment_filename \"/hls/hls_1Mbps/%Y%m%d%H/stream-%Y%m%d%H%M%S.ts\" -strftime 1 -strftime_mkdir 1 /hls/hls_1Mbps/stream_1.m3u8 + +in +{ + fileSystems."/hls" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "size=1G" "mode=0770" "uid=nginx" "gid=nginx" "noatime" ]; + }; + # systemd.tmpfiles.rules = [ + # "d /hls 0770 nginx nginx -" + # "v /hls - tmpfs rw,nosuid,nodev,noexec,noatime,size=1G,mode=0770,uid=nginx,gid=nginx" + # ]; + # systemd.services.create-hls-tmpfs = { + # description = "Ensure /hls tmpfs is mounted"; + # wantedBy = [ "multi-user.target" ]; + # after = [ "network.target" ]; + # serviceConfig = { + # Type = "oneshot"; + # ExecStart = "/run/current-system/sw/bin/mkdir -p /hls"; + # ExecStartPost = "/run/current-system/sw/bin/mount -o size=1G,mode=0770,uid=nginx,gid=nginx,noatime -t tmpfs tmpfs /hls"; + # RemainAfterExit = true; + # }; + # }; + + # sudo systemctl restart create-stream-sdp.service + systemd.services.create-stream-sdp = { + description = "Generate RTP stream SDP file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${sdpFile} /hls/stream.sdp"; + }; + }; + + # sudo systemctl restart create-stream-m3u8.service + systemd.services.create-stream-m3u8 = { + description = "Generate stream.m3u8 file in /hls"; + after = [ "local-fs.target" ]; + wantedBy = [ "nginx.service" ]; + + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${pkgs.coreutils}/bin/install -m 644 -o nginx -g nginx ${streamManifest} /hls/stream.m3u8"; + }; + }; + + # sudo systemctl restart ffmpeg-hls.service + # sudo systemctl status ffmpeg-hls.service + # sudo journalctl -u ffmpeg-hls -f + systemd.services.ffmpeg-hls = { + description = "FFmpeg RTP to HLS Streaming Service"; + after = [ "network.target" "nginx.service" "create-hls-tmpfs.service" ]; + #after = [ "network.target" "nginx.service" ]; + #requires = [ "create-hls-tmpfs.service" ]; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + WorkingDirectory = "/hls"; + RuntimeDirectory = "/hls"; + ExecStart = ffmpegCmd; + Restart = "always"; + RestartSec = 2; + User = "nginx"; + Group = "nginx"; + StandardOutput = "journal"; + StandardError = "journal"; + LimitNOFILE = 1048576; # Increase file descriptor limits for high concurrency + + Environment = [ + "CUDA_PATH=${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_LDFLAGS=-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib" + "EXTRA_CCFLAGS=-I/usr/include" + "LD_LIBRARY_PATH=/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib" + "NVIDIA_DRIVER_CAPABILITIES=all" + "CUDA_VISIBLE_DEVICES=0" # Ensure it sees the first GPU + "FFMPEG_OUTPUT_DIR=/hls" + ]; + + # GPU Access + SupplementaryGroups = [ "video" "render" ]; # Ensures FFmpeg can access GPU + DeviceAllow = [ "/dev/nvidia0 rw" "/dev/nvidiactl rw" "/dev/nvidia-uvm rw" "/dev/dri/card0 rw" ]; + UMask = "0002"; + + NoNewPrivileges = false; + ProtectSystem = "full"; + ProtectKernelModules = false; + MemoryDenyWriteExecute = false; + #RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # Allow IPv4 and IPv6 + #IPAddressAllow = "239.0.0.1"; # Allow access to the multicast address + + # ### πŸ”’ Security Hardening + # NoNewPrivileges = true; + # PrivateTmp = true; + # ProtectSystem = "full"; + # #ProtectSystem = "strict"; + # ProtectHome = "yes"; + # ProtectKernelModules = false; + # #ProtectKernelModules = true; + # ProtectKernelLogs = true; + # ProtectControlGroups = true; + # # stops errors like "CUDA_ERROR_OPERATING_SYSTEM: OS call failed or operation not supported on this OS" + # MemoryDenyWriteExecute = false; + # #MemoryDenyWriteExecute = true; + # RestrictRealtime = true; + # RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # or do "~AF_INET"; + # SystemCallFilter = [ "~@mount" "~@privileged" "~@resources" ]; + # LockPersonality = true; + # ReadOnlyPaths = "/etc /usr /var"; + # ProtectClock = true; + }; + }; +} diff --git a/hp/hp5/systemPackages.nix b/hp/hp5/systemPackages.nix index a641520..5bf2d44 100644 --- a/hp/hp5/systemPackages.nix +++ b/hp/hp5/systemPackages.nix @@ -33,6 +33,13 @@ vdpauinfo # sudo vainfo libva-utils # sudo vainfo # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - nvidia-vaapi-driver + # + ffmpeg-full + # + # https://nixos.wiki/wiki/CUDA + cudatoolkit + linuxPackages.nvidia_x11 + libGLU + libGL ]; } \ No newline at end of file diff --git a/laptops/t/Makefile b/laptops/t/Makefile index 7fb68d3..4787975 100644 --- a/laptops/t/Makefile +++ b/laptops/t/Makefile @@ -18,6 +18,9 @@ endif rebuild: sudo nixos-rebuild switch --flake . +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . + update: sudo nix flake update; diff --git a/laptops/t/configuration.nix b/laptops/t/configuration.nix index 19a85fe..2ac70c9 100644 --- a/laptops/t/configuration.nix +++ b/laptops/t/configuration.nix @@ -21,19 +21,14 @@ { # https://nixos.wiki/wiki/NixOS_modules + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager + # imports = - [ # Include the results of the hardware scan. + [ ./hardware-configuration.nix - # sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz home-manager - # sudo nix-channel --update - # tutorial - # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager - # - # + ./hardware-graphics.nix ./sysctl.nix ./wireless_desktop.nix - # sound removed for 24.11 - #./sound.nix ./locale.nix ./hosts.nix ./firewall.nix @@ -50,34 +45,32 @@ #./smokeping.nix ]; - # Bootloader. boot = { loader.systemd-boot = { enable = true; - consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. + consoleMode = "max"; memtest86.enable = true; }; loader.efi.canTouchEfiVariables = true; # https://nixos.wiki/wiki/Linux_kernel - kernelPackages = pkgs.linuxPackages; + kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( #boot.kernelPackages = pkgs.linuxPackages_latest; #boot.kernelPackages = pkgs.linuxPackages_rpi4 - #boot.kernelParams # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 kernelParams = [ #"nvidia-drm.modeset=1" #"nvidia-drm.fbdev=1" # https://www.reddit.com/r/NixOS/comments/u5l3ya/cant_start_x_in_nixos/?rdt=56160 - "nomodeset" + #"nomodeset" ]; blacklistedKernelModules = [ "nouveau" - "i915" + #"i915" ]; # https://wiki.nixos.org/wiki/NixOS_on_ARM/Building_Images#Compiling_through_binfmt_QEMU @@ -93,18 +86,18 @@ #extraModprobeConfig = "options kvm_intel nested=1"; # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config_working-nix-L19 extraModprobeConfig = - #"options nvidia " + "options nvidia " "" + lib.concatStringsSep " " [ # nvidia assume that by default your CPU does not support PAT, # but this is effectively never the case in 2023 - #"NVreg_UsePageAttributeTable=1" + "NVreg_UsePageAttributeTable=1" # This is sometimes needed for ddc/ci support, see # https://www.ddcutil.com/nvidia/ # # Current monitor does not support it, but this is useful for # the future - #"NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" + "NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" "options kvm_intel nested=1" # # https://nixos.wiki/wiki/OBS_Studio '' @@ -135,113 +128,8 @@ time.timeZone = "America/Los_Angeles"; - # Nouveau is enabled by default whenever graphics are enabled - # This name will change to hardware.opengl.enable, with 24.11 - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - nvidia-vaapi-driver - vaapiVdpau - libvdpau - libvdpau-va-gl - vdpauinfo - libva - libva-utils - # https://wiki.nixos.org/wiki/Intel_Graphics - #vpl-gpu-rt - ]; - }; - - # TODO try displaylink - # https://nixos.wiki/wiki/Displaylink - # nix-prefetch-url --name displaylink-600.zip https://www.synaptics.com/sites/default/files/exe_files/2024-05/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.0-EXE.zip - #services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; - - # https://wiki.nixos.org/w/index.php?title=NVIDIA - # https://nixos.wiki/wiki/Nvidia - # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix - # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix - hardware.nvidia = { - - # This will no longer be necessary when - # https://github.com/NixOS/nixpkgs/pull/326369 hits stable - #modesetting.enable = true; - modesetting.enable = lib.mkDefault true; - - # prime = { - # # ([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?' - # # 00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) - # intelBusId = "PCI:0:2:0"; - # # 01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) - # nvidiaBusId = "PCI:1:0:0"; - # sync.enable = true; - # #offload = { - # # enable = true; - # # #sync.enable = true; - # # enableOffloadCmd = true; - # #}; - # }; - - # Nvidia power management. Experimental, and can cause sleep/suspend to fail. - # Enable this if you have graphical corruption issues or application crashes after waking - # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead - # of just the bare essentials. - powerManagement = { - enable = true; - #enable = false; - # Fine-grained power management. Turns off GPU when not in use. - # Experimental and only works on modern Nvidia GPUs (Turing or newer). - #finegrained = true; - #finegrained = false; - }; - - # Use the NVidia open source kernel module (not to be confused with the - # independent third-party "nouveau" open source driver). - # Support is limited to the Turing and later architectures. Full list of - # supported GPUs is at: - # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus - # Only available from driver 515.43.04+ - # Currently alpha-quality/buggy, so false is currently the recommended setting. - # prioritry drivers don't compile on 6.10.3 - # Set to false for proprietary drivers -> https://download.nvidia.com/XFree86/Linux-x86_64/565.77/README/kernel_open.html - open = true; - - # Enable the Nvidia settings menu, - # accessible via `nvidia-settings`. - #nvidiaSettings = false; - nvidiaSettings = true; - - # Optionally, you may need to select the appropriate driver version for your specific GPU. - #package = config.boot.kernelPackages.nvidiaPackages.stable; - #package = config.boot.kernelPackages.nvidiaPackages.stable; - #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this - #package = config.boot.kernelPackages.nvidiaPackages.production; - # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version - }; - - services.xserver = { - enable = true; - - videoDrivers = [ "nvidia" ]; - - # Display Managers are responsible for handling user login - displayManager = { - gdm.enable = true; - }; - - # Enable the GNOME Desktop Environment. - desktopManager = { - gnome.enable = true; - plasma5.enable = false; - xterm.enable = false; - }; - # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 - - # Configure keymap in X11 - xkb.layout = "us"; - xkb.variant = ""; - }; + services.udev.packages = [ pkgs.gnome-settings-daemon ]; + # services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; # https://nixos.wiki/wiki/NixOS_Wiki:Audio hardware.pulseaudio.enable = false; # Use Pipewire, the modern sound subsystem @@ -257,35 +145,10 @@ # jack.enable = true; }; - # https://theo.is-a.dev/blog/post/hyprland-adventure/ - #[das@t:~]$ lshw -c video | grep config - #WARNING: you should run this program as super-user. - # configuration: depth=32 driver=nouveau latency=0 resolution=3840,2160 - # configuration: depth=32 driver=i915 latency=0 resolution=3840,2160 - # - #[das@t:~]$ lspci -nnk | egrep -i --color 'vga|3d|2d' -A3 | grep 'in use' - #Kernel driver in use: i915 - #Kernel driver in use: nouveau - # - #[das@t:~]$ lspci -nnk | grep -i vga -A2 - #00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) - #Subsystem: Lenovo Device [17aa:22c0] - #Kernel driver in use: i915 - #-- - #01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) - #Subsystem: Lenovo Device [17aa:22c0] - #Kernel driver in use: nouveau - # - # hwinfo --gfxcard - services.lldpd.enable = true; - services.openssh.enable = true; - services.timesyncd.enable = true; - services.fstrim.enable = true; - services.avahi = { enable = true; nssmdns4 = true; @@ -294,38 +157,17 @@ openFirewall = true; }; - services.udev.packages = [ pkgs.gnome-settings-daemon ]; - # services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; - services.bpftune.enable = true; - - systemd.services.modem-manager.enable = false; - systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; # https://nixos.wiki/wiki/Printing services.printing.enable = true; + systemd.services.modem-manager.enable = false; + systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/12?u=randomizedcoder - # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config-nix-L193 - environment.variables = { - MOZ_DISABLE_RDD_SANDBOX = "1"; - LIBVA_DRIVER_NAME = "nvidia"; - GBM_BACKEND = "nvidia-drm"; - __GLX_VENDOR_LIBRARY_NAME = "nvidia"; - NVD_BACKEND = "direct"; - EGL_PLATFORM = "wayland"; - # prevents cursor disappear when using Nvidia drivers - WLR_NO_HARDWARE_CURSORS = "1"; - - MOZ_ENABLE_WAYLAND = "1"; - XDG_SESSION_TYPE = "wayland"; - NIXOS_OZONE_WL = "1"; - }; - + # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { TERM = "xterm-256color"; #MY_VARIABLE = "my-value"; @@ -345,48 +187,14 @@ ]; }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - vim - curl - wget - tcpdump - iproute2 - nftables - iptables - pciutils - usbutils - pciutils - virt-manager - cudatoolkit - pkgs.gnomeExtensions.appindicator - # #nvidia - # vdpauinfo # sudo vainfo - # libva-utils # sudo vainfo - # # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - # nvidia-vaapi-driver - # libvdpau - # libvdpau-va-gl - # vdpauinfo - # libva - # libva-utils - vdpauinfo # sudo vainfo - libva-utils # sudo vainfo - ]; + + # package moved to systemPackages.nix + # environment.systemPackages = with pkgs; [ + # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; programs.gnupg.agent = { enable = true; @@ -408,7 +216,6 @@ # nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; # #programs.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; -#dD # programs.firefox.enable = true; # # # https://github.com/TLATER/dotfiles/blob/master/nixos-modules/nvidia/default.nix # programs.firefox.preferences = { @@ -433,7 +240,7 @@ # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). #system.stateVersion = "23.11"; - system.stateVersion = "24.05"; + system.stateVersion = "24.11"; virtualisation.containers = { ociSeccompBpfHook.enable = true; diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index f6b2d47..4bdecc7 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1738183445, - "narHash": "sha256-C1He3N1SA8D2u+TSlldbA9wiYwDvXI4GxX3zKaeD7qU=", + "lastModified": 1738456976, + "narHash": "sha256-cufyHbOMnSt9V4w4OVSzNcpJ+8DwzRZRJaca2Q89KVI=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "48a000cf35dd10bfeb231152735aebbe875f4b74", + "rev": "257b2050790ab3b1eb389e0f8bdc400eb9510139", "type": "github" }, "original": { @@ -137,11 +137,11 @@ ] }, "locked": { - "lastModified": 1738018829, - "narHash": "sha256-5Ol5iahMlELx3lWuChyZsqqLk6sP6aqaJCJFw92OZGo=", + "lastModified": 1738437059, + "narHash": "sha256-J+8ecqaP3zD9GHeN8Y4hUapoELSoggp0IZI8laTFt/0=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "12cd7034e441a5ebfdef1a090c0788413b4a635b", + "rev": "5ac80e3686a4dfa55d2bd15c81a266b89594a295", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1738273002, - "narHash": "sha256-R1CWBSEHZhykHo3/H3M4U7zLv1QaS87JCTHas38TNiU=", + "lastModified": 1738664288, + "narHash": "sha256-LWWJc5/ABxW3FPUWceM48mprAfcUDLpWix4EV2dEmbc=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "ef03f6911694413b1b06aba727ad9ab089a511f7", + "rev": "3b99e906df8b439d65e740301940e57efc057012", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1738193118, - "narHash": "sha256-Oix7MLyos1ED1TaHYIvm4heHrVpf8o1Xz3jcXm1/ke4=", + "lastModified": 1738612236, + "narHash": "sha256-IGp1AcZvYZ/R+AO0Znd+i+eQuEnQfkg/6AshoYPyUIg=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "ae38ea6ee4938c74012c12072358c17e41254bed", + "rev": "6d525bcfea005d399f4f603f6d9321f7281ddb6e", "type": "github" }, "original": { @@ -221,11 +221,11 @@ ] }, "locked": { - "lastModified": 1737556638, - "narHash": "sha256-laKgI3mr2qz6tas/q3tuGPxMdsGhBi/w+HO+hO2f1AY=", + "lastModified": 1738422629, + "narHash": "sha256-5v+bv75wJWvahyM2xcMTSNNxmV8a7hb01Eey5zYnBJw=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "4c75dd5c015c8a0e5a34c6d02a018a650f57feb5", + "rev": "755aef8dab49d0fc4663c715fa4ad221b2aedaed", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737885589, - "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", + "lastModified": 1738410390, + "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", + "rev": "3a228057f5b619feb3186e986dbe76278d707b6e", "type": "github" }, "original": { @@ -399,27 +399,27 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1738284172, - "narHash": "sha256-ixVjn/td+TUvsPyLAMZ/fbrwgdTXPZ7ZS4RBz9TUSK0=", + "lastModified": 1738452181, + "narHash": "sha256-xo3e+SFJfC69lqorgLc0DlRSFq2w59h4TTSGx1zbTrE=", "owner": "randomizedcoder", "repo": "nixpkgs", - "rev": "8f146535307f0168d758fe6fee6f52663cb11695", + "rev": "c9580e24eb621d72eda63355d7c8dbfb1654d333", "type": "github" }, "original": { "owner": "randomizedcoder", "repo": "nixpkgs", - "rev": "8f146535307f0168d758fe6fee6f52663cb11695", + "rev": "c9580e24eb621d72eda63355d7c8dbfb1654d333", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1738163270, - "narHash": "sha256-B/7Y1v4y+msFFBW1JAdFjNvVthvNdJKiN6EGRPnqfno=", + "lastModified": 1738574474, + "narHash": "sha256-rvyfF49e/k6vkrRTV4ILrWd92W+nmBDfRYZgctOyolQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "59e618d90c065f55ae48446f307e8c09565d5ab0", + "rev": "fecfeb86328381268e29e998ddd3ebc70bbd7f7c", "type": "github" }, "original": { diff --git a/laptops/t/flake.nix b/laptops/t/flake.nix index 4de5f59..5de5e76 100644 --- a/laptops/t/flake.nix +++ b/laptops/t/flake.nix @@ -4,10 +4,10 @@ # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + #nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # https://docs.github.com/en/rest/branches/branches?apiVersion=2022-11-28#get-a-branch - #nixpkgs.url = "github:nixos/nixpkgs/commit/c541a73ec2bc3574f78cdcfaf5230882b55c79a5.tar.gz"; - #nixpkgs.url = "github:randomizedcoder/nixpkgs/commit/8f146535307f0168d758fe6fee6f52663cb11695"; - nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#ipert2_2.2.1 + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#iperf2_2.2.1 + nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/c9580e24eb621d72eda63355d7c8dbfb1654d333"; # https://github.com/NixOS/nix/issues/12022 #nix flake lock --override-input nixpkgs /home/eelco/Dev/nixpkgs #nix flake lock --override-input nixpkgs "/home/das/Downloads/nixpkgs diff --git a/laptops/t/hardware-graphics.nix b/laptops/t/hardware-graphics.nix new file mode 100644 index 0000000..e25a255 --- /dev/null +++ b/laptops/t/hardware-graphics.nix @@ -0,0 +1,151 @@ +# +# nixos/laptops/t/hardware-graphics.nix +# +{ config, + pkgs, + ... +}: +{ + # hardware.opengl.enable = true; + # was renamed to: + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + nvidia-vaapi-driver + vaapiVdpau + libvdpau + libvdpau-va-gl + vdpauinfo + libva + libva-utils + # https://wiki.nixos.org/wiki/Intel_Graphics + #vpl-gpu-rt + # added 2025/02/03 not tested + vaapiIntel + intel-media-driver + ]; + }; + + # TODO try displaylink + # https://nixos.wiki/wiki/Displaylink + # nix-prefetch-url --name displaylink-600.zip https://www.synaptics.com/sites/default/files/exe_files/2024-05/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.0-EXE.zip + #services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; + + # https://wiki.nixos.org/w/index.php?title=NVIDIA + # https://nixos.wiki/wiki/Nvidia + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix + hardware.nvidia = { + + # This will no longer be necessary when + # https://github.com/NixOS/nixpkgs/pull/326369 hits stable + #modesetting.enable = true; + modesetting.enable = lib.mkDefault true; + + powerManagement = { + enable = true; + #finegrained = true; + }; + + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + # Currently alpha-quality/buggy, so false is currently the recommended setting. + # prioritry drivers don't compile on 6.10.3 + # Set to false for proprietary drivers -> https://download.nvidia.com/XFree86/Linux-x86_64/565.77/README/kernel_open.html + open = true; + + nvidiaSettings = true; + + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this + #package = config.boot.kernelPackages.nvidiaPackages.production; + # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version + package = pkgs.linuxPackages.nvidia_x11; + }; + + # https://theo.is-a.dev/blog/post/hyprland-adventure/ + #[das@t:~]$ lshw -c video | grep config + #WARNING: you should run this program as super-user. + # configuration: depth=32 driver=nouveau latency=0 resolution=3840,2160 + # configuration: depth=32 driver=i915 latency=0 resolution=3840,2160 + # + #[das@t:~]$ lspci -nnk | egrep -i --color 'vga|3d|2d' -A3 | grep 'in use' + #Kernel driver in use: i915 + #Kernel driver in use: nouveau + # + #[das@t:~]$ lspci -nnk | grep -i vga -A2 + #00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: i915 + #-- + #01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: nouveau + # + # hwinfo --gfxcard + + services.xserver = { + enable = true; + + videoDrivers = [ "nvidia" "intel" ]; + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/displaylink.nix + #videoDrivers = [ "nvidia" "displaylink" ]; + + # Display Managers are responsible for handling user login + displayManager = { + gdm.enable = true; + }; + + # Enable the GNOME Desktop Environment + desktopManager = { + gnome.enable = true; + plasma5.enable = false; + xterm.enable = false; + }; + # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 + + # Configure keymap in X11 + xkb.layout = "us"; + xkb.variant = ""; + }; + + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/12?u=randomizedcoder + # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config-nix-L193 + environment.variables = { + MOZ_DISABLE_RDD_SANDBOX = "1"; + LIBVA_DRIVER_NAME = "nvidia"; + GBM_BACKEND = "nvidia-drm"; + __GLX_VENDOR_LIBRARY_NAME = "nvidia"; + NVD_BACKEND = "direct"; + EGL_PLATFORM = "wayland"; + # prevents cursor disappear when using Nvidia drivers + WLR_NO_HARDWARE_CURSORS = "1"; + + MOZ_ENABLE_WAYLAND = "1"; + XDG_SESSION_TYPE = "wayland"; + NIXOS_OZONE_WL = "1"; + + CUDA_PATH = "${pkgs.linuxPackages.nvidia_x11}/lib"; + # export LD_LIBRARY_PATH=${pkgs.linuxPackages.nvidia_x11}/lib + EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; + EXTRA_CCFLAGS = "-I/usr/include"; + LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; + }; +} + + # i tried prime, but it didn't seem to work + # prime = { + # # ([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?' + # # 00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) + # intelBusId = "PCI:0:2:0"; + # # 01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) + # nvidiaBusId = "PCI:1:0:0"; + # sync.enable = true; + # #offload = { + # # enable = true; + # # #sync.enable = true; + # # enableOffloadCmd = true; + # #}; + # }; \ No newline at end of file diff --git a/laptops/t/home.nix b/laptops/t/home.nix index f96c27c..08d86fd 100644 --- a/laptops/t/home.nix +++ b/laptops/t/home.nix @@ -14,6 +14,7 @@ imports = [ hyprland.homeManagerModules.default # other imports to go here + ./nodeExporter.nix ]; home = { @@ -118,7 +119,8 @@ neofetch # vlc - ffmpeg_7-full + # ffmpeg moved to system package + #ffmpeg_7-full #ffmpeg-full # go # https://nixos.wiki/wiki/Go @@ -129,7 +131,8 @@ #gcc_multi #glibc_multi # thunderbird - go_1_23 + #go_1_23 + unstable.go gopls golint golangci-lint diff --git a/laptops/t/systemPackages.nix b/laptops/t/systemPackages.nix index f795f7b..b4c9a31 100644 --- a/laptops/t/systemPackages.nix +++ b/laptops/t/systemPackages.nix @@ -17,6 +17,10 @@ iptables pciutils usbutils + pciutils + virt-manager + cudatoolkit + pkgs.gnomeExtensions.appindicator iw wirelesstools wpa_supplicant @@ -37,5 +41,19 @@ wayland-utils wl-clipboard wlroots + + # + #nvidia + vdpauinfo # sudo vainfo + libva-utils # sudo vainfo + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + # + ffmpeg-full + # + # https://nixos.wiki/wiki/CUDA + cudatoolkit + linuxPackages.nvidia_x11 + libGLU + libGL ]; } \ No newline at end of file From d556dbb94c210812a1f82f54ba4a7f1bf78c1103 Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Fri, 14 Mar 2025 11:23:59 -0700 Subject: [PATCH 3/8] sync --- go/konnect/flake.nix | 15 ++ go/konnect/readme.md | 0 hp/hp1/Makefile | 2 +- hp/hp1/configuration.nix | 28 ++- hp/hp1/ffmpeg_systemd_service.nix | 40 ++-- hp/hp1/home.nix | 6 +- hp/hp1/systemPackages.nix | 9 +- hp/hp5/ffmpeg-hls-service.nix | 92 ++++++--- laptops/t/configuration.nix | 17 +- laptops/t/flake.lock | 78 ++++---- laptops/t/hardware-graphics.nix | 8 +- laptops/t/home.nix | 17 +- laptops/t/nodeExporter.nix | 8 +- laptops/t/old-conf.txt | 309 ++++++++++++++++++++++++++++++ laptops/t/prometheus.nix | 22 ++- laptops/t/sysctl.nix | 2 +- laptops/t/systemPackages.nix | 12 +- laptops/t/wireless_desktop.nix | 2 - 18 files changed, 545 insertions(+), 122 deletions(-) create mode 100644 go/konnect/flake.nix create mode 100644 go/konnect/readme.md create mode 100644 laptops/t/old-conf.txt diff --git a/go/konnect/flake.nix b/go/konnect/flake.nix new file mode 100644 index 0000000..c7a9a1c --- /dev/null +++ b/go/konnect/flake.nix @@ -0,0 +1,15 @@ +{ + description = "A very basic flake"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + }; + + outputs = { self, nixpkgs }: { + + packages.x86_64-linux.hello = nixpkgs.legacyPackages.x86_64-linux.hello; + + packages.x86_64-linux.default = self.packages.x86_64-linux.hello; + + }; +} diff --git a/go/konnect/readme.md b/go/konnect/readme.md new file mode 100644 index 0000000..e69de29 diff --git a/hp/hp1/Makefile b/hp/hp1/Makefile index 159e2e9..ed8a6dc 100644 --- a/hp/hp1/Makefile +++ b/hp/hp1/Makefile @@ -22,7 +22,7 @@ rebuild: #sudo nixos-rebuild switch #sudo nix-channel --update; sudo nixos-rebuild switch --flake . - systemctl --user restart ffmpeg-stream + sudo systemctl restart ffmpeg-stream rebuild_trace: sudo nixos-rebuild switch --show-trace --flake . diff --git a/hp/hp1/configuration.nix b/hp/hp1/configuration.nix index 14305ee..629c57c 100644 --- a/hp/hp1/configuration.nix +++ b/hp/hp1/configuration.nix @@ -33,6 +33,7 @@ #./k3s_node.nix ./systemd.services.ethtool-enp3s0f0.nix ./systemd.services.ethtool-enp3s0f1.nix + ./ffmpeg_systemd_service.nix ]; # https://nixos.wiki/wiki/Kubernetes#reset_to_a_clean_state @@ -41,17 +42,22 @@ # rm -rf /var/lib/kubernetes/ /var/lib/etcd/ /var/lib/cfssl/ /var/lib/kubelet/ /etc/kube-flannel/ /etc/kubernetes/ # Bootloader. - boot.loader.systemd-boot = { - enable = true; - #consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. - memtest86.enable = true; - }; + boot = { + loader.systemd-boot = { + enable = true; + #consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. + memtest86.enable = true; + }; - boot.loader.efi.canTouchEfiVariables = true; + loader.efi.canTouchEfiVariables = true; - # https://nixos.wiki/wiki/Linux_kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - #boot.kernelPackages = pkgs.linuxPackages_rpi4 + # https://nixos.wiki/wiki/AMD_GPU + initrd.kernelModules = [ "amdgpu" ]; + + # https://nixos.wiki/wiki/Linux_kernel + kernelPackages = pkgs.linuxPackages_latest; + #boot.kernelPackages = pkgs.linuxPackages_rpi4 + }; nix = { gc = { @@ -74,9 +80,13 @@ amdvlk # AMD Vulkan driver, includes AMF runtime #rocm-opencl-runtime # Optional: ROCm OpenCL support #rocm-smi # AMD System Management Interface (for monitoring GPU) + # https://nixos.wiki/wiki/AMD_GPU#OpenCL + rocmPackages.clr.icd ]; }; + services.xserver.videoDrivers = [ "amdgpu" ]; + # https://nixos.wiki/wiki/Networking # https://nlewo.github.io/nixos-manual-sphinx/configuration/ipv4-config.xml.html networking.hostName = "hp1"; diff --git a/hp/hp1/ffmpeg_systemd_service.nix b/hp/hp1/ffmpeg_systemd_service.nix index 30c108a..bd7f0df 100644 --- a/hp/hp1/ffmpeg_systemd_service.nix +++ b/hp/hp1/ffmpeg_systemd_service.nix @@ -54,7 +54,6 @@ # ffmpeg -f lavfi -i "sine=frequency=1000:duration=10" -c:a aac -b:a 128k /home/das/test_audio.aac let ffmpegCmd = - '' ${pkgs.ffmpeg-full}/bin/ffmpeg -f lavfi -re -i testsrc2=rate=30:size=1920x1080 \ -f lavfi -i "sine=frequency=1000" \ @@ -64,7 +63,7 @@ let -bsf:v h264_mp4toannexb \ -c:a aac -b:a 128k -ac 2 \ -max_delay 500000 -bufsize 2000000 -fflags +genpts \ - -f rtp_mpegts "rtp://239.0.0.1:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" + -f rtp_mpegts "rtp://239.0.0.2:6000?pkt_size=1326&ttl=4&localaddr=172.16.40.142" ''; # Ensures SPS/PPS is sent in every keyframe (prevents decoder from losing parameter sets). # Forces constant frame rate (force-cfr=1), improving stream stability. @@ -124,25 +123,32 @@ let # ''; in { - systemd.user.services.ffmpeg-stream = { + # sudo systemctl status ffmpeg-stream.service + # sudo journalctl -u ffmpeg-stream.service + # cat /etc/systemd/system/ffmpeg-stream.service + systemd.services.ffmpeg-stream = { - Unit = { - description = "FFmpeg Multicast Service"; - }; + description = "FFmpeg Multicast Service"; + after = [ "network.target" ]; - Service = { + serviceConfig = { ExecStart = "${ffmpegCmd}"; Restart = "always"; - RestartSec = 2; + RestartSec = 10; StandardOutput = "journal"; StandardError = "journal"; + # https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Scheduling + Nice = "-20"; + #CPUSchedulingPriority = "99"; + ### πŸ” Security Hardening Options ### NoNewPrivileges = true; # Prevents privilege escalation PrivateTmp = true; # Isolates service temporary files - ProtectSystem = "strict"; # Restricts access to system files - ProtectHome = "read-only"; # Readonly access to home directory - #ProtectHome = "yes"; # Blocks access to home directory + ProtectSystem = "full"; # Restricts access to system files + #ProtectSystem = "strict"; # Restricts access to system files + #ProtectHome = "read-only"; # Readonly access to home directory + ProtectHome = "yes"; # Blocks access to home directory ProtectKernelModules = true; # Blocks module loading ProtectKernelLogs = true; # Prevents access to kernel logs ProtectControlGroups = true; # Restricts cgroup modifications @@ -151,14 +157,16 @@ in RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; # Restricts network access SystemCallFilter = [ "~@mount" "~@privileged" "~@resources" ]; # Blocks dangerous system calls LockPersonality = true; # Prevents personality changes (defense against exploits) - ReadOnlyPaths = "/etc /usr /home/das/test_audio/"; # Makes important paths read-only + ReadOnlyPaths = "/usr"; # Makes important paths read-only + #ReadOnlyPaths = "/etc /usr /home/das/test_audio/"; # Makes important paths read-only #wReadWritePaths = "/var/www/html"; # Only allow writing in this directory ProtectClock = true; # Blocks modification of system clock }; - Install = { - after = [ "network.target" ]; - WantedBy = [ "default.target" ]; - }; + # # systemctl list-units --type target + # Install = { + # after = [ "network.target" ]; + # #WantedBy = [ "default.target" ]; + # }; }; } diff --git a/hp/hp1/home.nix b/hp/hp1/home.nix index 707af40..04795b4 100644 --- a/hp/hp1/home.nix +++ b/hp/hp1/home.nix @@ -7,9 +7,9 @@ home.username = "das"; home.homeDirectory = "/home/das"; - imports = [ - ./ffmpeg_systemd_service.nix - ]; + # imports = [ + # #./ffmpeg_systemd_service.nix + # ]; # https://nix-community.github.io/home-manager/index.xhtml#ch-installation #home-manager.users.das = { pkgs, ... }: { diff --git a/hp/hp1/systemPackages.nix b/hp/hp1/systemPackages.nix index 5931d2e..a524c6d 100644 --- a/hp/hp1/systemPackages.nix +++ b/hp/hp1/systemPackages.nix @@ -1,5 +1,8 @@ -{ config, pkgs, ... }: - +{ + config, + pkgs, + ... +}: { # Allow unfree packages nixpkgs.config.allowUnfree = true; @@ -28,5 +31,7 @@ # ffmpeg-full radeontop # GPU monitoring tool + # https://nixos.wiki/wiki/AMD_GPU#OpenCL + clinfo ]; } diff --git a/hp/hp5/ffmpeg-hls-service.nix b/hp/hp5/ffmpeg-hls-service.nix index 9c2f646..db10c44 100644 --- a/hp/hp5/ffmpeg-hls-service.nix +++ b/hp/hp5/ffmpeg-hls-service.nix @@ -68,35 +68,72 @@ let # a=rtpmap:33 MP2T/90000 # ''; + # https://developer.nvidia.com/blog/nvidia-ffmpeg-transcoding-guide/#processing_filters ffmpegCmd = '' ${pkgs.ffmpeg-full}/bin/ffmpeg \ - -hwaccel cuda -hwaccel_output_format cuda \ + -vsync 0 \ + -hwaccel cuda \ + -hwaccel_output_format cuda \ -protocol_whitelist "file,udp,rtp" \ -analyzeduration 200000000 \ -probesize 150M \ -fflags +genpts -max_delay 5000000 \ -f mpegts \ -i /hls/stream.sdp \ - -filter_complex "[0:v]hwupload_cuda,split=3[v10_in][v5_in][v1_in]; \ - [v10_in]scale_cuda=w=1920:h=1080,hwdownload,format=yuv420p[v10_scaled]; \ - [v5_in]scale_cuda=w=1280:h=720,hwdownload,format=yuv420p[v5_scaled]; \ - [v1_in]scale_cuda=w=640:h=360,hwdownload,format=yuv420p[v1_scaled]" \ - -map "[v10_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ - -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ - -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ - -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ - "/hls/hls_10Mbps/stream_10.m3u8" \ - -map "[v5_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ - -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ - -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ - -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ - "/hls/hls_5Mbps/stream_5.m3u8" \ - -map "[v1_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ - -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ - -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ - -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ - "/hls/hls_1Mbps/stream_1.m3u8" + -filter_complex "[0:v]split=2[v2][v3]; \ + [v2]scale_npp=1280:720:interp_algo=super[vout2]; \ + [v3]scale_npp=640:360:interp_algo=super[vout3]" \ + -map 0:v -c:v hevc_nvenc -b:v 10M -preset p1 -tune hq -rc cbr -maxrate 10M -bufsize 20M -g 50 -pix_fmt yuv420p \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_10Mbps/stream_10.m3u8" \ + -map "[vout2]" -c:v hevc_nvenc -b:v 5M -preset p1 -tune hq -rc cbr -maxrate 5M -bufsize 10M -g 50 -pix_fmt yuv420p \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_5Mbps/stream_5.m3u8" \ + -map "[vout3]" -c:v hevc_nvenc -b:v 1M -preset p1 -tune hq -rc cbr -maxrate 1M -bufsize 2M -g 50 -pix_fmt yuv420p \ + -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + "/hls/hls_1Mbps/stream_1.m3u8" \ + -map a:0 -c:a aac -b:a 128k -ac 2 -f hls -hls_time 4 -hls_list_size 20 \ + -hls_segment_filename "/hls/audio/stream-%Y%m%d%H%M%S.ts" "/hls/audio/stream_audio.m3u8" \ + -master_pl_name "/hls/master.m3u8" ''; + + # ffmpegCmd = '' + # ${pkgs.ffmpeg-full}/bin/ffmpeg \ + # -vsync 0 \ + # -hwaccel cuda -hwaccel_output_format cuda \ + # -protocol_whitelist "file,udp,rtp" \ + # -analyzeduration 200000000 \ + # -probesize 150M \ + # -fflags +genpts -max_delay 5000000 \ + # -f mpegts \ + # -i /hls/stream.sdp \ + # -filter_complex "[0:v]hwupload_cuda,split=3[v10_in][v5_in][v1_in]; \ + # [v10_in]scale_cuda=w=1920:h=1080,hwdownload,format=yuv420p[v10_scaled]; \ + # [v5_in]scale_cuda=w=1280:h=720,hwdownload,format=yuv420p[v5_scaled]; \ + # [v1_in]scale_cuda=w=640:h=360,hwdownload,format=yuv420p[v1_scaled]" \ + # -map "[v10_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 10M -bufsize 20M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_10Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_10Mbps/stream_10.m3u8" \ + # -map "[v5_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 5M -bufsize 10M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_5Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_5Mbps/stream_5.m3u8" \ + # -map "[v1_scaled]" -map 0:a:0 -c:v h264_nvenc -pix_fmt nv12 -b:v 1M -bufsize 2M -preset p5 -g 50 -keyint_min 50 -c:a aac -b:a 128k -ac 2 \ + # -f hls -hls_time 4 -hls_list_size 20 -hls_delete_threshold 2 \ + # -hls_flags delete_segments+independent_segments+temp_file+discont_start+omit_endlist \ + # -strftime 1 -hls_segment_filename "/hls/hls_1Mbps/stream-%Y%m%d%H%M%S.ts" \ + # "/hls/hls_1Mbps/stream_1.m3u8 \ + # -master_pl_name /hls/master.m3u8" + # ''; # -i "rtp://239.0.0.1:6000" \ # -i /hls/stream.sdp \ # -filter_complex "[0:v]split=3[v10][v5][v1]; \ @@ -120,11 +157,13 @@ in } ]; + # https://www.freedesktop.org/software/systemd/man/latest/tmpfiles.d.html systemd.tmpfiles.rules = [ + #Type Path Mode User Group Age Argument… "d /hls 0770 nginx nginx -" - "d /hls/hls_10Mbps 0770 nginx nginx -" - "d /hls/hls_5Mbps 0770 nginx nginx -" - "d /hls/hls_1Mbps 0770 nginx nginx -" + "d /hls/hls_10Mbps 0770 nginx nginx 5m" + "d /hls/hls_5Mbps 0770 nginx nginx 5m" + "d /hls/hls_1Mbps 0770 nginx nginx 5m" ]; # sudo systemctl restart create-stream-sdp.service @@ -178,6 +217,13 @@ in StandardError = "journal"; LimitNOFILE = 1048576; + # https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#Scheduling + Nice = "-20"; + #CPUSchedulingPriority = "99"; + # https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/assembly_configuring-cpu-affinity-and-numa-policies-using-systemd_managing-monitoring-and-updating-the-kernel#assembly_configuring-cpu-affinity-and-numa-policies-using-systemd_managing-monitoring-and-updating-the-kernel + #CPUAffinity= + #NUMAMask= + Environment = [ "CUDA_PATH=${pkgs.linuxPackages.nvidia_x11}/lib" "EXTRA_LDFLAGS=-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib" diff --git a/laptops/t/configuration.nix b/laptops/t/configuration.nix index 2ac70c9..c00630e 100644 --- a/laptops/t/configuration.nix +++ b/laptops/t/configuration.nix @@ -22,7 +22,6 @@ { # https://nixos.wiki/wiki/NixOS_modules # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager - # imports = [ ./hardware-configuration.nix @@ -87,7 +86,7 @@ # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config_working-nix-L19 extraModprobeConfig = "options nvidia " - "" + #"" + lib.concatStringsSep " " [ # nvidia assume that by default your CPU does not support PAT, # but this is effectively never the case in 2023 @@ -164,9 +163,20 @@ # https://nixos.wiki/wiki/Printing services.printing.enable = true; + # https://wiki.nixos.org/wiki/Flameshot + # services.flameshot = { + # enable = true; + # settings.General = { + # showStartupLaunchMessage = false; + # saveLastRegion = true; + # }; + # }; + systemd.services.modem-manager.enable = false; systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; + services.clickhouse.enable = true; + # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { TERM = "xterm-256color"; @@ -178,7 +188,6 @@ isNormalUser = true; description = "das"; extraGroups = [ "wheel" "networkmanager" "kvm" "libvirtd" "docker" "video" ]; - # users.extraGroups.docker.members = [ "das" ]; packages = with pkgs; [ ]; # https://nixos.wiki/wiki/SSH_public_key_authentication @@ -187,11 +196,9 @@ ]; }; - # package moved to systemPackages.nix # environment.systemPackages = with pkgs; [ - # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index 4bdecc7..d00e729 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1738456976, - "narHash": "sha256-cufyHbOMnSt9V4w4OVSzNcpJ+8DwzRZRJaca2Q89KVI=", + "lastModified": 1741282631, + "narHash": "sha256-jZE1CmQ53uN1Gq4FjaLFzSSjDqzL0pG4mdRbjBqSmho=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "257b2050790ab3b1eb389e0f8bdc400eb9510139", + "rev": "81498562d0f53e613d30368bb5b076784fa86f80", "type": "github" }, "original": { @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1736373539, - "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=", + "lastModified": 1739757849, + "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", "owner": "nix-community", "repo": "home-manager", - "rev": "bd65bc3cde04c16755955630b344bc9e35272c56", + "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", "type": "github" }, "original": { @@ -108,11 +108,11 @@ ] }, "locked": { - "lastModified": 1738178255, - "narHash": "sha256-+D6Nu2ewXbMTFzx/Q4jDOo+LAOUPr0cxQJg5k33daIE=", + "lastModified": 1738664950, + "narHash": "sha256-xIeGNM+iivwVHkv9tHwOqoUP5dDrtees34bbFKKMZYs=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "dcadd3398abe146d60c67e0d9ee6e27b301cae82", + "rev": "7c6d165e1eb9045a996551eb9f121b6d1b30adc3", "type": "github" }, "original": { @@ -137,11 +137,11 @@ ] }, "locked": { - "lastModified": 1738437059, - "narHash": "sha256-J+8ecqaP3zD9GHeN8Y4hUapoELSoggp0IZI8laTFt/0=", + "lastModified": 1739049071, + "narHash": "sha256-3+7TpXMrbsUXSwgr5VAKAnmkzMb6JO+Rvc9XRb5NMg4=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "5ac80e3686a4dfa55d2bd15c81a266b89594a295", + "rev": "175c6b29b6ff82100539e7c4363a35a02c74dd73", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1738664288, - "narHash": "sha256-LWWJc5/ABxW3FPUWceM48mprAfcUDLpWix4EV2dEmbc=", + "lastModified": 1741628446, + "narHash": "sha256-fTZk3uEnkR39JWFRgrstYjAOoi/OqWEDtNB3bmzVcRQ=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "3b99e906df8b439d65e740301940e57efc057012", + "rev": "e4af4b5e2e3566a5fa95505b0d0ef5e5c9e174b8", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1738612236, - "narHash": "sha256-IGp1AcZvYZ/R+AO0Znd+i+eQuEnQfkg/6AshoYPyUIg=", + "lastModified": 1738966025, + "narHash": "sha256-MzgrF0jKlTNnNS33D8PwI5z2MJ1Tzf5MQVf/oms2pdw=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "6d525bcfea005d399f4f603f6d9321f7281ddb6e", + "rev": "4f48dbe12f3cbbeb4d31c91c67b21edbc5b4b451", "type": "github" }, "original": { @@ -289,11 +289,11 @@ ] }, "locked": { - "lastModified": 1737981711, - "narHash": "sha256-lh6cL5D8nPplB3WovCQjLUZ7k7MViiBrMlpkfm4R7/c=", + "lastModified": 1739048983, + "narHash": "sha256-REhTcXq4qs3B3cCDtLlYDz0GZvmsBSh947Ub6pQWGTQ=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "96bf0677fa9cd13508294e3d4559dfbbc8beff73", + "rev": "3504a293c8f8db4127cb0f7cfc1a318ffb4316f8", "type": "github" }, "original": { @@ -318,11 +318,11 @@ ] }, "locked": { - "lastModified": 1737634606, - "narHash": "sha256-W7W87Cv6wqZ9PHegI6rH1+ve3zJPiyevMFf0/HwdbCQ=", + "lastModified": 1741191527, + "narHash": "sha256-kM+11Nch47Xwfgtw2EpRitJuORy4miwoMuRi5tyMBDY=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "f41271d35cc0f370d300413d756c2677f386af9d", + "rev": "72df3861f1197e41b078faa3e38eedd60e00018d", "type": "github" }, "original": { @@ -343,11 +343,11 @@ ] }, "locked": { - "lastModified": 1737978343, - "narHash": "sha256-TfFS0HCEJh63Kahrkp1h9hVDMdLU8a37Zz+IFucxyfA=", + "lastModified": 1741123584, + "narHash": "sha256-mprerMlucqtirmbx6L3VoFnF2bGYc2WSUCj7tuc6xTQ=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "6a8bc9d2a4451df12f5179dc0b1d2d46518a90ab", + "rev": "6b0154b183f9539097f13af9b5da78ca24da6df2", "type": "github" }, "original": { @@ -368,11 +368,11 @@ ] }, "locked": { - "lastModified": 1735493474, - "narHash": "sha256-fktzv4NaqKm94VAkAoVqO/nqQlw+X0/tJJNAeCSfzK4=", + "lastModified": 1739870480, + "narHash": "sha256-SiDN5BGxa/1hAsqhgJsS03C3t2QrLgBT8u+ENJ0Qzwc=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "de913476b59ee88685fdc018e77b8f6637a2ae0b", + "rev": "206367a08dc5ac4ba7ad31bdca391d098082e64b", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1738410390, - "narHash": "sha256-xvTo0Aw0+veek7hvEVLzErmJyQkEcRk6PSR4zsRQFEc=", + "lastModified": 1741246872, + "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3a228057f5b619feb3186e986dbe76278d707b6e", + "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", "type": "github" }, "original": { @@ -415,11 +415,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1738574474, - "narHash": "sha256-rvyfF49e/k6vkrRTV4ILrWd92W+nmBDfRYZgctOyolQ=", + "lastModified": 1741445498, + "narHash": "sha256-F5Em0iv/CxkN5mZ9hRn3vPknpoWdcdCyR0e4WklHwiE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fecfeb86328381268e29e998ddd3ebc70bbd7f7c", + "rev": "52e3095f6d812b91b22fb7ad0bfc1ab416453634", "type": "github" }, "original": { @@ -439,11 +439,11 @@ ] }, "locked": { - "lastModified": 1737465171, - "narHash": "sha256-R10v2hoJRLq8jcL4syVFag7nIGE7m13qO48wRIukWNg=", + "lastModified": 1741379162, + "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "9364dc02281ce2d37a1f55b6e51f7c0f65a75f17", + "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", "type": "github" }, "original": { diff --git a/laptops/t/hardware-graphics.nix b/laptops/t/hardware-graphics.nix index e25a255..3f0a3d9 100644 --- a/laptops/t/hardware-graphics.nix +++ b/laptops/t/hardware-graphics.nix @@ -3,6 +3,7 @@ # { config, pkgs, + lib, ... }: { @@ -89,7 +90,9 @@ services.xserver = { enable = true; - videoDrivers = [ "nvidia" "intel" ]; + videoDrivers = [ "nvidia" "modesetting" ]; # modesetting ~= intel + # intel does NOT exist + # videoDrivers = [ "nvidia" "intel" ]; # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/displaylink.nix #videoDrivers = [ "nvidia" "displaylink" ]; @@ -132,6 +135,9 @@ EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; EXTRA_CCFLAGS = "-I/usr/include"; LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; + + # flameshot + QT_QPA_PLATFORM = "wayland"; }; } diff --git a/laptops/t/home.nix b/laptops/t/home.nix index 08d86fd..2656086 100644 --- a/laptops/t/home.nix +++ b/laptops/t/home.nix @@ -14,7 +14,6 @@ imports = [ hyprland.homeManagerModules.default # other imports to go here - ./nodeExporter.nix ]; home = { @@ -64,7 +63,8 @@ # alsa-lib-with-plugins # perl - python3 + #3.12.8 on 12th of Feb 2025 + python3Full # gawk jq @@ -387,9 +387,12 @@ # https://github.com/HeinzDev/Hyprland-dotfiles/blob/main/home/home.nix#L70 # # https://heywoodlh.io/nixos-gnome-settings-and-keyboard-shortcuts + # https://rycee.gitlab.io/home-manager/options.xhtml#opt-dconf.settings dconf.settings = { "org/gnome/desktop/wm/preferences" = { - button-layout = "close,minimize,maximize:appmenu"; + #button-layout = "close,minimize,maximize,above:appmenu"; + button-layout = ":minimize,maximize,above,close"; + num-workspaces = 2; }; # "org/gnome/desktop/interface" = { # color-scheme = "prefer-dark"; @@ -456,14 +459,6 @@ # # home.file.".config/hypr/hyprland.conf".text = '' # # ''; - services.flameshot = { - enable = true; - settings.General = { - showStartupLaunchMessage = false; - saveLastRegion = true; - }; - }; - home.file."containers.conf" = { target = ".config/containers/containers.conf"; # https://docs.podman.io/en/v4.6.0/markdown/options/security-opt.html diff --git a/laptops/t/nodeExporter.nix b/laptops/t/nodeExporter.nix index 31052e6..f26d49b 100644 --- a/laptops/t/nodeExporter.nix +++ b/laptops/t/nodeExporter.nix @@ -1,10 +1,14 @@ -{ config, pkgs, ... }: +{ + config, + pkgs, + ... +}: { # https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix services.prometheus.exporters.node = { enable = true; - port = 9000; + port = 19000; # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix enabledCollectors = [ "systemd" ]; # /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help diff --git a/laptops/t/old-conf.txt b/laptops/t/old-conf.txt new file mode 100644 index 0000000..63b2975 --- /dev/null +++ b/laptops/t/old-conf.txt @@ -0,0 +1,309 @@ +[ca/desrt/dconf-editor] +saved-pathbar-path='/ca/desrt/dconf-editor/' +saved-view='/ca/desrt/dconf-editor/' +window-height=699 +window-is-maximized=false +window-width=1240 + +[com/mattjakeman/ExtensionManager] +height=871 +last-used-version='0.5.1' +width=1101 + +[org/gnome/Console] +last-window-maximised=true +last-window-size=(3290, 1080) + +[org/gnome/Disks] +image-dir-uri='file:///home/das/Documents' + +[org/gnome/calculator] +accuracy=9 +angle-units='degrees' +base=10 +button-mode='basic' +number-format='automatic' +show-thousands=false +show-zeroes=false +source-currency='' +source-units='degree' +target-currency='' +target-units='radian' +window-maximized=false +window-size=(360, 626) +word-size=64 + +[org/gnome/cheese] +burst-delay=1000 +camera='MX Brio (V4L2)' +photo-x-resolution=1920 +photo-y-resolution=1080 +video-x-resolution=1920 +video-y-resolution=1080 + +[org/gnome/control-center] +last-panel='sound' +window-state=(1024, 689, false) + +[org/gnome/desktop/app-folders] +folder-children=['Utilities', 'YaST', 'Pardus'] + +[org/gnome/desktop/app-folders/folders/Pardus] +categories=['X-Pardus-Apps'] +name='X-Pardus-Apps.directory' +translate=true + +[org/gnome/desktop/app-folders/folders/Utilities] +apps=['gnome-abrt.desktop', 'gnome-system-log.desktop', 'nm-connection-editor.desktop', 'org.gnome.baobab.desktop', 'org.gnome.Connections.desktop', 'org.gnome.DejaDup.desktop', 'org.gnome.Dictionary.desktop', 'org.gnome.DiskUtility.desktop', 'org.gnome.Evince.desktop', 'org.gnome.FileRoller.desktop', 'org.gnome.fonts.desktop', 'org.gnome.Loupe.desktop', 'org.gnome.seahorse.Application.desktop', 'org.gnome.tweaks.desktop', 'org.gnome.Usage.desktop', 'vinagre.desktop'] +categories=['X-GNOME-Utilities'] +name='X-GNOME-Utilities.directory' +translate=true + +[org/gnome/desktop/app-folders/folders/YaST] +categories=['X-SuSE-YaST'] +name='suse-yast.directory' +translate=true + +[org/gnome/desktop/input-sources] +sources=[('xkb', 'us')] +xkb-options=['terminate:ctrl_alt_bksp'] + +[org/gnome/desktop/interface] +clock-show-seconds=true +clock-show-weekday=true +color-scheme='prefer-dark' +enable-animations=true +enable-hot-corners=false +font-antialiasing='grayscale' +font-hinting='slight' +gtk-theme='Nordic' +toolkit-accessibility=false + +[org/gnome/desktop/notifications] +application-children=['gnome-power-panel', 'org-gnome-console', 'org-gnome-nautilus', 'slack', 'firefox', 'xdg-desktop-portal-gnome', 'google-chrome', 'kitty', 'code', 'zoom', 'org-gnome-gedit', 'gnome-printers-panel', 'org-gnome-baobab', 'org-wireshark-wireshark', 'gimp', 'org-gnome-fileroller', 'org-gnome-diskutility', 'com-dec05eba-gpu-screen-recorder'] + +[org/gnome/desktop/notifications/application/code] +application-id='code.desktop' + +[org/gnome/desktop/notifications/application/com-dec05eba-gpu-screen-recorder] +application-id='com.dec05eba.gpu_screen_recorder.desktop' + +[org/gnome/desktop/notifications/application/firefox] +application-id='firefox.desktop' + +[org/gnome/desktop/notifications/application/gimp] +application-id='gimp.desktop' + +[org/gnome/desktop/notifications/application/gnome-power-panel] +application-id='gnome-power-panel.desktop' + +[org/gnome/desktop/notifications/application/gnome-printers-panel] +application-id='gnome-printers-panel.desktop' + +[org/gnome/desktop/notifications/application/google-chrome] +application-id='google-chrome.desktop' + +[org/gnome/desktop/notifications/application/kitty] +application-id='kitty.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-baobab] +application-id='org.gnome.baobab.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-console] +application-id='org.gnome.Console.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-diskutility] +application-id='org.gnome.DiskUtility.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-fileroller] +application-id='org.gnome.FileRoller.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-gedit] +application-id='org.gnome.gedit.desktop' + +[org/gnome/desktop/notifications/application/org-gnome-nautilus] +application-id='org.gnome.Nautilus.desktop' + +[org/gnome/desktop/notifications/application/org-wireshark-wireshark] +application-id='org.wireshark.Wireshark.desktop' + +[org/gnome/desktop/notifications/application/slack] +application-id='slack.desktop' + +[org/gnome/desktop/notifications/application/xdg-desktop-portal-gnome] +application-id='xdg-desktop-portal-gnome.desktop' + +[org/gnome/desktop/notifications/application/zoom] +application-id='Zoom.desktop' + +[org/gnome/desktop/peripherals/keyboard] +numlock-state=true + +[org/gnome/desktop/sound] +event-sounds=true +theme-name='__custom' + +[org/gnome/desktop/wm/preferences] +button-layout='close,minimize,maximize:appmenu' + +[org/gnome/evince/default] +continuous=true +dual-page=false +dual-page-odd-left=true +enable-spellchecking=true +fullscreen=false +inverted-colors=false +show-sidebar=true +sidebar-page='thumbnails' +sidebar-size=132 +sizing-mode='automatic' +window-ratio=(1.9607843137254901, 1.3636363636363635) + +[org/gnome/evolution-data-server] +migrated=true + +[org/gnome/file-roller/listing] +list-mode='as-folder' +name-column-width=2162 +show-path=false +sort-method='name' +sort-type='ascending' + +[org/gnome/file-roller/ui] +sidebar-width=200 +window-height=1080 +window-width=2712 + +[org/gnome/gedit/state/file-chooser] +open-recent=false + +[org/gnome/gedit/state/history-entry] +replace-with-entry=['data', '(*data)[', 'ge-0/1/0', 'ge-0/1/1'] +search-for-entry=['(*data)', 'data[', 'ge-0/1/1', 'ge-0/0/0'] + +[org/gnome/gedit/state/window] +bottom-panel-size=140 +side-panel-active-page='GeditWindowDocumentsPanel' +side-panel-size=200 +size=(1920, 1033) +state=87040 + +[org/gnome/meld/window-state] +height=918 +is-maximized=false +width=1717 + +[org/gnome/nautilus/compression] +default-compression-format='tar.xz' + +[org/gnome/nautilus/preferences] +default-folder-viewer='list-view' +migrated-gtk-settings=true +search-filter-time-type='last_modified' + +[org/gnome/nautilus/window-state] +initial-size=(1460, 819) +initial-size-file-chooser=(1151, 1080) + +[org/gnome/portal/filechooser/google-chrome] +last-folder-path='/home/das/Downloads' + +[org/gnome/portal/filechooser/slack] +last-folder-path='/home/das/Pictures/Screenshots' + +[org/gnome/settings-daemon/plugins/color] +night-light-schedule-automatic=false + +[org/gnome/shell] +disable-user-extensions=false +disabled-extensions=['system-monitor@gnome-shell-extensions.gcampax.github.com'] +enabled-extensions=['blur-my-shell@aunetx', 'gsconnect@andyholmes.github.io'] +favorite-apps=['firefox.desktop', 'google-chrome.desktop', 'code.desktop', 'chromium.desktop', 'alacritty.desktop', 'slack.desktop', 'ghostty.desktop'] +last-selected-power-profile='power-saver' +welcome-dialog-last-shown-version='46.2' + +[org/gnome/shell/extensions/SettingsCenter] +show-systemindicator=true + +[org/gnome/shell/extensions/astra-monitor] +gpu-header-activity-bar-color1='rgba(29,172,214,1.0)' +gpu-header-activity-graph-color1='rgba(29,172,214,1.0)' +gpu-indicators-order='["icon","activity bar","activity graph","activity percentage","memory bar","memory graph","memory percentage","memory value"]' +memory-indicators-order='["icon","bar","graph","percentage","value","free"]' +monitors-order='["processor","gpu","memory","storage","network","sensors"]' +network-indicators-order='["icon","IO bar","IO graph","IO speed"]' +processor-indicators-order='["icon","bar","graph","percentage"]' +processor-menu-gpu-color='' +sensors-indicators-order='["icon","value"]' +storage-indicators-order='["icon","bar","percentage","value","free","IO bar","IO graph","IO speed"]' +storage-main='eui.8ce38e050067b37e-part2' + +[org/gnome/shell/world-clocks] +locations=@av [] + +[org/gnome/software] +check-timestamp=int64 1739810968 +first-run=false +flatpak-purge-timestamp=int64 1739753307 + +[org/gnome/tweaks] +show-extensions-notice=false + +[org/gtk/gtk4/settings/file-chooser] +date-format='regular' +location-mode='path-bar' +show-hidden=false +sidebar-width=140 +sort-column='modified' +sort-directories-first=true +sort-order='descending' +type-format='category' +view-type='list' +window-size=(1920, 540) + +[org/gtk/settings/file-chooser] +date-format='regular' +location-mode='path-bar' +show-hidden=false +show-size-column=true +show-type-column=true +sidebar-width=261 +sort-column='modified' +sort-directories-first=false +sort-order='descending' +type-format='category' +window-position=(26, 23) +window-size=(1082, 651) + +[org/virt-manager/virt-manager/confirm] +forcepoweroff=true +removedev=true + +[org/virt-manager/virt-manager/connections] +autoconnect=['qemu:///system'] +uris=['qemu:///system'] + +[org/virt-manager/virt-manager/details] +show-toolbar=true + +[org/virt-manager/virt-manager/paths] +media-default='/home/das/Downloads' + +[org/virt-manager/virt-manager/urls] +isos=['/home/das/Downloads/ubuntu-24.04.1-live-server-amd64.iso', '/home/das/Downloads/debian-12.7.0-amd64-netinst.iso', '/home/das/Downloads/FreeBSD-14.1-RELEASE-amd64-bootonly.iso'] + +[org/virt-manager/virt-manager/vmlist-fields] +disk-usage=false +network-traffic=false + +[org/virt-manager/virt-manager/vms/662f8a9430494692bf4e887693099e2d] +autoconnect=1 +scaling=1 + +[org/virt-manager/virt-manager/vms/765cf673a06a4e0c9d77e9baf30cc8eb] +autoconnect=1 +scaling=1 + +[org/virt-manager/virt-manager/vms/de09cb1f2fd54fc2b6d64296996050fb] +autoconnect=1 +scaling=1 diff --git a/laptops/t/prometheus.nix b/laptops/t/prometheus.nix index 928dc67..18e863f 100644 --- a/laptops/t/prometheus.nix +++ b/laptops/t/prometheus.nix @@ -17,13 +17,27 @@ { job_name = "xtcp"; static_configs = [{ - targets = [ "localhost:9009" ]; + targets = [ "localhost:9088" ]; }]; } - { - job_name = "hp1xtcp"; + { + job_name = "hp1_xtcp"; + static_configs = [{ + targets = [ "hp1:9088" ]; + }]; + } + { + job_name = "clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "localhost:19363" ]; + }]; + } + { + job_name = "hp1_clickhouse"; static_configs = [{ - targets = [ "hp1:9009" ]; + #targets = [ "localhost:9363" ]; + targets = [ "hp1:19363" ]; }]; } #{ diff --git a/laptops/t/sysctl.nix b/laptops/t/sysctl.nix index ed11dac..b6fa4a8 100644 --- a/laptops/t/sysctl.nix +++ b/laptops/t/sysctl.nix @@ -25,7 +25,7 @@ #net.ipv4.tcp_tw_reuse=2 "net.ipv4.tcp_timestamps" = 1; "net.ipv4.tcp_ecn" = 1; - "net.core.default_qdisc" = "fq_codel"; + "net.core.default_qdisc" = "cake"; "net.ipv4.tcp_congestion_control" = "cubic"; #net.ipv4.tcp_congestion_control=bbr "net.core.rmem_default" = 26214400; diff --git a/laptops/t/systemPackages.nix b/laptops/t/systemPackages.nix index b4c9a31..d250f92 100644 --- a/laptops/t/systemPackages.nix +++ b/laptops/t/systemPackages.nix @@ -1,8 +1,11 @@ -{ config, pkgs, ... }: - { - # Allow unfree packages + config, + pkgs, + ... +}: +{ nixpkgs.config.allowUnfree = true; + # $ nix search wget environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. @@ -30,6 +33,9 @@ net-snmp neofetch + # https://wiki.nixos.org/wiki/Flameshot + (flameshot.override { enableWlrSupport = true; }) + # hyprland hyprland swww # for wallpapers diff --git a/laptops/t/wireless_desktop.nix b/laptops/t/wireless_desktop.nix index 5efb014..c8f4a68 100644 --- a/laptops/t/wireless_desktop.nix +++ b/laptops/t/wireless_desktop.nix @@ -1,11 +1,9 @@ { config, pkgs, ... }: { - # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - # Enable networking networking = { networkmanager = { enable = true; From e0bbe10088efb0e894e52e9bde649fb08eb8ddd2 Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Mon, 24 Mar 2025 12:09:03 -0700 Subject: [PATCH 4/8] update --- hp/hp1/hosts.nix | 1 + laptops/t/flake.lock | 72 ++++++++++++++++++++++---------------------- laptops/t/flake.nix | 4 +-- laptops/t/hosts.nix | 1 + 4 files changed, 40 insertions(+), 38 deletions(-) diff --git a/hp/hp1/hosts.nix b/hp/hp1/hosts.nix index b60a4f0..3af6575 100644 --- a/hp/hp1/hosts.nix +++ b/hp/hp1/hosts.nix @@ -12,5 +12,6 @@ "172.16.40.70" = ["hp5" "hp5eth"]; "172.16.40.122" = ["pi5-1" "pi5-1-eth"]; "172.16.40.62" = ["chromebox3" "chromebox3-eth"]; + "127.0.0.1" = ["redpanda-0"]; }; } \ No newline at end of file diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index d00e729..1c5ba0e 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1741282631, - "narHash": "sha256-jZE1CmQ53uN1Gq4FjaLFzSSjDqzL0pG4mdRbjBqSmho=", + "lastModified": 1742213273, + "narHash": "sha256-0l0vDb4anfsBu1rOs94bC73Hub+xEivgBAo6QXl2MmU=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "81498562d0f53e613d30368bb5b076784fa86f80", + "rev": "484b732195cc53f4536ce4bd59a5c6402b1e7ccf", "type": "github" }, "original": { @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1739757849, - "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=", + "lastModified": 1742655702, + "narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe", + "rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", "type": "github" }, "original": { @@ -108,11 +108,11 @@ ] }, "locked": { - "lastModified": 1738664950, - "narHash": "sha256-xIeGNM+iivwVHkv9tHwOqoUP5dDrtees34bbFKKMZYs=", + "lastModified": 1742215578, + "narHash": "sha256-zfs71PXVVPEe56WEyNi2TJQPs0wabU4WAlq0XV7GcdE=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "7c6d165e1eb9045a996551eb9f121b6d1b30adc3", + "rev": "2fd36421c21aa87e2fe3bee11067540ae612f719", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1741628446, - "narHash": "sha256-fTZk3uEnkR39JWFRgrstYjAOoi/OqWEDtNB3bmzVcRQ=", + "lastModified": 1742841187, + "narHash": "sha256-lFc9UfoIXzw35R+mIQMX5q18ANiV6D04A2IxVjTUXVI=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e4af4b5e2e3566a5fa95505b0d0ef5e5c9e174b8", + "rev": "2a6d070774df4c17ca7d7d427065b04d0c77250a", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1738966025, - "narHash": "sha256-MzgrF0jKlTNnNS33D8PwI5z2MJ1Tzf5MQVf/oms2pdw=", + "lastModified": 1742815591, + "narHash": "sha256-E/DAR15nCNXd9VVfiQiAXqY6uS4KOR00sX/lB9GBb0E=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "4f48dbe12f3cbbeb4d31c91c67b21edbc5b4b451", + "rev": "4e36349249d9b8b6b855898f3b4609b01027f1a1", "type": "github" }, "original": { @@ -343,11 +343,11 @@ ] }, "locked": { - "lastModified": 1741123584, - "narHash": "sha256-mprerMlucqtirmbx6L3VoFnF2bGYc2WSUCj7tuc6xTQ=", + "lastModified": 1741534688, + "narHash": "sha256-EV3945SnjOCuRVbGRghsWx/9D89FyshnSO1Q6/TuQ14=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "6b0154b183f9539097f13af9b5da78ca24da6df2", + "rev": "dd1f720cbc2dbb3c71167c9598045dd3261d27b3", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1741246872, - "narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=", + "lastModified": 1742669843, + "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "10069ef4cf863633f57238f179a0297de84bd8d3", + "rev": "1e5b653dff12029333a6546c11e108ede13052eb", "type": "github" }, "original": { @@ -399,27 +399,27 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1738452181, - "narHash": "sha256-xo3e+SFJfC69lqorgLc0DlRSFq2w59h4TTSGx1zbTrE=", - "owner": "randomizedcoder", + "lastModified": 1742669843, + "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "c9580e24eb621d72eda63355d7c8dbfb1654d333", + "rev": "1e5b653dff12029333a6546c11e108ede13052eb", "type": "github" }, "original": { - "owner": "randomizedcoder", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", - "rev": "c9580e24eb621d72eda63355d7c8dbfb1654d333", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1741445498, - "narHash": "sha256-F5Em0iv/CxkN5mZ9hRn3vPknpoWdcdCyR0e4WklHwiE=", + "lastModified": 1742751704, + "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "52e3095f6d812b91b22fb7ad0bfc1ab416453634", + "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", "type": "github" }, "original": { @@ -439,11 +439,11 @@ ] }, "locked": { - "lastModified": 1741379162, - "narHash": "sha256-srpAbmJapkaqGRE3ytf3bj4XshspVR5964OX5LfjDWc=", + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "b5a62751225b2f62ff3147d0a334055ebadcd5cc", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", "type": "github" }, "original": { @@ -504,11 +504,11 @@ ] }, "locked": { - "lastModified": 1737634991, - "narHash": "sha256-dBAnb7Kbnier30cA7AgxVSxxARmxKZ1vHZT33THSIr8=", + "lastModified": 1741934139, + "narHash": "sha256-ZhTcTH9FoeAtbPfWGrhkH7RjLJZ7GeF18nygLAMR+WE=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "e09dfe2726c8008f983e45a0aa1a3b7416aaeb8a", + "rev": "150b0b6f52bb422a1b232a53698606fe0320dde0", "type": "github" }, "original": { diff --git a/laptops/t/flake.nix b/laptops/t/flake.nix index 5de5e76..83287e4 100644 --- a/laptops/t/flake.nix +++ b/laptops/t/flake.nix @@ -4,10 +4,10 @@ # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - #nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; # https://docs.github.com/en/rest/branches/branches?apiVersion=2022-11-28#get-a-branch # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#iperf2_2.2.1 - nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/c9580e24eb621d72eda63355d7c8dbfb1654d333"; + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/c9580e24eb621d72eda63355d7c8dbfb1654d333"; # https://github.com/NixOS/nix/issues/12022 #nix flake lock --override-input nixpkgs /home/eelco/Dev/nixpkgs #nix flake lock --override-input nixpkgs "/home/das/Downloads/nixpkgs diff --git a/laptops/t/hosts.nix b/laptops/t/hosts.nix index b60a4f0..3af6575 100644 --- a/laptops/t/hosts.nix +++ b/laptops/t/hosts.nix @@ -12,5 +12,6 @@ "172.16.40.70" = ["hp5" "hp5eth"]; "172.16.40.122" = ["pi5-1" "pi5-1-eth"]; "172.16.40.62" = ["chromebox3" "chromebox3-eth"]; + "127.0.0.1" = ["redpanda-0"]; }; } \ No newline at end of file From e8e256050abe8c2b8fe8a2596d4510ba83432a78 Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Mon, 31 Mar 2025 16:17:49 -0700 Subject: [PATCH 5/8] 2025_03_31 nvidia --- laptops/t/Makefile | 3 +++ laptops/t/configuration.nix | 13 +++++++++++-- laptops/t/flake.lock | 30 +++++++++++++++--------------- laptops/t/flake.nix | 8 +++++++- laptops/t/hardware-graphics.nix | 10 ++++++++-- laptops/t/home.nix | 13 +++++++------ laptops/t/systemPackages.nix | 19 +++++++++---------- 7 files changed, 60 insertions(+), 36 deletions(-) diff --git a/laptops/t/Makefile b/laptops/t/Makefile index 4787975..0a717b1 100644 --- a/laptops/t/Makefile +++ b/laptops/t/Makefile @@ -18,6 +18,9 @@ endif rebuild: sudo nixos-rebuild switch --flake . +impure: + sudo nixos-rebuild switch --impure --flake . + rebuild_trace: sudo nixos-rebuild switch --show-trace --flake . diff --git a/laptops/t/configuration.nix b/laptops/t/configuration.nix index c00630e..5caf054 100644 --- a/laptops/t/configuration.nix +++ b/laptops/t/configuration.nix @@ -55,7 +55,8 @@ loader.efi.canTouchEfiVariables = true; # https://nixos.wiki/wiki/Linux_kernel - kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( + #kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( + kernelPackages = pkgs.unstable.linuxPackages; #boot.kernelPackages = pkgs.linuxPackages_latest; #boot.kernelPackages = pkgs.linuxPackages_rpi4 @@ -175,7 +176,7 @@ systemd.services.modem-manager.enable = false; systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - services.clickhouse.enable = true; + services.clickhouse.enable = false; # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { @@ -209,6 +210,12 @@ }; # # https://wiki.hyprland.org/Nix/Hyprland-on-NixOS/ + programs.hyprland = { + enable = true; + # Nvidia patches are no longer needed + #nvidiaPatches = true; + xwayland.enable = true; + }; # programs.hyprland = { # enable = true; # # set the flake package @@ -278,5 +285,7 @@ # services.qemuGuest.enable = true; # services.spice-vdagentd.enable = true; + nixpkgs.config.allowUnfree = true; + # https://wiki.nixos.org/wiki/Laptop } diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index 1c5ba0e..ea8b0b0 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1742655702, - "narHash": "sha256-jbqlw4sPArFtNtA1s3kLg7/A4fzP4GLk9bGbtUJg0JQ=", + "lastModified": 1743387206, + "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=", "owner": "nix-community", "repo": "home-manager", - "rev": "0948aeedc296f964140d9429223c7e4a0702a1ff", + "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1742841187, - "narHash": "sha256-lFc9UfoIXzw35R+mIQMX5q18ANiV6D04A2IxVjTUXVI=", + "lastModified": 1743437607, + "narHash": "sha256-EEUFIq/btzh8RZ/dv69PXvC5c7ythmCYlDOzH7vriAk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "2a6d070774df4c17ca7d7d427065b04d0c77250a", + "rev": "4c987b20e28362410d0c9f9a37bafd6f128b0a2c", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1742815591, - "narHash": "sha256-E/DAR15nCNXd9VVfiQiAXqY6uS4KOR00sX/lB9GBb0E=", + "lastModified": 1743339740, + "narHash": "sha256-G6a7R/gb1xH0yI2uevTmDpxZf6rvMh1lOu0gYrqVu5U=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "4e36349249d9b8b6b855898f3b4609b01027f1a1", + "rev": "6dca4ece21864e329394b81cfc767778089097e2", "type": "github" }, "original": { @@ -399,11 +399,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1743315132, + "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "52faf482a3889b7619003c0daec593a1912fddc1", "type": "github" }, "original": { @@ -415,11 +415,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1742751704, - "narHash": "sha256-rBfc+H1dDBUQ2mgVITMGBPI1PGuCznf9rcWX/XIULyE=", + "lastModified": 1743367904, + "narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "f0946fa5f1fb876a9dc2e1850d9d3a4e3f914092", + "rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c", "type": "github" }, "original": { diff --git a/laptops/t/flake.nix b/laptops/t/flake.nix index 83287e4..cf2ced4 100644 --- a/laptops/t/flake.nix +++ b/laptops/t/flake.nix @@ -39,8 +39,14 @@ config = { allowUnfree = true; }; }; # https://nixos.wiki/wiki/Flakes#Importing_packages_from_multiple_channels + # overlay-unstable = final: prev: { + # unstable = nixpkgs-unstable.legacyPackages.${prev.system}; + # }; overlay-unstable = final: prev: { - unstable = nixpkgs-unstable.legacyPackages.${prev.system}; + unstable = import nixpkgs-unstable { + inherit system; + config = { allowUnfree = true; }; + }; }; lib = nixpkgs.lib; in { diff --git a/laptops/t/hardware-graphics.nix b/laptops/t/hardware-graphics.nix index 3f0a3d9..771ea25 100644 --- a/laptops/t/hardware-graphics.nix +++ b/laptops/t/hardware-graphics.nix @@ -63,7 +63,9 @@ #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this #package = config.boot.kernelPackages.nvidiaPackages.production; # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version - package = pkgs.linuxPackages.nvidia_x11; + # https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/nv/nvidia-modprobe/package.nix + #package = pkgs.linuxPackages.nvidia_x11; + package = pkgs.unstable.linuxPackages.nvidia_x11; }; # https://theo.is-a.dev/blog/post/hyprland-adventure/ @@ -154,4 +156,8 @@ # # #sync.enable = true; # # enableOffloadCmd = true; # #}; - # }; \ No newline at end of file + # }; + +# [LOG] GPU information: +# 00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) (prog-if 00 [VGA controller]) +# 01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) (prog-if 00 [VGA controller]) \ No newline at end of file diff --git a/laptops/t/home.nix b/laptops/t/home.nix index 2656086..078b1ef 100644 --- a/laptops/t/home.nix +++ b/laptops/t/home.nix @@ -133,16 +133,17 @@ # thunderbird #go_1_23 unstable.go - gopls - golint + unstable.gopls + unstable.golint golangci-lint - golangci-lint-langserver - trunk-io + unstable.golangci-lint-langserver + # trunk is unfree, and i can't work out how to enable unfree + #trunk-io # https://github.com/go-delve/delve - delve + unstable.delve # https://github.com/aarzilli/gdlv gdlv - buf + unstable.buf protobuf_27 grpcurl # https://github.com/go-gorm/gen diff --git a/laptops/t/systemPackages.nix b/laptops/t/systemPackages.nix index d250f92..dee3256 100644 --- a/laptops/t/systemPackages.nix +++ b/laptops/t/systemPackages.nix @@ -22,7 +22,6 @@ usbutils pciutils virt-manager - cudatoolkit pkgs.gnomeExtensions.appindicator iw wirelesstools @@ -31,13 +30,13 @@ lldpd #snmp seems to be needed by lldpd net-snmp - neofetch + unstable.neofetch # https://wiki.nixos.org/wiki/Flameshot (flameshot.override { enableWlrSupport = true; }) # hyprland - hyprland + unstable.hyprland swww # for wallpapers xdg-desktop-portal-gtk xdg-desktop-portal-hyprland @@ -50,16 +49,16 @@ # #nvidia - vdpauinfo # sudo vainfo - libva-utils # sudo vainfo + unstable.vdpauinfo # sudo vainfo + unstable.libva-utils # sudo vainfo # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 # - ffmpeg-full + unstable.ffmpeg-full # # https://nixos.wiki/wiki/CUDA - cudatoolkit - linuxPackages.nvidia_x11 - libGLU - libGL + unstable.cudatoolkit + unstable.linuxPackages.nvidia_x11 + unstable.libGLU + unstable.libGL ]; } \ No newline at end of file From b3b2e7f0b842046921f2259d4eed3b7c6e700d7a Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Mon, 31 Mar 2025 16:33:25 -0700 Subject: [PATCH 6/8] more tweaks --- laptops/t/home.nix | 18 +++++++++++++++++- laptops/t/systemPackages.nix | 2 +- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/laptops/t/home.nix b/laptops/t/home.nix index 078b1ef..8ea29d6 100644 --- a/laptops/t/home.nix +++ b/laptops/t/home.nix @@ -26,6 +26,7 @@ # https://nix-community.github.io/home-manager/options.xhtml#opt-home.sessionVariables home.sessionVariables = { + QT_QPA_PLATFORM = "wayland"; GI_TYPELIB_PATH = "/run/current-system/sw/lib/girepository-1.0"; # disable wayland NIXOS_OZONE_WL = "1"; @@ -230,7 +231,8 @@ # zoom-us # - flameshot + # https://wiki.nixos.org/wiki/Flameshot + (flameshot.override { enableWlrSupport = true; }) grim # screenshot functionality slurp # screenshot functionality # @@ -501,6 +503,20 @@ } ''; }; + home.file.".config/ghostty/ghostty.toml" = { + target = ".config/ghostty/ghostty.toml"; + text = '' + [window] + # Whether to show the scrollback sidebar. + sidebar = true + + # The width of the scrollback sidebar. + sidebar_width = 10 + + # Whether to show the scrollback sidebar on the left or right. + sidebar_position = "right" + ''; + }; nixpkgs.config.allowUnfree = true; diff --git a/laptops/t/systemPackages.nix b/laptops/t/systemPackages.nix index dee3256..4378681 100644 --- a/laptops/t/systemPackages.nix +++ b/laptops/t/systemPackages.nix @@ -33,7 +33,7 @@ unstable.neofetch # https://wiki.nixos.org/wiki/Flameshot - (flameshot.override { enableWlrSupport = true; }) + #(flameshot.override { enableWlrSupport = true; }) # hyprland unstable.hyprland From 2421ff8c3835c6a3b32db153810ddca8ed542ba5 Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Thu, 17 Apr 2025 10:07:22 -0700 Subject: [PATCH 7/8] t14 to flakes --- laptops/t/configuration.nix.before | 3 + laptops/t/flake.lock | 54 +-- laptops/t/prometheus.nix | 19 ++ laptops/t14/Makefile | 49 ++- laptops/t14/configuration.nix | 231 ++++++++----- laptops/t14/docker-daemon.nix | 27 ++ laptops/t14/firewall.nix | 32 ++ laptops/t14/flake.lock | 523 ++++++++++++++++++++++++++++ laptops/t14/flake.nix | 74 ++++ laptops/t14/grafana.nix | 23 ++ laptops/t14/home-manager.nix | 392 --------------------- laptops/t14/home.nix | 525 +++++++++++++++++++++++++++++ laptops/t14/hosts.nix | 1 + laptops/t14/locale.nix | 18 + laptops/t14/nodeExporter.nix | 27 ++ laptops/t14/prometheus.nix | 49 ++- laptops/t14/sysctl.nix | 43 +++ laptops/t14/systemPackages.nix | 64 ++++ laptops/t14/wireless_desktop.nix | 20 ++ 19 files changed, 1667 insertions(+), 507 deletions(-) create mode 100644 laptops/t14/docker-daemon.nix create mode 100644 laptops/t14/firewall.nix create mode 100644 laptops/t14/flake.lock create mode 100644 laptops/t14/flake.nix create mode 100644 laptops/t14/grafana.nix delete mode 100644 laptops/t14/home-manager.nix create mode 100644 laptops/t14/home.nix create mode 100644 laptops/t14/locale.nix create mode 100644 laptops/t14/nodeExporter.nix create mode 100644 laptops/t14/sysctl.nix create mode 100644 laptops/t14/systemPackages.nix create mode 100644 laptops/t14/wireless_desktop.nix diff --git a/laptops/t/configuration.nix.before b/laptops/t/configuration.nix.before index 4ef544b..5cd5470 100644 --- a/laptops/t/configuration.nix.before +++ b/laptops/t/configuration.nix.before @@ -195,6 +195,9 @@ systemd.services.modem-manager.enable = false; systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; + # https://discourse.nixos.org/t/unable-to-fix-too-many-open-files-error/27094/6 + systemd.extraConfig = "DefaultLimitNOFILE=2048"; # defaults to 1024 if unset + # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index ea8b0b0..d29e6fa 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1742213273, - "narHash": "sha256-0l0vDb4anfsBu1rOs94bC73Hub+xEivgBAo6QXl2MmU=", + "lastModified": 1743265529, + "narHash": "sha256-QbjP15/2N+VJl0b5jxrrTc+VOt39aU4XrDvtP0Lz5ik=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "484b732195cc53f4536ce4bd59a5c6402b1e7ccf", + "rev": "1d2dbd72c2bbaceab031c592d4810f744741d203", "type": "github" }, "original": { @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1743387206, - "narHash": "sha256-24N3NAuZZbYqZ39NgToZgHUw6M7xHrtrAm18kv0+2Wo=", + "lastModified": 1744117652, + "narHash": "sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI=", "owner": "nix-community", "repo": "home-manager", - "rev": "15c5f9d04fabd176f30286c8f52bbdb2c853a146", + "rev": "b4e98224ad1336751a2ac7493967a4c9f6d9cb3f", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1743437607, - "narHash": "sha256-EEUFIq/btzh8RZ/dv69PXvC5c7ythmCYlDOzH7vriAk=", + "lastModified": 1744324490, + "narHash": "sha256-NddZqhX+75btNvcxhZD0AVXuAAM4Lnip2c+yrQThSVU=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "4c987b20e28362410d0c9f9a37bafd6f128b0a2c", + "rev": "382f0f23f144e11bdccac6c5d3c1ed415b4b1855", "type": "github" }, "original": { @@ -196,11 +196,11 @@ ] }, "locked": { - "lastModified": 1743339740, - "narHash": "sha256-G6a7R/gb1xH0yI2uevTmDpxZf6rvMh1lOu0gYrqVu5U=", + "lastModified": 1743950622, + "narHash": "sha256-8qjDapcQeDqxQUIm5gA0x6XZtowV/14bOs3K0tCSMoU=", "owner": "hyprwm", "repo": "hyprland-plugins", - "rev": "6dca4ece21864e329394b81cfc767778089097e2", + "rev": "be6b9875dd5c586fb401d294bb98c31973849651", "type": "github" }, "original": { @@ -221,11 +221,11 @@ ] }, "locked": { - "lastModified": 1738422629, - "narHash": "sha256-5v+bv75wJWvahyM2xcMTSNNxmV8a7hb01Eey5zYnBJw=", + "lastModified": 1743714874, + "narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "755aef8dab49d0fc4663c715fa4ad221b2aedaed", + "rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2", "type": "github" }, "original": { @@ -343,11 +343,11 @@ ] }, "locked": { - "lastModified": 1741534688, - "narHash": "sha256-EV3945SnjOCuRVbGRghsWx/9D89FyshnSO1Q6/TuQ14=", + "lastModified": 1743950287, + "narHash": "sha256-/6IAEWyb8gC/NKZElxiHChkouiUOrVYNq9YqG0Pzm4Y=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "dd1f720cbc2dbb3c71167c9598045dd3261d27b3", + "rev": "f2dc70e448b994cef627a157ee340135bd68fbc6", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742669843, - "narHash": "sha256-G5n+FOXLXcRx+3hCJ6Rt6ZQyF1zqQ0DL0sWAMn2Nk0w=", + "lastModified": 1743827369, + "narHash": "sha256-rpqepOZ8Eo1zg+KJeWoq1HAOgoMCDloqv5r2EAa9TSA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1e5b653dff12029333a6546c11e108ede13052eb", + "rev": "42a1c966be226125b48c384171c44c651c236c22", "type": "github" }, "original": { @@ -399,11 +399,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1743315132, - "narHash": "sha256-6hl6L/tRnwubHcA4pfUUtk542wn2Om+D4UnDhlDW9BE=", + "lastModified": 1744098102, + "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "52faf482a3889b7619003c0daec593a1912fddc1", + "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", "type": "github" }, "original": { @@ -415,11 +415,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1743367904, - "narHash": "sha256-sOos1jZGKmT6xxPvxGQyPTApOunXvScV4lNjBCXd/CI=", + "lastModified": 1744168086, + "narHash": "sha256-S9M4HddBCxbbX1CKSyDYgZ8NCVyHcbKnBfoUXeRu2jQ=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7ffe0edc685f14b8c635e3d6591b0bbb97365e6c", + "rev": "60e405b241edb6f0573f3d9f944617fe33ac4a73", "type": "github" }, "original": { diff --git a/laptops/t/prometheus.nix b/laptops/t/prometheus.nix index 18e863f..24eabca 100644 --- a/laptops/t/prometheus.nix +++ b/laptops/t/prometheus.nix @@ -33,6 +33,12 @@ targets = [ "localhost:19363" ]; }]; } + { + job_name = "hp1"; + static_configs = [{ + targets = [ "hp1:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } { job_name = "hp1_clickhouse"; static_configs = [{ @@ -40,6 +46,19 @@ targets = [ "hp1:19363" ]; }]; } + { + job_name = "hp2"; + static_configs = [{ + targets = [ "hp2:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp2_clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "hp2:19363" ]; + }]; + } #{ # job_name = "chromebox1"; # static_configs = [{ diff --git a/laptops/t14/Makefile b/laptops/t14/Makefile index a213799..7dd7a31 100644 --- a/laptops/t14/Makefile +++ b/laptops/t14/Makefile @@ -1,14 +1,49 @@ # -# nixos/t14/Makefile +# nixos/laptops/t14/Makefile # -all: - sudo cp ../modules/* /etc/nixos/ - sudo cp ./configuration.nix /etc/nixos/ - sudo cp ./home-manager.nix /etc/nixos/ - sudo cp ./prometheus.nix /etc/nixos/ - sudo nixos-rebuild switch +EXPECTED_HOSTNAME := t14 + +ACTUAL_HOSTNAME := $(shell hostname) + +all: check_hostname rebuild + +check_hostname: +ifeq ($(ACTUAL_HOSTNAME),$(EXPECTED_HOSTNAME)) + @echo "Hostnames match: $(ACTUAL_HOSTNAME)" +else + @echo "Error: Hostname does not match. Expected: $(EXPECTED_HOSTNAME), Got: $(ACTUAL_HOSTNAME)" + @exit 1 +endif + +rebuild: + sudo nixos-rebuild switch --flake . + +impure: + sudo nixos-rebuild switch --impure --flake . + +rebuild_trace: + sudo nixos-rebuild switch --show-trace --flake . update: + sudo nix flake update; + +rebuild_old: + # sudo cp ./flake.nix /etc/nixos/ + # sudo cp ./flake.lock /etc/nixos/ + # sudo cp ../../modules/* /etc/nixos/ + # sudo cp ./configuration.nix /etc/nixos/ + # #sudo cp ./home-manager.nix /etc/nixos/ + # sudo cp ./home.nix /etc/nixos/ + # sudo cp ./prometheus.nix /etc/nixos/ + # sudo cp ./*.nix /etc/nixos/ + # sudo nix-channel --update + # sudo nixos-rebuild switch + #sudo cp ./* /etc/nixos/ + sudo nix flake update; + #sudo nix-channel --update; + sudo nixos-rebuild switch --flake . + +update_oldm.: sudo nix-channel --update sudo nixos-rebuild switch #nix-shell -p vim diff --git a/laptops/t14/configuration.nix b/laptops/t14/configuration.nix index e3591e6..8f3c90a 100644 --- a/laptops/t14/configuration.nix +++ b/laptops/t14/configuration.nix @@ -8,28 +8,33 @@ # nmcli device wifi connect MYSSID password PWORD # systemctl restart display-manager.service -{ config, pkgs, ... }: +{ + inputs, + config, + pkgs, + lib, + ... +}: # https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F +# https://discourse.nixos.org/t/differences-between-nix-channels/13998 { # https://nixos.wiki/wiki/NixOS_modules + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager imports = - [ # Include the results of the hardware scan. + [ ./hardware-configuration.nix - # sudo nix-channel --add https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz home-manager - # sudo nix-channel --update - - # + #./hardware-graphics.nix ./sysctl.nix ./wireless_desktop.nix - ./sound.nix ./locale.nix ./hosts.nix ./firewall.nix #./systemdSystem.nix ./systemPackages.nix - ./home-manager.nix + # home manager is imported in the flake + #./home.nix ./nodeExporter.nix ./prometheus.nix ./grafana.nix @@ -39,23 +44,70 @@ #./smokeping.nix ]; + boot = { + loader.systemd-boot = { + enable = true; + consoleMode = "max"; + memtest86.enable = true; + }; - # Bootloader. - boot.loader.systemd-boot = { - enable = true; - consoleMode = "max"; # Sets the console mode to the highest resolution supported by the firmware. - memtest86.enable = true; - }; + loader.efi.canTouchEfiVariables = true; - boot.loader.efi.canTouchEfiVariables = true; + # https://nixos.wiki/wiki/Linux_kernel + #kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( + kernelPackages = pkgs.unstable.linuxPackages; + #boot.kernelPackages = pkgs.linuxPackages_latest; + #boot.kernelPackages = pkgs.linuxPackages_rpi4 - # https://nixos.wiki/wiki/Linux_kernel - boot.kernelPackages = pkgs.linuxPackages_latest; - #boot.kernelPackages = pkgs.linuxPackages_rpi4 + # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 + kernelParams = [ + #"nvidia-drm.modeset=1" + #"nvidia-drm.fbdev=1" + # https://www.reddit.com/r/NixOS/comments/u5l3ya/cant_start_x_in_nixos/?rdt=56160 + #"nomodeset" + ]; + + #blacklistedKernelModules = [ + # "nouveau" + # #"i915" + #]; - #boot.kernelParams = [ - # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 + # https://wiki.nixos.org/wiki/NixOS_on_ARM/Building_Images#Compiling_through_binfmt_QEMU + # https://nixos.org/manual/nixos/stable/options#opt-boot.binfmt.emulatedSystems + binfmt.emulatedSystems = [ "aarch64-linux" "riscv64-linux" ]; + + extraModulePackages = with config.boot.kernelPackages; [ + v4l2loopback + #nvidia_x11 + ]; + + # # https://nixos.wiki/wiki/Libvirt#Nested_virtualization + # #extraModprobeConfig = "options kvm_intel nested=1"; + # # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config_working-nix-L19 + # extraModprobeConfig = + # "options nvidia " + # #"" + # + lib.concatStringsSep " " [ + # # nvidia assume that by default your CPU does not support PAT, + # # but this is effectively never the case in 2023 + # "NVreg_UsePageAttributeTable=1" + # # This is sometimes needed for ddc/ci support, see + # # https://www.ddcutil.com/nvidia/ + # # + # # Current monitor does not support it, but this is useful for + # # the future + # "NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" + # "options kvm_intel nested=1" + # # # https://nixos.wiki/wiki/OBS_Studio + # '' + # options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1 + # '' + # ]; + }; + + # For OBS + security.polkit.enable = true; nix = { gc = { @@ -67,53 +119,66 @@ settings = { auto-optimise-store = true; experimental-features = [ "nix-command" "flakes" ]; + download-buffer-size = "500000000"; }; }; # https://nixos.wiki/wiki/Networking networking.hostName = "t14"; - services.lldpd.enable = true; - - # Set your time zone. time.timeZone = "America/Los_Angeles"; - hardware.opengl = { + services.udev.packages = [ pkgs.gnome-settings-daemon ]; + # services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; + + # https://nixos.wiki/wiki/NixOS_Wiki:Audio + hardware.pulseaudio.enable = false; # Use Pipewire, the modern sound subsystem + + security.rtkit.enable = true; # Enable RealtimeKit for audio purposes + + services.pipewire = { enable = true; - driSupport = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # Uncomment the following line if you want to use JACK applications + # jack.enable = true; }; - services.xserver = { + services.lldpd.enable = true; + services.openssh.enable = true; + services.timesyncd.enable = true; + services.fstrim.enable = true; + services.avahi = { enable = true; + nssmdns4 = true; + ipv4 = true; + ipv6 = true; + openFirewall = true; + }; - # Display Managers are responsible for handling user login - displayManager = { - gdm.enable = true; - }; - # Enable the GNOME Desktop Environment. - desktopManager = { - gnome.enable = true; - plasma5.enable = false; - xterm.enable = false; - }; - # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 + services.bpftune.enable = true; + # Enable touchpad support (enabled default in most desktopManager). + services.libinput.enable = true; - # Configure keymap in X11 - xkb.layout = "us"; - xkb.variant = ""; - }; + # https://nixos.wiki/wiki/Printing + services.printing.enable = true; - services.udev.packages = [ pkgs.gnome.gnome-settings-daemon ]; + # https://wiki.nixos.org/wiki/Flameshot + # services.flameshot = { + # enable = true; + # settings.General = { + # showStartupLaunchMessage = false; + # saveLastRegion = true; + # }; + # }; systemd.services.modem-manager.enable = false; systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; - # Enable touchpad support (enabled default in most desktopManager). - services.libinput.enable = true; - - # Enable CUPS to print documents. - services.printing.enable = true; + services.clickhouse.enable = false; + # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { TERM = "xterm-256color"; #MY_VARIABLE = "my-value"; @@ -132,48 +197,48 @@ ]; }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - # wget - vim - curl - wget - tcpdump - iproute2 - nftables - iptables - pciutils - usbutils - pciutils - virt-manager - #cudatoolkit #t14 is not nvidia - pkgs.gnomeExtensions.appindicator - ]; + # package moved to systemPackages.nix + # environment.systemPackages = with pkgs; [ # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; - # programs.gnupg.agent = { - # enable = true; - # enableSSHSupport = true; - # }; + programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - #programs.hyprland.enable = true; - - services.openssh.enable = true; - - services.timesyncd.enable = true; + # # https://wiki.hyprland.org/Nix/Hyprland-on-NixOS/ + programs.hyprland = { + enable = true; + # Nvidia patches are no longer needed + #nvidiaPatches = true; + xwayland.enable = true; + }; + # programs.hyprland = { + # enable = true; + # # set the flake package + # package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; + # # make sure to also set the portal package, so that they are in sync + # portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; + # }; - services.fstrim.enable = true; + # programs.chromium.enable = true; + # # programs.chromium.package = pkgs.google-chrome; + # # https://nixos.wiki/wiki/Chromium#Enabling_native_Wayland_support + # nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; + # #programs.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland"; + + # programs.firefox.enable = true; + # # # https://github.com/TLATER/dotfiles/blob/master/nixos-modules/nvidia/default.nix + # programs.firefox.preferences = { + # "media.ffmpeg.vaapi.enabled" = true; + # "media.rdd-ffmpeg.enabled" = true; + # "media.av1.enabled" = true; # Won't work on the 2060 + # "gfx.x11-egl.force-enabled" = true; + # "widget.dmabuf.force-enabled" = true; + # }; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; @@ -188,6 +253,7 @@ # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). #system.stateVersion = "23.11"; + system.stateVersion = "24.05"; virtualisation.containers = { @@ -210,9 +276,16 @@ # # }; # # }; + # https://nixos.wiki/wiki/Virt-manager virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; + virtualisation.spiceUSBRedirection.enable = true; + + # guest # services.qemuGuest.enable = true; + # services.spice-vdagentd.enable = true; + + nixpkgs.config.allowUnfree = true; # https://wiki.nixos.org/wiki/Laptop } diff --git a/laptops/t14/docker-daemon.nix b/laptops/t14/docker-daemon.nix new file mode 100644 index 0000000..fe72a86 --- /dev/null +++ b/laptops/t14/docker-daemon.nix @@ -0,0 +1,27 @@ + +{ config, pkgs, ... }: + +{ + # https://nixos.wiki/wiki/Docker + # https://search.nixos.org/options?from=0&size=50&sort=alpha_asc&query=virtualisation.docker + # https://search.nixos.org/options?channel=24.05&show=virtualisation.docker.extraOptions&from=0&size=50&sort=alpha_asc&type=packages&query=virtualisation.docker + # https://github.com/NixOS/nixpkgs/issues/68349 + virtualisation.docker.enable = true; + virtualisation.docker.daemon.settings = { + data-root = "/home/das/docker/"; + userland-proxy = false; + experimental = true; + ipv6 = true; + fixed-cidr-v6 = "fd00::/80"; + metrics-addr = "0.0.0.0:9323"; + # log-driver = "json-file"; + # log-opts.max-size = "10m"; + # log-opts.max-file = "10"; + }; + #this doesn't work + #virtualisation.docker.daemon.settings.log-opts.max-size = "10m"; + # https://docs.docker.com/reference/cli/dockerd/ + #virtualisation.docker.extraOptions = "--userland-proxy=false"; + #virtualisation.docker.extraOptions = "--log-opt=max-size=10m"; + #virtualisation.docker.extraOptions = "--ipv6"; +} \ No newline at end of file diff --git a/laptops/t14/firewall.nix b/laptops/t14/firewall.nix new file mode 100644 index 0000000..449b44f --- /dev/null +++ b/laptops/t14/firewall.nix @@ -0,0 +1,32 @@ +{ config, pkgs, ... }: + +{ + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # https://nixos.wiki/wiki/Firewall + # https://scvalex.net/posts/54/ + # sudo nft --stateless list table filter + # sudo sudo iptables-save + networking.firewall = { + enable = false; + allowedTCPPorts = [ + 22 # ssh + 5001 # iperf2 + ]; + # allowedTCPPorts = [ 22 5001 ]; + # #allowedUDPPortRanges = [ + # # { from = 4000; to = 4007; } + # # { from = 8000; to = 8010; } + # #]; + # NixOS automagically creates stateful connection tracking, which we don't want + # for performance reasons + # extraCommands = '' + # iptables --delete nixos-fw -m conntrack --ctstate RELATED,ESTABLISHED -j nixos-fw-accept || true + # ''; + }; + # networking.firewall.interfaces."eth0".allowedTCPPorts = [ 80 443 ]; +} \ No newline at end of file diff --git a/laptops/t14/flake.lock b/laptops/t14/flake.lock new file mode 100644 index 0000000..d29e6fa --- /dev/null +++ b/laptops/t14/flake.lock @@ -0,0 +1,523 @@ +{ + "nodes": { + "aquamarine": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743265529, + "narHash": "sha256-QbjP15/2N+VJl0b5jxrrTc+VOt39aU4XrDvtP0Lz5ik=", + "owner": "hyprwm", + "repo": "aquamarine", + "rev": "1d2dbd72c2bbaceab031c592d4810f744741d203", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "aquamarine", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "gitignore": { + "inputs": { + "nixpkgs": [ + "hyprland", + "pre-commit-hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744117652, + "narHash": "sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "b4e98224ad1336751a2ac7493967a4c9f6d9cb3f", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-24.11", + "repo": "home-manager", + "type": "github" + } + }, + "hyprcursor": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1742215578, + "narHash": "sha256-zfs71PXVVPEe56WEyNi2TJQPs0wabU4WAlq0XV7GcdE=", + "owner": "hyprwm", + "repo": "hyprcursor", + "rev": "2fd36421c21aa87e2fe3bee11067540ae612f719", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprcursor", + "type": "github" + } + }, + "hyprgraphics": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1739049071, + "narHash": "sha256-3+7TpXMrbsUXSwgr5VAKAnmkzMb6JO+Rvc9XRb5NMg4=", + "owner": "hyprwm", + "repo": "hyprgraphics", + "rev": "175c6b29b6ff82100539e7c4363a35a02c74dd73", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprgraphics", + "type": "github" + } + }, + "hyprland": { + "inputs": { + "aquamarine": "aquamarine", + "hyprcursor": "hyprcursor", + "hyprgraphics": "hyprgraphics", + "hyprland-protocols": "hyprland-protocols", + "hyprland-qtutils": "hyprland-qtutils", + "hyprlang": "hyprlang", + "hyprutils": "hyprutils", + "hyprwayland-scanner": "hyprwayland-scanner", + "nixpkgs": "nixpkgs", + "pre-commit-hooks": "pre-commit-hooks", + "systems": "systems", + "xdph": "xdph" + }, + "locked": { + "lastModified": 1744324490, + "narHash": "sha256-NddZqhX+75btNvcxhZD0AVXuAAM4Lnip2c+yrQThSVU=", + "owner": "hyprwm", + "repo": "Hyprland", + "rev": "382f0f23f144e11bdccac6c5d3c1ed415b4b1855", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "Hyprland", + "type": "github" + } + }, + "hyprland-plugins": { + "inputs": { + "hyprland": [ + "hyprland" + ], + "nixpkgs": [ + "hyprland-plugins", + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland-plugins", + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743950622, + "narHash": "sha256-8qjDapcQeDqxQUIm5gA0x6XZtowV/14bOs3K0tCSMoU=", + "owner": "hyprwm", + "repo": "hyprland-plugins", + "rev": "be6b9875dd5c586fb401d294bb98c31973849651", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-plugins", + "type": "github" + } + }, + "hyprland-protocols": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743714874, + "narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=", + "owner": "hyprwm", + "repo": "hyprland-protocols", + "rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-protocols", + "type": "github" + } + }, + "hyprland-qt-support": { + "inputs": { + "hyprlang": [ + "hyprland", + "hyprland-qtutils", + "hyprlang" + ], + "nixpkgs": [ + "hyprland", + "hyprland-qtutils", + "nixpkgs" + ], + "systems": [ + "hyprland", + "hyprland-qtutils", + "systems" + ] + }, + "locked": { + "lastModified": 1737634706, + "narHash": "sha256-nGCibkfsXz7ARx5R+SnisRtMq21IQIhazp6viBU8I/A=", + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "rev": "8810df502cdee755993cb803eba7b23f189db795", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qt-support", + "type": "github" + } + }, + "hyprland-qtutils": { + "inputs": { + "hyprland-qt-support": "hyprland-qt-support", + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprland-qtutils", + "hyprlang", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1739048983, + "narHash": "sha256-REhTcXq4qs3B3cCDtLlYDz0GZvmsBSh947Ub6pQWGTQ=", + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "rev": "3504a293c8f8db4127cb0f7cfc1a318ffb4316f8", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprland-qtutils", + "type": "github" + } + }, + "hyprlang": { + "inputs": { + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1741191527, + "narHash": "sha256-kM+11Nch47Xwfgtw2EpRitJuORy4miwoMuRi5tyMBDY=", + "owner": "hyprwm", + "repo": "hyprlang", + "rev": "72df3861f1197e41b078faa3e38eedd60e00018d", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprlang", + "type": "github" + } + }, + "hyprutils": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1743950287, + "narHash": "sha256-/6IAEWyb8gC/NKZElxiHChkouiUOrVYNq9YqG0Pzm4Y=", + "owner": "hyprwm", + "repo": "hyprutils", + "rev": "f2dc70e448b994cef627a157ee340135bd68fbc6", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprutils", + "type": "github" + } + }, + "hyprwayland-scanner": { + "inputs": { + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1739870480, + "narHash": "sha256-SiDN5BGxa/1hAsqhgJsS03C3t2QrLgBT8u+ENJ0Qzwc=", + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "rev": "206367a08dc5ac4ba7ad31bdca391d098082e64b", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "hyprwayland-scanner", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1743827369, + "narHash": "sha256-rpqepOZ8Eo1zg+KJeWoq1HAOgoMCDloqv5r2EAa9TSA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "42a1c966be226125b48c384171c44c651c236c22", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1744098102, + "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1744168086, + "narHash": "sha256-S9M4HddBCxbbX1CKSyDYgZ8NCVyHcbKnBfoUXeRu2jQ=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "60e405b241edb6f0573f3d9f944617fe33ac4a73", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks": { + "inputs": { + "flake-compat": "flake-compat", + "gitignore": "gitignore", + "nixpkgs": [ + "hyprland", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "hyprland": "hyprland", + "hyprland-plugins": "hyprland-plugins", + "nixpkgs": "nixpkgs_2", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "systems": { + "locked": { + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", + "owner": "nix-systems", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default-linux", + "type": "github" + } + }, + "xdph": { + "inputs": { + "hyprland-protocols": [ + "hyprland", + "hyprland-protocols" + ], + "hyprlang": [ + "hyprland", + "hyprlang" + ], + "hyprutils": [ + "hyprland", + "hyprutils" + ], + "hyprwayland-scanner": [ + "hyprland", + "hyprwayland-scanner" + ], + "nixpkgs": [ + "hyprland", + "nixpkgs" + ], + "systems": [ + "hyprland", + "systems" + ] + }, + "locked": { + "lastModified": 1741934139, + "narHash": "sha256-ZhTcTH9FoeAtbPfWGrhkH7RjLJZ7GeF18nygLAMR+WE=", + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "rev": "150b0b6f52bb422a1b232a53698606fe0320dde0", + "type": "github" + }, + "original": { + "owner": "hyprwm", + "repo": "xdg-desktop-portal-hyprland", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/laptops/t14/flake.nix b/laptops/t14/flake.nix new file mode 100644 index 0000000..a8c7769 --- /dev/null +++ b/laptops/t14/flake.nix @@ -0,0 +1,74 @@ +{ + description = "t14 Flake"; + + # https://nix.dev/manual/nix/2.24/command-ref/new-cli/nix3-flake.html#flake-inputs + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + # https://docs.github.com/en/rest/branches/branches?apiVersion=2022-11-28#get-a-branch + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/8f146535307f0168d758fe6fee6f52663cb11695";#iperf2_2.2.1 + # nixpkgs-unstable.url = "github:randomizedcoder/nixpkgs/c9580e24eb621d72eda63355d7c8dbfb1654d333"; + # https://github.com/NixOS/nix/issues/12022 + #nix flake lock --override-input nixpkgs /home/eelco/Dev/nixpkgs + #nix flake lock --override-input nixpkgs "/home/das/Downloads/nixpkgs + #nixpkgs.url = "/home/das/Downloads/nixpkgs"; + #nixpkgs = "../../../Downloads/nixpkgs/"; + # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager + home-manager = { + url = "github:nix-community/home-manager/release-24.11"; + # The `follows` keyword in inputs is used for inheritance. + # Here, `inputs.nixpkgs` of home-manager is kept consistent with + # the `inputs.nixpkgs` of the current flake, + # to avoid problems caused by different versions of nixpkgs. + inputs.nixpkgs.follows = "nixpkgs"; + }; + hyprland.url = "github:hyprwm/Hyprland"; + hyprland-plugins = { + url = "github:hyprwm/hyprland-plugins"; + # https://github.com/hyprwm/hyprland-plugins + inputs.hyprland.follows = "hyprland"; + }; + }; + + #outputs = inputs@{ nixpkgs, home-manager, hyprland, ... }: + outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, hyprland, ... }: + let + system = "x86_64-linux"; + pkgs = import nixpkgs { + inherit system; + config = { allowUnfree = true; }; + }; + # https://nixos.wiki/wiki/Flakes#Importing_packages_from_multiple_channels + # overlay-unstable = final: prev: { + # unstable = nixpkgs-unstable.legacyPackages.${prev.system}; + # }; + overlay-unstable = final: prev: { + unstable = import nixpkgs-unstable { + inherit system; + config = { allowUnfree = true; }; + }; + }; + lib = nixpkgs.lib; + in { + nixosConfigurations = { + t = lib.nixosSystem rec { + #system ="x86_64-linux"; + inherit system; + specialArgs = { inherit hyprland; }; + modules = [ + ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; }) + ./configuration.nix + hyprland.nixosModules.default + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.das = import ./home.nix; + home-manager.extraSpecialArgs = specialArgs; + # see also: https://github.com/HeinzDev/Hyprland-dotfiles/blob/main/flake.nix + } + ]; + }; + }; + }; +} diff --git a/laptops/t14/grafana.nix b/laptops/t14/grafana.nix new file mode 100644 index 0000000..471b71d --- /dev/null +++ b/laptops/t14/grafana.nix @@ -0,0 +1,23 @@ +{ config, pkgs, ... }: +{ + # https://nixos.wiki/wiki/Grafana + # https://search.nixos.org/options?query=services.grafana + # https://xeiaso.net/blog/prometheus-grafana-loki-nixos-2020-11-20/ + # https://grafana.com/grafana/dashboards/1860-node-exporter-full/ + services.grafana = { + enable = true; + settings = { + server = { + # Listening Address + http_addr = "0.0.0.0"; + # and Port + http_port = 3000; + # Grafana needs to know on which domain and URL it's running + #domain = "your.domain"; + #root_url = "https://your.domain/grafana/"; # Not needed if it is `https://your.domain/` + serve_from_sub_path = true; + enable_gzip = true; + }; + }; + }; +} \ No newline at end of file diff --git a/laptops/t14/home-manager.nix b/laptops/t14/home-manager.nix deleted file mode 100644 index d61ecee..0000000 --- a/laptops/t14/home-manager.nix +++ /dev/null @@ -1,392 +0,0 @@ -{ config, pkgs, ... }: - -# sudo cp ./nixos/modules/* /etc/nixos/ -# sudo nixos-rebuild switch - -{ - # https://nix-community.github.io/home-manager/index.xhtml#ch-installation - home-manager.users.das = { pkgs, ... }: { - - # https://nix-community.github.io/home-manager/options.xhtml#opt-home.sessionVariables - home.sessionVariables = { - GI_TYPELIB_PATH = "/run/current-system/sw/lib/girepository-1.0"; - # disable wayland - #NIXOS_OZONE_WL = "1"; - }; - - home.packages = with pkgs; [ - # - killall - hw-probe - # - gparted - # - ncdu - # - hw-probe - lshw - # - tmux - screen - # - libgcc - # https://nixos.wiki/wiki/C - # https://search.nixos.org/packages?channel=24.05&show=gcc&from=0&size=50&sort=relevance&type=packages&query=gcc - gcc - automake - gnumake - #cmake - pkg-config - # - # alsa-lib - # alsa-lib-with-plugins - # - perl - python3 - # - gawk - jq - git - htop - minicom - # - bzip2 - gzip - lz4 - zip - unzip - xz - zstd - # - rsync - tree - # - alacritty - kitty - # - ethtool - iproute2 - vlan - tcpdump - wireshark - #iperf2 - netperf - flent - bpftools - fping - inetutils - # - hwloc - bpftools - # - inotify-tools - # - gnuradio - hackrf - gqrx - cubicsdr - # - neofetch - # - vlc - ffmpeg_7-full - #ffmpeg-full - # go - # https://nixos.wiki/wiki/Go - # https://nixos.org/manual/nixpkgs/stable/#sec-language-go - # https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F - libcap - gcc - # thunderbird - go - golangci-lint - golangci-lint-langserver - trunk-io - # https://github.com/go-delve/delve - delve - # https://github.com/aarzilli/gdlv - gdlv - buf - buf-language-server - # - graphviz - # - meld - # - # https://nixos.wiki/wiki/Helix - helix - # rust - # https://nixos.wiki/wiki/Rust - pkgs.cargo - pkgs.rustc - # - flutter - android-studio - android-tools - android-udev-rules - # - # debug - strace - # Gnome related / extensions - # gnomeExtensions.emoji-copy - # unstable.gnomeExtensions.workspace-switcher-manager - gnome-extension-manager - gnome-usage - gnome.dconf-editor - #gnome.gnome-settings-daemon - gnome-settings-daemon - gnome.gnome-disk-utility - gnome.gnome-software - gnome.gnome-tweaks - gnome.simple-scan - gnomeExtensions.appindicator - gnomeExtensions.settingscenter - gnomeExtensions.system-monitor - gnomeExtensions.dash-to-dock - gnomeExtensions.just-perfection - gnomeExtensions.logo-menu - gnomeExtensions.wifi-qrcode - gnomeExtensions.wireless-hid - gnomeExtensions.user-themes - gnomeExtensions.tray-icons-reloaded - gnomeExtensions.vitals - gnomeExtensions.dash-to-panel - gnomeExtensions.sound-output-device-chooser - gnomeExtensions.space-bar - # https://github.com/AstraExt/astra-monitor - gnomeExtensions.astra-monitor - libgtop - # - libreoffice-qt - hunspell - hunspellDicts.en_AU - #hunspellDicts.en_US - # - evince - # https://nixos.wiki/wiki/Firefox - firefox - # https://nixos.wiki/wiki/Chromium - chromium - google-chrome - # https://nixos.wiki/wiki/Slack - slack - # - zoom-us - # - flameshot - grim # screenshot functionality - slurp # screenshot functionality - # - gimp-with-plugins - # - simplescreenrecorder - # - gedit - # - # https://nixos.wiki/wiki/Podman - dive - podman - runc - skopeo - podman-tui - podman-compose - # - rofi-wayland - wofi - # - #clickhouse - #clickhouse-cli - ]; - - # vscode - # https://nixos.wiki/wiki/Visual_Studio_Code - # nix run github:nix-community/nix-vscode-extensions# -- --list-extensions - programs.vscode = { - enable = true; - package = pkgs.vscode; - extensions = with pkgs.vscode-extensions; [ - bbenoist.nix - dart-code.dart-code - dart-code.flutter - golang.go - hashicorp.terraform - #k6.k6 - ms-azuretools.vscode-docker - # https://github.com/orgs/microsoft/repositories?q=vscode - ms-vscode-remote.remote-containers - ms-vscode-remote.remote-ssh - #ms-vscode-remote.remote-ssh-edit - ms-vscode.makefile-tools - ms-vscode.cmake-tools - ms-vscode.cpptools - #ms-vscode.cpptools-extension-pack - #ms-vscode.cpptools-themes - ms-vscode.hexeditor - ms-vscode.makefile-tools - ms-python.python - ms-python.vscode-pylance - #ms-vscode.remote-explorer - #ms-vscode.remote-repositories - #ms-vscode.remote-server - redhat.vscode-yaml - rust-lang.rust-analyzer - #crates is depreciated - #serayuzgur.crates - tamasfe.even-better-toml - timonwong.shellcheck - #trunk.io - zxh404.vscode-proto3 - yzhang.markdown-all-in-one - #platformio.platformio-ide - github.copilot - # nix - #brettm12345.nixfmt.vscode - jnoortheen.nix-ide - #jeff-hykin.better-nix-syntax - ]; - }; - - programs.bash.enable = true; - - programs.vim = { - enable = true; - plugins = with pkgs.vimPlugins; [ vim-airline ]; - settings = { ignorecase = true; }; - extraConfig = '' - set mouse=a - ''; - }; - #ldflags = [ - # "-X main.Version=${version}" - # "-X main.Commit=${version}" - #]; - - programs.git = { - enable = true; - userEmail = "dave.seddon.ca@gmail.com"; - userName = "randomizedcoder "; - #signing.key = "GPG-KEY-ID"; - #signing.signByDefault = true; - }; - - # https://nixos.wiki/wiki/OBS_Studio - # TODO add kernel module for virtual camera - programs.obs-studio = { - enable = true; - plugins = with pkgs.obs-studio-plugins; [ - wlrobs - obs-backgroundremoval - obs-pipewire-audio-capture - ]; - }; - - # https://heywoodlh.io/nixos-gnome-settings-and-keyboard-shortcuts - dconf.settings = { - "org/gnome/desktop/wm/preferences" = { - button-layout = "close,minimize,maximize:appmenu"; - }; - # "org/gnome/desktop/interface" = { - # color-scheme = "prefer-dark"; - # }; - "org/gnome/desktop/interface" = { - clock-show-seconds = true; - clock-show-weekday = true; - color-scheme = "prefer-dark"; - enable-hot-corners = false; - font-antialiasing = "grayscale"; - font-hinting = "slight"; - gtk-theme = "Nordic"; - toolkit-accessibility = true; - }; - "org/gnome/shell" = { - disable-user-extensions = false; - favorite-apps = [ - "firefox.desktop" - "google-chrome-stable.desktop" - "code.desktop" - "chromium.desktop" - "alacritty.desktop" - "kitty.desktop" - "slack.desktop" - ]; - enabled-extensions = with pkgs.gnomeExtensions; [ - blur-my-shell.extensionUuid - gsconnect.extensionUuid - ]; - }; - }; - - # disable wayland - # # https://nixos.wiki/wiki/Hyprland - # # https://josiahalenbrown.substack.com/p/installing-nixos-with-hyprland - # #programs.hyprland.enable = true; - # wayland.windowManager.hyprland = { - # # Whether to enable Hyprland wayland compositor - # enable = true; - # # The hyprland package to use - # package = pkgs.hyprland; - # # Whether to enable XWayland - # xwayland.enable = true; - - # # Optional - # # Whether to enable hyprland-session.target on hyprland startup - # systemd.enable = true; - # }; - # # home.file.".config/hypr/hyprland.conf".text = '' - # # ''; - - services.flameshot = { - enable = true; - settings.General = { - showStartupLaunchMessage = false; - saveLastRegion = true; - }; - }; - - home.file."containers.conf" = { - target = ".config/containers/containers.conf"; - # https://docs.podman.io/en/v4.6.0/markdown/options/security-opt.html - # https://github.com/containers/common/blob/main/docs/containers.conf.5.md - text = '' - [containers] - annotations=["run.oci.keep_original_groups=1",] - label=false - #seccomp=unconfined - ''; - }; - home.file."registries.conf" = { - target = ".config/containers/registries.conf"; - text = '' - [registries.search] - registries = ['docker.io'] - ''; - # text = '' - # [registries.search] - # registries = ['docker.io', 'registry.gitlab.com'] - # ''; - }; - home.file."policy.json" = { - target = ".config/containers/policy.json"; - text = '' - { - "default": [ - { - "type": "insecureAcceptAnything" - } - ], - "transports": - { - "docker-daemon": - { - "": [{"type":"insecureAcceptAnything"}] - } - } - } - ''; - }; - - nixpkgs.config.allowUnfree = true; - - home.stateVersion = "23.11"; - }; -} diff --git a/laptops/t14/home.nix b/laptops/t14/home.nix new file mode 100644 index 0000000..8ea29d6 --- /dev/null +++ b/laptops/t14/home.nix @@ -0,0 +1,525 @@ +{ + hyprland, + config, + pkgs, + ... +}: +#{ config, pkgs, ... }: +#{ config, inputs, pkgs, ... }: + +# sudo cp ./nixos/modules/* /etc/nixos/ +# sudo nixos-rebuild switch + +{ + imports = [ + hyprland.homeManagerModules.default + # other imports to go here + ]; + + home = { + username = "das"; + homeDirectory = "/home/das"; + }; + + # https://nix-community.github.io/home-manager/index.xhtml#ch-installation + #home-manager.users.das = { pkgs, ... }: { + + # https://nix-community.github.io/home-manager/options.xhtml#opt-home.sessionVariables + home.sessionVariables = { + QT_QPA_PLATFORM = "wayland"; + GI_TYPELIB_PATH = "/run/current-system/sw/lib/girepository-1.0"; + # disable wayland + NIXOS_OZONE_WL = "1"; + GOPRIVATE = "gitlab.com/sidenio/*"; + TERM = "xterm-256color"; + }; + + home.packages = with pkgs; [ + # + killall + hw-probe + # + gparted + # + ncdu + # + hw-probe + lshw + # + tmux + screen + # + libgcc + # https://nixos.wiki/wiki/C + # https://search.nixos.org/packages?channel=24.05&show=gcc&from=0&size=50&sort=relevance&type=packages&query=gcc + gcc + automake + gnumake + #cmake + pkg-config + # + + # + # alsa-lib + # alsa-lib-with-plugins + # + perl + #3.12.8 on 12th of Feb 2025 + python3Full + # + gawk + jq + git + htop + btop + minicom + # + bzip2 + gzip + lz4 + zip + unzip + xz + zstd + # + rsync + tree + file + # + alacritty + kitty + #https://ghostty.org/ + ghostty + # + ethtool + iproute2 + vlan + tcpdump + wireshark + unstable.iperf2 + netperf + flent + bpftools + fping + inetutils + # + hwloc + bpftools + # + inotify-tools + # + # HP Printers + hplip + #hplipWithPlugin + # + gnuradio + hackrf + gqrx + cubicsdr + # + neofetch + # + vlc + # ffmpeg moved to system package + #ffmpeg_7-full + #ffmpeg-full + # go + # https://nixos.wiki/wiki/Go + # https://nixos.org/manual/nixpkgs/stable/#sec-language-go + # https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F + libcap + gcc + #gcc_multi + #glibc_multi + # thunderbird + #go_1_23 + unstable.go + unstable.gopls + unstable.golint + golangci-lint + unstable.golangci-lint-langserver + # trunk is unfree, and i can't work out how to enable unfree + #trunk-io + # https://github.com/go-delve/delve + unstable.delve + # https://github.com/aarzilli/gdlv + gdlv + unstable.buf + protobuf_27 + grpcurl + # https://github.com/go-gorm/gen + # https://github.com/infobloxopen/protoc-gen-gorm/blob/main/example/postgres_arrays/buf.gen.yaml + gorm-gentool + # removed 24.11 + #buf-language-server + # https://tinygo.org/ + #tinygo + # + graphviz + # + meld + # + # https://nixos.wiki/wiki/Helix + helix + # rust + # https://nixos.wiki/wiki/Rust + #pkgs.cargo + #pkgs.rustc + cargo + rustc + rustfmt + rust-analyzer + clippy + #clang_multi + # + flutter + android-studio + android-tools + android-udev-rules + # + # debug + strace + # Gnome related / extensions + # gnomeExtensions.emoji-copy + # unstable.gnomeExtensions.workspace-switcher-manager + gnome-extension-manager + gnome-usage + dconf-editor + gnome-settings-daemon + gnome-disk-utility + gnome-software + gnome-tweaks + simple-scan + gnomeExtensions.appindicator + gnomeExtensions.settingscenter + gnomeExtensions.system-monitor + gnomeExtensions.dash-to-dock + gnomeExtensions.just-perfection + gnomeExtensions.logo-menu + gnomeExtensions.wifi-qrcode + gnomeExtensions.wireless-hid + gnomeExtensions.user-themes + gnomeExtensions.tray-icons-reloaded + gnomeExtensions.vitals + gnomeExtensions.dash-to-panel + gnomeExtensions.sound-output-device-chooser + gnomeExtensions.space-bar + # https://github.com/AstraExt/astra-monitor + gnomeExtensions.astra-monitor + libgtop + # + libreoffice-qt + hunspell + hunspellDicts.en_AU + #hunspellDicts.en_US + # + evince + # https://nixos.wiki/wiki/Firefox + firefox + # https://nixos.wiki/wiki/Chromium + chromium + #google-chrome + # https://discourse.nixos.org/t/google-chrome-not-working-after-recent-nixos-rebuild/43746 + (google-chrome.override { + commandLineArgs = [ + "--enable-features=UseOzonePlatform" + "--ozone-platform=wayland" + ]; + }) + # https://nixos.wiki/wiki/Slack + slack + # + zoom-us + # + # https://wiki.nixos.org/wiki/Flameshot + (flameshot.override { enableWlrSupport = true; }) + grim # screenshot functionality + slurp # screenshot functionality + # + gimp-with-plugins + # + simplescreenrecorder + # https://wiki.nixos.org/wiki/Gpu-screen-recorder + gpu-screen-recorder # CLI + gpu-screen-recorder-gtk # GUI + # + gedit + # + # https://nixos.wiki/wiki/Podman + dive + podman + runc + skopeo + podman-tui + podman-compose + docker-buildx + # + rofi-wayland + wofi + # + #clickhouse + #clickhouse-cli + # https://github.com/int128/kubelogin + kubelogin-oidc + kubectl + kubernetes-helm + istioctl + krew + kubeshark + kubectl-ktop + kubectl-klock + kube-capacity + kubectl-images + kubectl-gadget + kdash + # k9s --kubeconfig=dev-d.kubeconfig + k9s + # + # https://github.com/jrincayc/ucblogo-code + ucblogo + # https://github.com/wagoodman/dive + dive + # https://github.com/sharkdp/hyperfine + hyperfine + # app launchers + rofi-wayland + wofi + # + # raspberry pi + rpi-imager + ]; + + # vscode + # https://nixos.wiki/wiki/Visual_Studio_Code + # https://github.com/thexyno/nixos-config/blob/main/hm-modules/vscode/default.nix + # nix run github:nix-community/nix-vscode-extensions# -- --list-extensions + # https://mynixos.com/home-manager/options/programs.vscode + programs.vscode = { + enable = true; + package = pkgs.vscode; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + dart-code.dart-code + dart-code.flutter + golang.go + hashicorp.terraform + #k6.k6 + ms-azuretools.vscode-docker + # https://github.com/orgs/microsoft/repositories?q=vscode + ms-vscode-remote.remote-containers + ms-vscode-remote.remote-ssh + #ms-vscode-remote.remote-ssh-edit + ms-vscode.makefile-tools + ms-vscode.cmake-tools + ms-vscode.cpptools + #ms-vscode.cpptools-extension-pack + #ms-vscode.cpptools-themes + ms-vscode.hexeditor + ms-vscode.makefile-tools + ms-python.python + ms-python.vscode-pylance + #ms-vscode.remote-explorer + #ms-vscode.remote-repositories + #ms-vscode.remote-server + ms-kubernetes-tools.vscode-kubernetes-tools + redhat.vscode-yaml + rust-lang.rust-analyzer + #crates is depreciated + #serayuzgur.crates + tamasfe.even-better-toml + timonwong.shellcheck + #trunk.io + zxh404.vscode-proto3 + yzhang.markdown-all-in-one + #platformio.platformio-ide + github.copilot + # nix + #brettm12345.nixfmt.vscode + jnoortheen.nix-ide + #jeff-hykin.better-nix-syntax + rust-lang.rust-analyzer + ]; + }; + + #fonts.fonts = with pkgs; [ + # nerdfonts + # meslo-lgs-nf + #]; + + programs.bash = { + enable = true; + enableCompletion = true; + shellAliases = { + k = "kubectl"; + }; + }; + + programs.vim = { + enable = true; + plugins = with pkgs.vimPlugins; [ vim-airline ]; + settings = { ignorecase = true; }; + extraConfig = '' + set mouse=a + ''; + }; + #ldflags = [ + # "-X main.Version=${version}" + # "-X main.Commit=${version}" + #]; + + programs.git = { + enable = true; + userEmail = "dave.seddon.ca@gmail.com"; + userName = "randomizedcoder"; + #signing.key = "GPG-KEY-ID"; + #signing.signByDefault = true; + }; + + # https://nixos.wiki/wiki/OBS_Studio + # TODO add kernel module for virtual camera + programs.obs-studio = { + enable = true; + plugins = with pkgs.obs-studio-plugins; [ + wlrobs + obs-backgroundremoval + obs-pipewire-audio-capture + ]; + }; + + # another example with dark colors: + # https://github.com/HeinzDev/Hyprland-dotfiles/blob/main/home/home.nix#L70 + # + # https://heywoodlh.io/nixos-gnome-settings-and-keyboard-shortcuts + # https://rycee.gitlab.io/home-manager/options.xhtml#opt-dconf.settings + dconf.settings = { + "org/gnome/desktop/wm/preferences" = { + #button-layout = "close,minimize,maximize,above:appmenu"; + button-layout = ":minimize,maximize,above,close"; + num-workspaces = 2; + }; + # "org/gnome/desktop/interface" = { + # color-scheme = "prefer-dark"; + # }; + "org/gnome/desktop/interface" = { + clock-show-seconds = true; + clock-show-weekday = true; + color-scheme = "prefer-dark"; + enable-hot-corners = false; + font-antialiasing = "grayscale"; + font-hinting = "slight"; + gtk-theme = "Nordic"; + # toolkit-accessibility = true; + toolkit-accessibility = false; + }; + "org/gnome/shell" = { + disable-user-extensions = false; + favorite-apps = [ + "firefox.desktop" + "google-chrome.desktop" + "code.desktop" + "chromium.desktop" + "alacritty.desktop" + #"kitty.desktop" + "slack.desktop" + "ghostty.desktop" + ]; + enabled-extensions = with pkgs.gnomeExtensions; [ + blur-my-shell.extensionUuid + gsconnect.extensionUuid + ]; + }; + }; + + # disable wayland + # # https://nixos.wiki/wiki/Hyprland + # # https://josiahalenbrown.substack.com/p/installing-nixos-with-hyprland + # #programs.hyprland.enable = true; + # wayland.windowManager.hyprland = { + # # Whether to enable Hyprland wayland compositor + # enable = true; + # # The hyprland package to use + # package = pkgs.hyprland; + # # Whether to enable XWayland + # xwayland.enable = true; + + # https://wiki.hyprland.org/Nix/Hyprland-on-Home-Manager/ + # wayland.windowManager.hyprland.enable = true; # enable Hyprland + # Example: https://github.com/JaKooLit/NixOS-configs/blob/main/Ja-OS%20(configs%20using%20install%20script)/Asus-G15/hosts/G15-NixOS/config.nix#L144 + wayland.windowManager.hyprland = { + enable = true; + xwayland.enable = true; + #extraConfig = '' plugin = ${inputs.hy3.packages.${pkgs.system}.hy3}/lib/libhy3.so ''; + # plugins = [ + # inputs.hyprland-plugins.packages.${pkgs.system}.hyprbars + # # ... + #]; + }; + + # # Optional + # # Whether to enable hyprland-session.target on hyprland startup + # systemd.enable = true; + # }; + # # home.file.".config/hypr/hyprland.conf".text = '' + # # ''; + + home.file."containers.conf" = { + target = ".config/containers/containers.conf"; + # https://docs.podman.io/en/v4.6.0/markdown/options/security-opt.html + # https://github.com/containers/common/blob/main/docs/containers.conf.5.md + text = '' + [containers] + annotations=["run.oci.keep_original_groups=1",] + label=false + #seccomp=unconfined + ''; + }; + home.file."registries.conf" = { + target = ".config/containers/registries.conf"; + text = '' + [registries.search] + registries = ['docker.io'] + ''; + # text = '' + # [registries.search] + # registries = ['docker.io', 'registry.gitlab.com'] + # ''; + }; + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = '' + { + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } + } + ''; + }; + home.file.".config/ghostty/ghostty.toml" = { + target = ".config/ghostty/ghostty.toml"; + text = '' + [window] + # Whether to show the scrollback sidebar. + sidebar = true + + # The width of the scrollback sidebar. + sidebar_width = 10 + + # Whether to show the scrollback sidebar on the left or right. + sidebar_position = "right" + ''; + }; + + nixpkgs.config.allowUnfree = true; + + #home.stateVersion = "23.11"; + home.stateVersion = "24.11"; +} diff --git a/laptops/t14/hosts.nix b/laptops/t14/hosts.nix index b60a4f0..3af6575 100644 --- a/laptops/t14/hosts.nix +++ b/laptops/t14/hosts.nix @@ -12,5 +12,6 @@ "172.16.40.70" = ["hp5" "hp5eth"]; "172.16.40.122" = ["pi5-1" "pi5-1-eth"]; "172.16.40.62" = ["chromebox3" "chromebox3-eth"]; + "127.0.0.1" = ["redpanda-0"]; }; } \ No newline at end of file diff --git a/laptops/t14/locale.nix b/laptops/t14/locale.nix new file mode 100644 index 0000000..6a67b6f --- /dev/null +++ b/laptops/t14/locale.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "en_US.UTF-8"; + LC_IDENTIFICATION = "en_US.UTF-8"; + LC_MEASUREMENT = "en_US.UTF-8"; + LC_MONETARY = "en_US.UTF-8"; + LC_NAME = "en_US.UTF-8"; + LC_NUMERIC = "en_US.UTF-8"; + LC_PAPER = "en_US.UTF-8"; + LC_TELEPHONE = "en_US.UTF-8"; + LC_TIME = "en_US.UTF-8"; + }; +} \ No newline at end of file diff --git a/laptops/t14/nodeExporter.nix b/laptops/t14/nodeExporter.nix new file mode 100644 index 0000000..f26d49b --- /dev/null +++ b/laptops/t14/nodeExporter.nix @@ -0,0 +1,27 @@ +{ + config, + pkgs, + ... +}: +{ + # https://nixos.org/manual/nixos/stable/#module-services-prometheus-exporters + # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/default.nix + services.prometheus.exporters.node = { + enable = true; + port = 19000; + # https://github.com/NixOS/nixpkgs/blob/nixos-24.05/nixos/modules/services/monitoring/prometheus/exporters.nix + enabledCollectors = [ "systemd" ]; + # /nix/store/zgsw0yx18v10xa58psanfabmg95nl2bb-node_exporter-1.8.1/bin/node_exporter --help + extraFlags = [ + "--collector.ethtool" + "--collector.softirqs" + "--collector.tcpstat" + "--collector.wifi" + "--collector.filesystem.ignored-mount-points='/nix/store'"]; + }; + + # https://search.nixos.org/options?channel=24.05&from=200&size=50&sort=relevance&type=packages&query=services.prometheus.exporters + services.prometheus.exporters.systemd.enable = true; + services.prometheus.exporters.smartctl.enable = true; + services.prometheus.exporters.process.enable = true; +} \ No newline at end of file diff --git a/laptops/t14/prometheus.nix b/laptops/t14/prometheus.nix index 78d43a3..24eabca 100644 --- a/laptops/t14/prometheus.nix +++ b/laptops/t14/prometheus.nix @@ -17,9 +17,54 @@ { job_name = "xtcp"; static_configs = [{ - targets = [ "localhost:9009" ]; + targets = [ "localhost:9088" ]; }]; } + { + job_name = "hp1_xtcp"; + static_configs = [{ + targets = [ "hp1:9088" ]; + }]; + } + { + job_name = "clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "localhost:19363" ]; + }]; + } + { + job_name = "hp1"; + static_configs = [{ + targets = [ "hp1:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp1_clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "hp1:19363" ]; + }]; + } + { + job_name = "hp2"; + static_configs = [{ + targets = [ "hp2:${toString config.services.prometheus.exporters.node.port}" ]; + }]; + } + { + job_name = "hp2_clickhouse"; + static_configs = [{ + #targets = [ "localhost:9363" ]; + targets = [ "hp2:19363" ]; + }]; + } + #{ + # job_name = "chromebox1"; + # static_configs = [{ + # targets = [ "172.16.40.179:9105" ]; + # }]; + #} ]; }; -} +} \ No newline at end of file diff --git a/laptops/t14/sysctl.nix b/laptops/t14/sysctl.nix new file mode 100644 index 0000000..b6fa4a8 --- /dev/null +++ b/laptops/t14/sysctl.nix @@ -0,0 +1,43 @@ +{ config, pkgs, ... }: + +{ + # https://www.kernel.org/doc/html/latest/networking/ip-sysctl.html + boot.kernel.sysctl = { + # detect dead connections more quickly + "net.ipv4.tcp_keepalive_intvl" = 30; + #net.ipv4.tcp_keepalive_intvl = 75 + "net.ipv4.tcp_keepalive_probes" = 4; + #net.ipv4.tcp_keepalive_probes = 9 + "net.ipv4.tcp_keepalive_time" = 120; + #net.ipv4.tcp_keepalive_time = 7200 + # 30 * 4 = 120 seconds. / 60 = 2 minutes + # default: 75 seconds * 9 = 675 seconds. /60 = 11.25 minutes + "net.ipv4.tcp_rmem" = "4096 1000000 16000000"; + "net.ipv4.tcp_wmem" = "4096 1000000 16000000"; + #net.ipv4.tcp_rmem = 4096 131072 6291456 + #net.ipv4.tcp_wmem = 4096 16384 4194304 + # https://github.com/torvalds/linux/blob/master/Documentation/networking/ip-sysctl.rst?plain=1#L1042 + # https://lwn.net/Articles/560082/ + "net.ipv4.tcp_notsent_lowat" = "131072"; + #net.ipv4.tcp_notsent_lowat = 4294967295 + # enable Enable reuse of TIME-WAIT sockets globally + "net.ipv4.tcp_tw_reuse" = 1; + #net.ipv4.tcp_tw_reuse=2 + "net.ipv4.tcp_timestamps" = 1; + "net.ipv4.tcp_ecn" = 1; + "net.core.default_qdisc" = "cake"; + "net.ipv4.tcp_congestion_control" = "cubic"; + #net.ipv4.tcp_congestion_control=bbr + "net.core.rmem_default" = 26214400; + "net.core.rmem_max" = 26214400; + "net.core.wmem_default" = 26214400; + "net.core.wmem_max" = 26214400; + #net.core.optmem_max = 20480 + #net.core.rmem_default = 212992 + #net.core.rmem_max = 212992 + #net.core.wmem_default = 212992 + #net.core.wmem_max = 212992 + "net.ipv4.ip_local_port_range" = "1025 65535"; + #net.ipv4.ip_local_port_range ="32768 60999" + }; +} \ No newline at end of file diff --git a/laptops/t14/systemPackages.nix b/laptops/t14/systemPackages.nix new file mode 100644 index 0000000..4378681 --- /dev/null +++ b/laptops/t14/systemPackages.nix @@ -0,0 +1,64 @@ +{ + config, + pkgs, + ... +}: +{ + nixpkgs.config.allowUnfree = true; + + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + psmisc + vim + curl + wget + tcpdump + iproute2 + nftables + iptables + pciutils + usbutils + pciutils + virt-manager + pkgs.gnomeExtensions.appindicator + iw + wirelesstools + wpa_supplicant + #wpa_supplicant_ro_ssids + lldpd + #snmp seems to be needed by lldpd + net-snmp + unstable.neofetch + + # https://wiki.nixos.org/wiki/Flameshot + #(flameshot.override { enableWlrSupport = true; }) + + # hyprland + unstable.hyprland + swww # for wallpapers + xdg-desktop-portal-gtk + xdg-desktop-portal-hyprland + xwayland + meson + wayland-protocols + wayland-utils + wl-clipboard + wlroots + + # + #nvidia + unstable.vdpauinfo # sudo vainfo + unstable.libva-utils # sudo vainfo + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + # + unstable.ffmpeg-full + # + # https://nixos.wiki/wiki/CUDA + unstable.cudatoolkit + unstable.linuxPackages.nvidia_x11 + unstable.libGLU + unstable.libGL + ]; +} \ No newline at end of file diff --git a/laptops/t14/wireless_desktop.nix b/laptops/t14/wireless_desktop.nix new file mode 100644 index 0000000..c8f4a68 --- /dev/null +++ b/laptops/t14/wireless_desktop.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: + +{ + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + networking = { + networkmanager = { + enable = true; + #wifi.powersave = true; + wifi.powersave = false; + }; + }; + + #networking.hosts = { + # "172.16.50.216" = ["hp0"]; + # "172.16.40.35" = ["hp1"]; + # "172.16.40.71" = ["hp2"]; + #}; +} \ No newline at end of file From ea7c94f90e6077c8f612542942b0990ed11ddf06 Mon Sep 17 00:00:00 2001 From: "randomizedcoder dave.seddon.ca@gmail.com" Date: Thu, 17 Apr 2025 15:01:50 -0700 Subject: [PATCH 8/8] t14 x --- laptops/t/flake.lock | 54 ++--- laptops/t14/configuration.nix | 10 +- laptops/t14/flake.lock | 54 ++--- laptops/t14/flake.nix | 2 +- laptops/t14/home-manager.nix | 392 +++++++++++++++++++++++++++++++++ laptops/t14/systemPackages.nix | 26 +-- laptops/t14/x.nix | 163 ++++++++++++++ 7 files changed, 631 insertions(+), 70 deletions(-) create mode 100644 laptops/t14/home-manager.nix create mode 100644 laptops/t14/x.nix diff --git a/laptops/t/flake.lock b/laptops/t/flake.lock index d29e6fa..7557246 100644 --- a/laptops/t/flake.lock +++ b/laptops/t/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1743265529, - "narHash": "sha256-QbjP15/2N+VJl0b5jxrrTc+VOt39aU4XrDvtP0Lz5ik=", + "lastModified": 1744289235, + "narHash": "sha256-ZFkHLdimtFzQACsVVyZkZlfYdj4iNy3PkzXfrwmlse8=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "1d2dbd72c2bbaceab031c592d4810f744741d203", + "rev": "c8282f4982b56dfa5e9b9f659809da93f8d37e7a", "type": "github" }, "original": { @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1744117652, - "narHash": "sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI=", + "lastModified": 1744743431, + "narHash": "sha256-iyn/WBYDc7OtjSawbegINDe/gIkok888kQxk3aVnkgg=", "owner": "nix-community", "repo": "home-manager", - "rev": "b4e98224ad1336751a2ac7493967a4c9f6d9cb3f", + "rev": "c61bfe3ae692f42ce688b5865fac9e0de58e1387", "type": "github" }, "original": { @@ -137,11 +137,11 @@ ] }, "locked": { - "lastModified": 1739049071, - "narHash": "sha256-3+7TpXMrbsUXSwgr5VAKAnmkzMb6JO+Rvc9XRb5NMg4=", + "lastModified": 1743953322, + "narHash": "sha256-prQ5JKopXtzCMX2eT3dXbaVvGmzjMRE2bXStQDdazpM=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "175c6b29b6ff82100539e7c4363a35a02c74dd73", + "rev": "9d7f2687c84c729afbc3b13f7937655570f2978d", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1744324490, - "narHash": "sha256-NddZqhX+75btNvcxhZD0AVXuAAM4Lnip2c+yrQThSVU=", + "lastModified": 1744849150, + "narHash": "sha256-eaKqF4Oc7atN7Y2yTTeAOLN05q+G2YY0597ukgAD2Cs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "382f0f23f144e11bdccac6c5d3c1ed415b4b1855", + "rev": "225e13c3cc83308175f0a9aa18cfa31324155034", "type": "github" }, "original": { @@ -318,11 +318,11 @@ ] }, "locked": { - "lastModified": 1741191527, - "narHash": "sha256-kM+11Nch47Xwfgtw2EpRitJuORy4miwoMuRi5tyMBDY=", + "lastModified": 1744468525, + "narHash": "sha256-9HySx+EtsbbKlZDlY+naqqOV679VdxP6x6fP3wxDXJk=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "72df3861f1197e41b078faa3e38eedd60e00018d", + "rev": "f1000c54d266e6e4e9d646df0774fac5b8a652df", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743827369, - "narHash": "sha256-rpqepOZ8Eo1zg+KJeWoq1HAOgoMCDloqv5r2EAa9TSA=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "42a1c966be226125b48c384171c44c651c236c22", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -399,11 +399,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1744098102, - "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -415,11 +415,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1744168086, - "narHash": "sha256-S9M4HddBCxbbX1CKSyDYgZ8NCVyHcbKnBfoUXeRu2jQ=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "60e405b241edb6f0573f3d9f944617fe33ac4a73", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -504,11 +504,11 @@ ] }, "locked": { - "lastModified": 1741934139, - "narHash": "sha256-ZhTcTH9FoeAtbPfWGrhkH7RjLJZ7GeF18nygLAMR+WE=", + "lastModified": 1744644585, + "narHash": "sha256-p0D/e4J6Sv6GSb+9u8OQcVHSE2gPNYB5ygIfGDyEiXQ=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "150b0b6f52bb422a1b232a53698606fe0320dde0", + "rev": "be6771e754345f18244fb00aae5c9e5ab21ccc26", "type": "github" }, "original": { diff --git a/laptops/t14/configuration.nix b/laptops/t14/configuration.nix index 8f3c90a..3fcbb1f 100644 --- a/laptops/t14/configuration.nix +++ b/laptops/t14/configuration.nix @@ -42,6 +42,7 @@ #./docker-compose.nix ./docker-daemon.nix #./smokeping.nix + ./x.nix ]; boot = { @@ -56,8 +57,8 @@ # https://nixos.wiki/wiki/Linux_kernel #kernelPackages = pkgs.linuxPackages; # need to run this old kernel to allow nvidia driver to compile :( - kernelPackages = pkgs.unstable.linuxPackages; - #boot.kernelPackages = pkgs.linuxPackages_latest; + #kernelPackages = pkgs.unstable.linuxPackages; + kernelPackages = pkgs.linuxPackages_latest; #boot.kernelPackages = pkgs.linuxPackages_rpi4 # https://github.com/tolgaerok/nixos-2405-gnome/blob/main/core/boot/efi/efi.nix#L56C5-L56C21 @@ -177,6 +178,11 @@ systemd.services."dbus-org.freedesktop.ModemManager1".enable = false; services.clickhouse.enable = false; + # https://nixos.wiki/wiki/PostgreSQL + services.postgresql.enable = true; + # https://nixos.wiki/wiki/Mysql + services.mysql.package = pkgs.mariadb; + services.mysql.enable = true; # environment.variables defined in hardware-graphics.nix environment.sessionVariables = { diff --git a/laptops/t14/flake.lock b/laptops/t14/flake.lock index d29e6fa..7557246 100644 --- a/laptops/t14/flake.lock +++ b/laptops/t14/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1743265529, - "narHash": "sha256-QbjP15/2N+VJl0b5jxrrTc+VOt39aU4XrDvtP0Lz5ik=", + "lastModified": 1744289235, + "narHash": "sha256-ZFkHLdimtFzQACsVVyZkZlfYdj4iNy3PkzXfrwmlse8=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "1d2dbd72c2bbaceab031c592d4810f744741d203", + "rev": "c8282f4982b56dfa5e9b9f659809da93f8d37e7a", "type": "github" }, "original": { @@ -78,11 +78,11 @@ ] }, "locked": { - "lastModified": 1744117652, - "narHash": "sha256-t7dFCDl4vIOOUMhEZnJF15aAzkpaup9x4ZRGToDFYWI=", + "lastModified": 1744743431, + "narHash": "sha256-iyn/WBYDc7OtjSawbegINDe/gIkok888kQxk3aVnkgg=", "owner": "nix-community", "repo": "home-manager", - "rev": "b4e98224ad1336751a2ac7493967a4c9f6d9cb3f", + "rev": "c61bfe3ae692f42ce688b5865fac9e0de58e1387", "type": "github" }, "original": { @@ -137,11 +137,11 @@ ] }, "locked": { - "lastModified": 1739049071, - "narHash": "sha256-3+7TpXMrbsUXSwgr5VAKAnmkzMb6JO+Rvc9XRb5NMg4=", + "lastModified": 1743953322, + "narHash": "sha256-prQ5JKopXtzCMX2eT3dXbaVvGmzjMRE2bXStQDdazpM=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "175c6b29b6ff82100539e7c4363a35a02c74dd73", + "rev": "9d7f2687c84c729afbc3b13f7937655570f2978d", "type": "github" }, "original": { @@ -166,11 +166,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1744324490, - "narHash": "sha256-NddZqhX+75btNvcxhZD0AVXuAAM4Lnip2c+yrQThSVU=", + "lastModified": 1744849150, + "narHash": "sha256-eaKqF4Oc7atN7Y2yTTeAOLN05q+G2YY0597ukgAD2Cs=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "382f0f23f144e11bdccac6c5d3c1ed415b4b1855", + "rev": "225e13c3cc83308175f0a9aa18cfa31324155034", "type": "github" }, "original": { @@ -318,11 +318,11 @@ ] }, "locked": { - "lastModified": 1741191527, - "narHash": "sha256-kM+11Nch47Xwfgtw2EpRitJuORy4miwoMuRi5tyMBDY=", + "lastModified": 1744468525, + "narHash": "sha256-9HySx+EtsbbKlZDlY+naqqOV679VdxP6x6fP3wxDXJk=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "72df3861f1197e41b078faa3e38eedd60e00018d", + "rev": "f1000c54d266e6e4e9d646df0774fac5b8a652df", "type": "github" }, "original": { @@ -383,11 +383,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1743827369, - "narHash": "sha256-rpqepOZ8Eo1zg+KJeWoq1HAOgoMCDloqv5r2EAa9TSA=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "42a1c966be226125b48c384171c44c651c236c22", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -399,11 +399,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1744098102, - "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=", + "lastModified": 1744463964, + "narHash": "sha256-LWqduOgLHCFxiTNYi3Uj5Lgz0SR+Xhw3kr/3Xd0GPTM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7", + "rev": "2631b0b7abcea6e640ce31cd78ea58910d31e650", "type": "github" }, "original": { @@ -415,11 +415,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1744168086, - "narHash": "sha256-S9M4HddBCxbbX1CKSyDYgZ8NCVyHcbKnBfoUXeRu2jQ=", + "lastModified": 1744440957, + "narHash": "sha256-FHlSkNqFmPxPJvy+6fNLaNeWnF1lZSgqVCl/eWaJRc4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "60e405b241edb6f0573f3d9f944617fe33ac4a73", + "rev": "26d499fc9f1d567283d5d56fcf367edd815dba1d", "type": "github" }, "original": { @@ -504,11 +504,11 @@ ] }, "locked": { - "lastModified": 1741934139, - "narHash": "sha256-ZhTcTH9FoeAtbPfWGrhkH7RjLJZ7GeF18nygLAMR+WE=", + "lastModified": 1744644585, + "narHash": "sha256-p0D/e4J6Sv6GSb+9u8OQcVHSE2gPNYB5ygIfGDyEiXQ=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "150b0b6f52bb422a1b232a53698606fe0320dde0", + "rev": "be6771e754345f18244fb00aae5c9e5ab21ccc26", "type": "github" }, "original": { diff --git a/laptops/t14/flake.nix b/laptops/t14/flake.nix index a8c7769..103c83c 100644 --- a/laptops/t14/flake.nix +++ b/laptops/t14/flake.nix @@ -51,7 +51,7 @@ lib = nixpkgs.lib; in { nixosConfigurations = { - t = lib.nixosSystem rec { + t14 = lib.nixosSystem rec { #system ="x86_64-linux"; inherit system; specialArgs = { inherit hyprland; }; diff --git a/laptops/t14/home-manager.nix b/laptops/t14/home-manager.nix new file mode 100644 index 0000000..d61ecee --- /dev/null +++ b/laptops/t14/home-manager.nix @@ -0,0 +1,392 @@ +{ config, pkgs, ... }: + +# sudo cp ./nixos/modules/* /etc/nixos/ +# sudo nixos-rebuild switch + +{ + # https://nix-community.github.io/home-manager/index.xhtml#ch-installation + home-manager.users.das = { pkgs, ... }: { + + # https://nix-community.github.io/home-manager/options.xhtml#opt-home.sessionVariables + home.sessionVariables = { + GI_TYPELIB_PATH = "/run/current-system/sw/lib/girepository-1.0"; + # disable wayland + #NIXOS_OZONE_WL = "1"; + }; + + home.packages = with pkgs; [ + # + killall + hw-probe + # + gparted + # + ncdu + # + hw-probe + lshw + # + tmux + screen + # + libgcc + # https://nixos.wiki/wiki/C + # https://search.nixos.org/packages?channel=24.05&show=gcc&from=0&size=50&sort=relevance&type=packages&query=gcc + gcc + automake + gnumake + #cmake + pkg-config + # + # alsa-lib + # alsa-lib-with-plugins + # + perl + python3 + # + gawk + jq + git + htop + minicom + # + bzip2 + gzip + lz4 + zip + unzip + xz + zstd + # + rsync + tree + # + alacritty + kitty + # + ethtool + iproute2 + vlan + tcpdump + wireshark + #iperf2 + netperf + flent + bpftools + fping + inetutils + # + hwloc + bpftools + # + inotify-tools + # + gnuradio + hackrf + gqrx + cubicsdr + # + neofetch + # + vlc + ffmpeg_7-full + #ffmpeg-full + # go + # https://nixos.wiki/wiki/Go + # https://nixos.org/manual/nixpkgs/stable/#sec-language-go + # https://nixos.wiki/wiki/FAQ#How_can_I_install_a_package_from_unstable_while_remaining_on_the_stable_channel.3F + libcap + gcc + # thunderbird + go + golangci-lint + golangci-lint-langserver + trunk-io + # https://github.com/go-delve/delve + delve + # https://github.com/aarzilli/gdlv + gdlv + buf + buf-language-server + # + graphviz + # + meld + # + # https://nixos.wiki/wiki/Helix + helix + # rust + # https://nixos.wiki/wiki/Rust + pkgs.cargo + pkgs.rustc + # + flutter + android-studio + android-tools + android-udev-rules + # + # debug + strace + # Gnome related / extensions + # gnomeExtensions.emoji-copy + # unstable.gnomeExtensions.workspace-switcher-manager + gnome-extension-manager + gnome-usage + gnome.dconf-editor + #gnome.gnome-settings-daemon + gnome-settings-daemon + gnome.gnome-disk-utility + gnome.gnome-software + gnome.gnome-tweaks + gnome.simple-scan + gnomeExtensions.appindicator + gnomeExtensions.settingscenter + gnomeExtensions.system-monitor + gnomeExtensions.dash-to-dock + gnomeExtensions.just-perfection + gnomeExtensions.logo-menu + gnomeExtensions.wifi-qrcode + gnomeExtensions.wireless-hid + gnomeExtensions.user-themes + gnomeExtensions.tray-icons-reloaded + gnomeExtensions.vitals + gnomeExtensions.dash-to-panel + gnomeExtensions.sound-output-device-chooser + gnomeExtensions.space-bar + # https://github.com/AstraExt/astra-monitor + gnomeExtensions.astra-monitor + libgtop + # + libreoffice-qt + hunspell + hunspellDicts.en_AU + #hunspellDicts.en_US + # + evince + # https://nixos.wiki/wiki/Firefox + firefox + # https://nixos.wiki/wiki/Chromium + chromium + google-chrome + # https://nixos.wiki/wiki/Slack + slack + # + zoom-us + # + flameshot + grim # screenshot functionality + slurp # screenshot functionality + # + gimp-with-plugins + # + simplescreenrecorder + # + gedit + # + # https://nixos.wiki/wiki/Podman + dive + podman + runc + skopeo + podman-tui + podman-compose + # + rofi-wayland + wofi + # + #clickhouse + #clickhouse-cli + ]; + + # vscode + # https://nixos.wiki/wiki/Visual_Studio_Code + # nix run github:nix-community/nix-vscode-extensions# -- --list-extensions + programs.vscode = { + enable = true; + package = pkgs.vscode; + extensions = with pkgs.vscode-extensions; [ + bbenoist.nix + dart-code.dart-code + dart-code.flutter + golang.go + hashicorp.terraform + #k6.k6 + ms-azuretools.vscode-docker + # https://github.com/orgs/microsoft/repositories?q=vscode + ms-vscode-remote.remote-containers + ms-vscode-remote.remote-ssh + #ms-vscode-remote.remote-ssh-edit + ms-vscode.makefile-tools + ms-vscode.cmake-tools + ms-vscode.cpptools + #ms-vscode.cpptools-extension-pack + #ms-vscode.cpptools-themes + ms-vscode.hexeditor + ms-vscode.makefile-tools + ms-python.python + ms-python.vscode-pylance + #ms-vscode.remote-explorer + #ms-vscode.remote-repositories + #ms-vscode.remote-server + redhat.vscode-yaml + rust-lang.rust-analyzer + #crates is depreciated + #serayuzgur.crates + tamasfe.even-better-toml + timonwong.shellcheck + #trunk.io + zxh404.vscode-proto3 + yzhang.markdown-all-in-one + #platformio.platformio-ide + github.copilot + # nix + #brettm12345.nixfmt.vscode + jnoortheen.nix-ide + #jeff-hykin.better-nix-syntax + ]; + }; + + programs.bash.enable = true; + + programs.vim = { + enable = true; + plugins = with pkgs.vimPlugins; [ vim-airline ]; + settings = { ignorecase = true; }; + extraConfig = '' + set mouse=a + ''; + }; + #ldflags = [ + # "-X main.Version=${version}" + # "-X main.Commit=${version}" + #]; + + programs.git = { + enable = true; + userEmail = "dave.seddon.ca@gmail.com"; + userName = "randomizedcoder "; + #signing.key = "GPG-KEY-ID"; + #signing.signByDefault = true; + }; + + # https://nixos.wiki/wiki/OBS_Studio + # TODO add kernel module for virtual camera + programs.obs-studio = { + enable = true; + plugins = with pkgs.obs-studio-plugins; [ + wlrobs + obs-backgroundremoval + obs-pipewire-audio-capture + ]; + }; + + # https://heywoodlh.io/nixos-gnome-settings-and-keyboard-shortcuts + dconf.settings = { + "org/gnome/desktop/wm/preferences" = { + button-layout = "close,minimize,maximize:appmenu"; + }; + # "org/gnome/desktop/interface" = { + # color-scheme = "prefer-dark"; + # }; + "org/gnome/desktop/interface" = { + clock-show-seconds = true; + clock-show-weekday = true; + color-scheme = "prefer-dark"; + enable-hot-corners = false; + font-antialiasing = "grayscale"; + font-hinting = "slight"; + gtk-theme = "Nordic"; + toolkit-accessibility = true; + }; + "org/gnome/shell" = { + disable-user-extensions = false; + favorite-apps = [ + "firefox.desktop" + "google-chrome-stable.desktop" + "code.desktop" + "chromium.desktop" + "alacritty.desktop" + "kitty.desktop" + "slack.desktop" + ]; + enabled-extensions = with pkgs.gnomeExtensions; [ + blur-my-shell.extensionUuid + gsconnect.extensionUuid + ]; + }; + }; + + # disable wayland + # # https://nixos.wiki/wiki/Hyprland + # # https://josiahalenbrown.substack.com/p/installing-nixos-with-hyprland + # #programs.hyprland.enable = true; + # wayland.windowManager.hyprland = { + # # Whether to enable Hyprland wayland compositor + # enable = true; + # # The hyprland package to use + # package = pkgs.hyprland; + # # Whether to enable XWayland + # xwayland.enable = true; + + # # Optional + # # Whether to enable hyprland-session.target on hyprland startup + # systemd.enable = true; + # }; + # # home.file.".config/hypr/hyprland.conf".text = '' + # # ''; + + services.flameshot = { + enable = true; + settings.General = { + showStartupLaunchMessage = false; + saveLastRegion = true; + }; + }; + + home.file."containers.conf" = { + target = ".config/containers/containers.conf"; + # https://docs.podman.io/en/v4.6.0/markdown/options/security-opt.html + # https://github.com/containers/common/blob/main/docs/containers.conf.5.md + text = '' + [containers] + annotations=["run.oci.keep_original_groups=1",] + label=false + #seccomp=unconfined + ''; + }; + home.file."registries.conf" = { + target = ".config/containers/registries.conf"; + text = '' + [registries.search] + registries = ['docker.io'] + ''; + # text = '' + # [registries.search] + # registries = ['docker.io', 'registry.gitlab.com'] + # ''; + }; + home.file."policy.json" = { + target = ".config/containers/policy.json"; + text = '' + { + "default": [ + { + "type": "insecureAcceptAnything" + } + ], + "transports": + { + "docker-daemon": + { + "": [{"type":"insecureAcceptAnything"}] + } + } + } + ''; + }; + + nixpkgs.config.allowUnfree = true; + + home.stateVersion = "23.11"; + }; +} diff --git a/laptops/t14/systemPackages.nix b/laptops/t14/systemPackages.nix index 4378681..7436b7f 100644 --- a/laptops/t14/systemPackages.nix +++ b/laptops/t14/systemPackages.nix @@ -47,18 +47,18 @@ wl-clipboard wlroots - # - #nvidia - unstable.vdpauinfo # sudo vainfo - unstable.libva-utils # sudo vainfo - # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 - # - unstable.ffmpeg-full - # - # https://nixos.wiki/wiki/CUDA - unstable.cudatoolkit - unstable.linuxPackages.nvidia_x11 - unstable.libGLU - unstable.libGL + # # + # #nvidia + # unstable.vdpauinfo # sudo vainfo + # unstable.libva-utils # sudo vainfo + # # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + # # + # unstable.ffmpeg-full + # # + # # https://nixos.wiki/wiki/CUDA + # unstable.cudatoolkit + # unstable.linuxPackages.nvidia_x11 + # unstable.libGLU + # unstable.libGL ]; } \ No newline at end of file diff --git a/laptops/t14/x.nix b/laptops/t14/x.nix new file mode 100644 index 0000000..7fe7a23 --- /dev/null +++ b/laptops/t14/x.nix @@ -0,0 +1,163 @@ +# +# nixos/laptops/t/hardware-graphics.nix +# +{ config, + pkgs, + lib, + ... +}: +{ + # hardware.opengl.enable = true; + # was renamed to: + hardware.graphics = { + enable = true; + extraPackages = with pkgs; [ + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/2 + nvidia-vaapi-driver + vaapiVdpau + libvdpau + libvdpau-va-gl + vdpauinfo + libva + libva-utils + # https://wiki.nixos.org/wiki/Intel_Graphics + #vpl-gpu-rt + # added 2025/02/03 not tested + vaapiIntel + intel-media-driver + ]; + }; + + # TODO try displaylink + # https://nixos.wiki/wiki/Displaylink + # nix-prefetch-url --name displaylink-600.zip https://www.synaptics.com/sites/default/files/exe_files/2024-05/DisplayLink%20USB%20Graphics%20Software%20for%20Ubuntu6.0-EXE.zip + #services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; + + # https://wiki.nixos.org/w/index.php?title=NVIDIA + # https://nixos.wiki/wiki/Nvidia + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/hardware/video/nvidia.nix + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/nvidia.nix + hardware.nvidia = { + + # This will no longer be necessary when + # https://github.com/NixOS/nixpkgs/pull/326369 hits stable + #modesetting.enable = true; + modesetting.enable = lib.mkDefault true; + + powerManagement = { + enable = true; + #finegrained = true; + }; + + # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus + # Only available from driver 515.43.04+ + # Currently alpha-quality/buggy, so false is currently the recommended setting. + # prioritry drivers don't compile on 6.10.3 + # Set to false for proprietary drivers -> https://download.nvidia.com/XFree86/Linux-x86_64/565.77/README/kernel_open.html + open = true; + + nvidiaSettings = true; + + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.stable; + #package = config.boot.kernelPackages.nvidiaPackages.beta; # <---------- was using this + #package = config.boot.kernelPackages.nvidiaPackages.production; + # https://nixos.wiki/wiki/Nvidia#Determining_the_Correct_Driver_Version + # https://github.com/NixOS/nixpkgs/blob/master/pkgs/by-name/nv/nvidia-modprobe/package.nix + #package = pkgs.linuxPackages.nvidia_x11; + package = pkgs.unstable.linuxPackages.nvidia_x11; + }; + + # https://theo.is-a.dev/blog/post/hyprland-adventure/ + #[das@t:~]$ lshw -c video | grep config + #WARNING: you should run this program as super-user. + # configuration: depth=32 driver=nouveau latency=0 resolution=3840,2160 + # configuration: depth=32 driver=i915 latency=0 resolution=3840,2160 + # + #[das@t:~]$ lspci -nnk | egrep -i --color 'vga|3d|2d' -A3 | grep 'in use' + #Kernel driver in use: i915 + #Kernel driver in use: nouveau + # + #[das@t:~]$ lspci -nnk | grep -i vga -A2 + #00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: i915 + #-- + #01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) + #Subsystem: Lenovo Device [17aa:22c0] + #Kernel driver in use: nouveau + # + # hwinfo --gfxcard + + services.xserver = { + enable = true; + + #videoDrivers = [ "nvidia" "modesetting" ]; # modesetting ~= intel + # intel does NOT exist + # videoDrivers = [ "nvidia" "intel" ]; + # https://github.com/NixOS/nixpkgs/blob/nixos-24.11/nixos/modules/hardware/video/displaylink.nix + #videoDrivers = [ "nvidia" "displaylink" ]; + + # Display Managers are responsible for handling user login + displayManager = { + gdm.enable = true; + }; + + # Enable the GNOME Desktop Environment + desktopManager = { + gnome.enable = true; + plasma5.enable = false; + xterm.enable = false; + }; + # https://discourse.nixos.org/t/help-with-setting-up-a-different-desktop-environment-window-manager/15025/6 + + # Configure keymap in X11 + xkb.layout = "us"; + xkb.variant = ""; + }; + + # https://discourse.nixos.org/t/nvidia-open-breaks-hardware-acceleration/58770/12?u=randomizedcoder + # https://gist.github.com/chrisheib/162c8cad466638f568f0fb7e5a6f4f6b#file-config-nix-L193 + environment.variables = { + # MOZ_DISABLE_RDD_SANDBOX = "1"; + # LIBVA_DRIVER_NAME = "nvidia"; + # GBM_BACKEND = "nvidia-drm"; + # __GLX_VENDOR_LIBRARY_NAME = "nvidia"; + #NVD_BACKEND = "direct"; + EGL_PLATFORM = "wayland"; + # prevents cursor disappear when using Nvidia drivers + WLR_NO_HARDWARE_CURSORS = "1"; + + MOZ_ENABLE_WAYLAND = "1"; + XDG_SESSION_TYPE = "wayland"; + NIXOS_OZONE_WL = "1"; + + # CUDA_PATH = "${pkgs.linuxPackages.nvidia_x11}/lib"; + # # export LD_LIBRARY_PATH=${pkgs.linuxPackages.nvidia_x11}/lib + # EXTRA_LDFLAGS = "-L/lib -L${pkgs.linuxPackages.nvidia_x11}/lib"; + # EXTRA_CCFLAGS = "-I/usr/include"; + # LD_LIBRARY_PATH = "$\{LD_LIBRARY_PATH\}:/run/opengl-driver/lib:${pkgs.linuxPackages.nvidia_x11}/lib"; + + # flameshot + QT_QPA_PLATFORM = "wayland"; + }; +} + + # i tried prime, but it didn't seem to work + # prime = { + # # ([[:print:]]+[:@][0-9]{1,3}:[0-9]{1,2}:[0-9])?' + # # 00:02.0 VGA compatible controller: Intel Corporation CometLake-H GT2 [UHD Graphics] (rev 05) + # intelBusId = "PCI:0:2:0"; + # # 01:00.0 VGA compatible controller: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] (rev a1) + # nvidiaBusId = "PCI:1:0:0"; + # sync.enable = true; + # #offload = { + # # enable = true; + # # #sync.enable = true; + # # enableOffloadCmd = true; + # #}; + # }; + +# [LOG] GPU information: +# 00:02.0 VGA compatible controller [0300]: Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) (prog-if 00 [VGA controller]) +# 01:00.0 VGA compatible controller [0300]: NVIDIA Corporation TU117GLM [Quadro T2000 Mobile / Max-Q] [10de:1fb8] (rev a1) (prog-if 00 [VGA controller]) \ No newline at end of file