zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

Compare commits

base: zuckerberg:4d80638ab8766b2d71b7e6e90841bfbee7d521be
Branches Tags
zuckerberg:master
zuckerberg:stage
zuckerberg:rpi-hotspot
zuckerberg:attic
zuckerberg:kexec_luks2
zuckerberg:pia-client
...
compare: zuckerberg:43e31a8d2d06ff14c1e59883128c1a1cdc1ebc96
Branches Tags
zuckerberg:stage
zuckerberg:master
zuckerberg:rpi-hotspot
zuckerberg:attic
zuckerberg:kexec_luks2
zuckerberg:pia-client

7 Commits
4d80638ab8 ... 43e31a8d2d

Author SHA1 Message Date
Zuckerberg
43e31a8d2d WolframAlpha For drastikbot 2022-03-27 19:23:07 -04:00
Zuckerberg
49eb594429 Improve NVIDIA 2022-03-27 19:21:03 -04:00
Zuckerberg
a30b584fd9 Printer working 2022-03-27 19:19:32 -04:00
Zuckerberg
7445624273 New applications 2022-03-27 19:19:13 -04:00
Zuckerberg
7d01f0ab41 Chromium on AMD 2022-03-27 19:16:52 -04:00
Zuckerberg
49f1821bf2 tampermonkey in chromium 2022-03-27 19:16:08 -04:00
Zuckerberg
8984524ff1 Make using serial easier... 2022-03-27 19:15:36 -04:00
10 changed files with 126 additions and 38 deletions
Show Stats Expand all files Collapse all files

6
common/default.nix
View File

@ -33,6 +33,7 @@
pciutils pciutils
usbutils usbutils
killall killall
screen
]; ];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
@ -40,7 +41,10 @@
users.mutableUsers = false; users.mutableUsers = false;
users.users.googlebot = { users.users.googlebot = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ]; extraGroups = [
"wheel"
"dialout"
];
openssh.authorizedKeys.keys = (import ./ssh.nix).users; openssh.authorizedKeys.keys = (import ./ssh.nix).users;
hashedPassword = "$6$TuDO46rILr$gkPUuLKZe3psexhs8WFZMpzgEBGksE.c3Tjh1f8sD0KMC4oV89K2pqAABfl.Lpxu2jVdr5bgvR5cWnZRnji/r/"; hashedPassword = "$6$TuDO46rILr$gkPUuLKZe3psexhs8WFZMpzgEBGksE.c3Tjh1f8sD0KMC4oV89K2pqAABfl.Lpxu2jVdr5bgvR5cWnZRnji/r/";
}; };

4
common/pc/chromium.nix
View File

@ -62,6 +62,7 @@ in {
"hkgfoiooedgoejojocmhlaklaeopbecg" # picture in picture "hkgfoiooedgoejojocmhlaklaeopbecg" # picture in picture
"fihnjjcciajhdojfnbdddfaoknhalnja" # I don't care about cookies "fihnjjcciajhdojfnbdddfaoknhalnja" # I don't care about cookies
"mnjggcdmjocbbbhaepdhchncahnbgone" # SponsorBlock "mnjggcdmjocbbbhaepdhchncahnbgone" # SponsorBlock
"dhdgffkkebhmkfjojejmpbldmpobfkfo" # Tampermonkey
]; ];
extraOpts = { extraOpts = {
"BrowserSignin" = 0; "BrowserSignin" = 0;
@ -81,7 +82,8 @@ in {
gnomeKeyringSupport = true; gnomeKeyringSupport = true;
enableWideVine = true; enableWideVine = true;
# ungoogled = true; # ungoogled = true;
commandLineArgs = "--use-vulkan --use-gl=desktop --enable-zero-copy --enable-hardware-overlays --enable-features=VaapiVideoDecoder,CanvasOopRasterization --ignore-gpu-blocklist --enable-accelerated-mjpeg-decode --enable-accelerated-video --enable-native-gpu-memory-buffers --enable-gpu-rasterization"; # --enable-native-gpu-memory-buffers # fails on AMD APU
commandLineArgs = "--use-vulkan --use-gl=desktop --enable-zero-copy --enable-hardware-overlays --enable-features=VaapiVideoDecoder,CanvasOopRasterization --ignore-gpu-blocklist --enable-accelerated-mjpeg-decode --enable-accelerated-video --enable-gpu-rasterization";
}; };
}; };
# todo vulkan in chrome # todo vulkan in chrome

10
common/pc/default.nix
View File

@ -46,6 +46,10 @@ in {
gparted gparted
lm_sensors lm_sensors
libreoffice-fresh libreoffice-fresh
thunderbird
spotify-qt
arduino
yt-dlp
]; ];
# Networking # Networking
@ -54,6 +58,12 @@ in {
# Printing # Printing
services.printing.enable = true; services.printing.enable = true;
services.printing.drivers = with pkgs; [
gutenprint
];
# Printer discovery
services.avahi.enable = true;
services.avahi.nssmdns = true;
# Security # Security
services.gnome.gnome-keyring.enable = true; services.gnome.gnome-keyring.enable = true;

5
common/pc/kde.nix
View File

@ -14,7 +14,10 @@ in {
# kde apps # kde apps
nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true; nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true;
users.users.googlebot.packages = with pkgs; [ users.users.googlebot.packages = with pkgs; [
akonadi kmail plasma5Packages.kmail-account-wizard # akonadi
# kmail
# plasma5Packages.kmail-account-wizard
kate
]; ];
}; };
} }

10
common/server/drastikbot.nix
View File

@ -25,6 +25,10 @@ let
cp -r ''${arr[1]}/* $out/irc/modules cp -r ''${arr[1]}/* $out/irc/modules
cp -r ''${arr[2]}/* $out/irc/modules cp -r ''${arr[2]}/* $out/irc/modules
sed -i 's|\(http://drastik.org/drastikbot"\)|\1 " https://git.neet.dev/zuckerberg/dailybuild_modules"|' $out/irc/modules/information.py
sed -i 's|\(https://github.com/olagood/drastikbot_modules\\x0F"\)|\1 " : \\x0311https://git.neet.dev/zuckerberg/dailybuild_modules\\x0F"|' $out/irc/modules/information.py
sed -i 's|AppID = "Enter your AppID here"|import pathlib\nAppID = pathlib.Path("${cfg.wolframAppIdFile}").read_text()|' $out/irc/modules/wolframalpha.py
makeWrapper ${pkgs.python3}/bin/python3 $out/drastikbot \ makeWrapper ${pkgs.python3}/bin/python3 $out/drastikbot \
--prefix PYTHONPATH : ${with pkgs.python3Packages; makePythonPath [requests beautifulsoup4]} \ --prefix PYTHONPATH : ${with pkgs.python3Packages; makePythonPath [requests beautifulsoup4]} \
--add-flags "$out/drastikbot.py" --add-flags "$out/drastikbot.py"
@ -54,6 +58,12 @@ in {
Path to the drastikbot data directory Path to the drastikbot data directory
''; '';
}; };
wolframAppIdFile = lib.mkOption {
type = lib.types.str;
description = ''
The file containing the Wolfram Alpha App ID
'';
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {

11
machines/liza/configuration.nix
View File

@ -122,7 +122,7 @@ in {
}); });
}; };
# wrap radio and drastikbot in a VPN # wrap radio in a VPN
containers.vpn-continer = { containers.vpn-continer = {
ephemeral = true; ephemeral = true;
autoStart = true; autoStart = true;
@ -175,7 +175,14 @@ in {
# load the secret on behalf of the container # load the secret on behalf of the container
age.secrets."pia-login.conf".file = ../../secrets/pia-login.conf; age.secrets."pia-login.conf".file = ../../secrets/pia-login.conf;
services.drastikbot.enable = true; services.drastikbot = {
enable = true;
wolframAppIdFile = "/run/agenix/wolframalpha";
};
age.secrets.wolframalpha = {
file = ../../secrets/wolframalpha.age;
owner = config.services.drastikbot.user;
};
# icecast endpoint + website # icecast endpoint + website
services.nginx.virtualHosts."radio.neet.space" = { services.nginx.virtualHosts."radio.neet.space" = {

39
machines/ray/configuration.nix
View File

@ -1,14 +1,5 @@
{ config, pkgs, fetchurl, lib, ... }: { config, pkgs, lib, ... }:
let
nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
export __GLX_VENDOR_LIBRARY_NAME=nvidia
export __VK_LAYER_NV_optimus=NVIDIA_only
exec -a "$0" "$@"
'';
in
{ {
disabledModules = [ disabledModules = [
"hardware/video/nvidia.nix" "hardware/video/nvidia.nix"
@ -33,31 +24,37 @@ in
hardware.enableAllFirmware = true; hardware.enableAllFirmware = true;
# newer kernel for wifi # newer kernel for wifi
boot.kernelPackages = pkgs.linuxKernel.packages.linux_5_15; boot.kernelPackages = pkgs.linuxPackages_latest;
# gpu # gpu
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
services.xserver.logFile = "/var/log/Xorg.0.log"; services.xserver.logFile = "/var/log/Xorg.0.log";
hardware.nvidia.modesetting.enable = true; # for nvidia-vaapi-driver hardware.nvidia = {
hardware.nvidia.prime = { modesetting.enable = true; # for nvidia-vaapi-driver
# reverse_sync.enable = true; prime = {
# offload.enable = true; #reverse_sync.enable = true;
sync.enable = true; offload.enable = true;
nvidiaBusId = "PCI:1:0:0"; offload.enableOffloadCmd = true;
amdgpuBusId = "PCI:4:0:0"; #sync.enable = true;
nvidiaBusId = "PCI:1:0:0";
amdgpuBusId = "PCI:4:0:0";
};
powerManagement = {
# enable = true;
# finegrained = true;
coarsegrained = true;
};
}; };
services.archivebox = { services.archivebox = {
enable = true; enable = false;
hostname = "localhost"; hostname = "localhost";
publicCreateSnapshots = true; publicCreateSnapshots = true;
}; };
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
services.spotifyd.enable = true;
services.zerotierone.enable = true; services.zerotierone.enable = true;
de.enable = true; de.enable = true;

78
machines/ray/nvidia.nix
View File

@ -56,6 +56,15 @@ in
''; '';
}; };
hardware.nvidia.powerManagement.coarsegrained = mkOption {
type = types.bool;
default = false;
description = ''
Experimental power management of PRIME offload. For more information, see
the NVIDIA docs, chapter 22. PCI-Express runtime power management.
'';
};
hardware.nvidia.modesetting.enable = mkOption { hardware.nvidia.modesetting.enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
@ -131,7 +140,7 @@ in
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
Configure X to allow external NVIDIA GPUs when using optimus. Configure X to allow external NVIDIA GPUs when using Prime [Reverse] Sync.
''; '';
}; };
@ -148,10 +157,26 @@ in
''; '';
}; };
hardware.nvidia.prime.offload.enableOffloadCmd = mkOption {
type = types.bool;
default = false;
description = ''
Adds a `nvidia-offload` convenience script to <option>environment.systemPackages</option>
for offloading programs to an nvidia device. To work, should have also enabled
<option>hardware.nvidia.prime.offload.enable</option> or <option>hardware.nvidia.prime.reverse_sync.enable</option>
Example usage `nvidia-offload sauerbraten_client`
'';
};
hardware.nvidia.prime.reverse_sync.enable = mkOption { hardware.nvidia.prime.reverse_sync.enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = '' description = ''
Warning: This feature is relatively new, depending on your system this might
work poorly. AMD support, especially so.
See: https://forums.developer.nvidia.com/t/the-all-new-outputsink-feature-aka-reverse-prime/129828
Enable NVIDIA Optimus support using the NVIDIA proprietary driver via reverse Enable NVIDIA Optimus support using the NVIDIA proprietary driver via reverse
PRIME. If enabled, the Intel/AMD GPU will be used for all rendering, while PRIME. If enabled, the Intel/AMD GPU will be used for all rendering, while
enabling output to displays attached only to the NVIDIA GPU without a enabling output to displays attached only to the NVIDIA GPU without a
@ -210,11 +235,6 @@ in
igpuBusId = if pCfg.intelBusId != "" then pCfg.intelBusId else pCfg.amdgpuBusId; igpuBusId = if pCfg.intelBusId != "" then pCfg.intelBusId else pCfg.amdgpuBusId;
in mkIf enabled { in mkIf enabled {
assertions = [ assertions = [
{
assertion = with config.services.xserver.displayManager; (gdm.enable && gdm.nvidiaWayland) -> cfg.modesetting.enable;
message = "You cannot use wayland with GDM without modesetting enabled for NVIDIA drivers, set `hardware.nvidia.modesetting.enable = true`";
}
{ {
assertion = primeEnabled -> pCfg.intelBusId == "" || pCfg.amdgpuBusId == ""; assertion = primeEnabled -> pCfg.intelBusId == "" || pCfg.amdgpuBusId == "";
message = '' message = ''
@ -222,6 +242,13 @@ in
''; '';
} }
{
assertion = offloadCfg.enableOffloadCmd -> offloadCfg.enable || reverseSyncCfg.enable;
message = ''
Offload command requires offloading or reverse prime sync to be enabled.
'';
}
{ {
assertion = primeEnabled -> pCfg.nvidiaBusId != "" && (pCfg.intelBusId != "" || pCfg.amdgpuBusId != ""); assertion = primeEnabled -> pCfg.nvidiaBusId != "" && (pCfg.intelBusId != "" || pCfg.amdgpuBusId != "");
message = '' message = ''
@ -234,6 +261,11 @@ in
message = "NVIDIA PRIME render offload is currently only supported on versions >= 435.21."; message = "NVIDIA PRIME render offload is currently only supported on versions >= 435.21.";
} }
{
assertion = (reverseSyncCfg.enable && pCfg.amdgpuBusId != "") -> versionAtLeast nvidia_x11.version "470.0";
message = "NVIDIA PRIME render offload for AMD APUs is currently only supported on versions >= 470 beta.";
}
{ {
assertion = !(syncCfg.enable && offloadCfg.enable); assertion = !(syncCfg.enable && offloadCfg.enable);
message = "PRIME Sync and Offload cannot be both enabled"; message = "PRIME Sync and Offload cannot be both enabled";
@ -245,7 +277,7 @@ in
} }
{ {
assertion = !(syncCfg.enable && cfg.powerManagement.finegrained); assertion = !(syncCfg.enable && cfg.powerManagement.finegrained && cfg.powerManagement.coarsegrained);
message = "Sync precludes powering down the NVIDIA GPU."; message = "Sync precludes powering down the NVIDIA GPU.";
} }
@ -254,6 +286,11 @@ in
message = "Fine-grained power management requires offload to be enabled."; message = "Fine-grained power management requires offload to be enabled.";
} }
{
assertion = cfg.powerManagement.coarsegrained -> offloadCfg.enable;
message = "Coarse-grained power management requires offload to be enabled.";
}
{ {
assertion = cfg.powerManagement.enable -> ( assertion = cfg.powerManagement.enable -> (
builtins.pathExists (cfg.package.out + "/bin/nvidia-sleep.sh") && builtins.pathExists (cfg.package.out + "/bin/nvidia-sleep.sh") &&
@ -329,12 +366,27 @@ in
environment.etc."egl/egl_external_platform.d".source = environment.etc."egl/egl_external_platform.d".source =
"/run/opengl-driver/share/egl/egl_external_platform.d/"; "/run/opengl-driver/share/egl/egl_external_platform.d/";
hardware.opengl.extraPackages = [ nvidia_x11.out ]; hardware.opengl.extraPackages = [
hardware.opengl.extraPackages32 = [ nvidia_x11.lib32 ]; nvidia_x11.out
# pkgs.nvidia-vaapi-driver
];
hardware.opengl.extraPackages32 = [
nvidia_x11.lib32
# pkgs.pkgsi686Linux.nvidia-vaapi-driver
];
environment.systemPackages = [ nvidia_x11.bin ] environment.systemPackages = [ nvidia_x11.bin ]
++ optionals cfg.nvidiaSettings [ nvidia_x11.settings ] ++ optionals cfg.nvidiaSettings [ nvidia_x11.settings ]
++ optionals nvidiaPersistencedEnabled [ nvidia_x11.persistenced ]; ++ optionals nvidiaPersistencedEnabled [ nvidia_x11.persistenced ]
++ optionals offloadCfg.enableOffloadCmd [
(pkgs.writeShellScriptBin "nvidia-offload" ''
export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
export __GLX_VENDOR_LIBRARY_NAME=nvidia
export __VK_LAYER_NV_optimus=NVIDIA_only
exec -a "$0" "$@"
'')
];
systemd.packages = optional cfg.powerManagement.enable nvidia_x11.out; systemd.packages = optional cfg.powerManagement.enable nvidia_x11.out;
@ -399,7 +451,7 @@ in
KERNEL=="card*", SUBSYSTEM=="drm", DRIVERS=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia%n c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) %n'" KERNEL=="card*", SUBSYSTEM=="drm", DRIVERS=="nvidia", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia%n c $$(grep nvidia-frontend /proc/devices | cut -d \ -f 1) %n'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'" KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'"
KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'" KERNEL=="nvidia_uvm", RUN+="${pkgs.runtimeShell} -c 'mknod -m 666 /dev/nvidia-uvm-tools c $$(grep nvidia-uvm /proc/devices | cut -d \ -f 1) 0'"
'' + optionalString cfg.powerManagement.finegrained '' '' + optionalString (cfg.powerManagement.finegrained || cfg.powerManagement.coarsegrained) ''
# Remove NVIDIA USB xHCI Host Controller devices, if present # Remove NVIDIA USB xHCI Host Controller devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1" ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1"
@ -418,8 +470,10 @@ in
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on" ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on"
''; '';
boot.extraModprobeConfig = mkIf cfg.powerManagement.finegrained '' boot.extraModprobeConfig = optionalString cfg.powerManagement.finegrained ''
options nvidia "NVreg_DynamicPowerManagement=0x02" options nvidia "NVreg_DynamicPowerManagement=0x02"
'' + optionalString cfg.powerManagement.coarsegrained ''
options nvidia "NVreg_DynamicPowerManagement=0x01"
''; '';
boot.blacklistedKernelModules = [ "nouveau" "nvidiafb" ]; boot.blacklistedKernelModules = [ "nouveau" "nvidiafb" ];

1
secrets/secrets.nix
View File

@ -15,4 +15,5 @@ in
"nextcloud-pw.age".publicKeys = all; "nextcloud-pw.age".publicKeys = all;
"iodine.age".publicKeys = all; "iodine.age".publicKeys = all;
"spotifyd.age".publicKeys = all; "spotifyd.age".publicKeys = all;
"wolframalpha.age".publicKeys = all;
} }

BIN
secrets/wolframalpha.age Normal file
View File

Binary file not shown.