diff --git a/.sops.yaml b/.sops.yaml index a51654f..45672d3 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -5,11 +5,9 @@ keys: - &nixos age1rqnmhrrauup2wdhwsahq2ewk39ea9mwhuut2hzpmjfsnhdrxndcsajgj6a - &cobray age195uflh4prg2ysxghpe4h4fvzngc3flheh2yk558fnfrys9c82uvq8xyala - - &magus age1l30vp2udwqguzy82vat7p947fr8ss3cxt2turan3533007q80vss46m9vd creation_rules: - path_regex: secrets/.*\.yaml$ key_groups: - age: - *nixos - *cobray - - *magus diff --git a/flake.lock b/flake.lock index 25a8801..2834e62 100644 --- a/flake.lock +++ b/flake.lock @@ -55,27 +55,6 @@ "type": "github" } }, - "copyparty": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1773272006, - "narHash": "sha256-YGuXb5p9RCWJ7NrqDh1AUTy2NNfLYn38t6trGMpSkJc=", - "owner": "9001", - "repo": "copyparty", - "rev": "6eb4f0ad9cc266abd5007509a15be93daa887ccf", - "type": "github" - }, - "original": { - "owner": "9001", - "repo": "copyparty", - "type": "github" - } - }, "disko": { "inputs": { "nixpkgs": [ @@ -83,11 +62,11 @@ ] }, "locked": { - "lastModified": 1773025010, - "narHash": "sha256-khlHllTsovXgT2GZ0WxT4+RvuMjNeR5OW0UYeEHPYQo=", + "lastModified": 1772867152, + "narHash": "sha256-RIFgZ4O6Eg+5ysZ8Tqb3YvcqiRaNy440GEY22ltjRrs=", "owner": "nix-community", "repo": "disko", - "rev": "7b9f7f88ab3b339f8142dc246445abb3c370d3d3", + "rev": "eaafb89b56e948661d618eefd4757d9ea8d77514", "type": "github" }, "original": { @@ -103,11 +82,11 @@ ] }, "locked": { - "lastModified": 1773364473, - "narHash": "sha256-9YAdoHwraLtl6PWEc9IEn813nV5GU1CPkxQPTaLKIac=", + "lastModified": 1772893410, + "narHash": "sha256-S8+Q/LGH9QL5vq8Tfa50OL1gPvIctdF0mcPuZ7uZ39c=", "owner": "AvengeMedia", "repo": "dms-plugin-registry", - "rev": "56ebc453b95a640021ab5c3542fc839b5c3506b7", + "rev": "740861847b193c099a2a7aff7300293c99528410", "type": "github" }, "original": { @@ -121,11 +100,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1773118123, - "narHash": "sha256-uwU+JTxjzveJgepaA84gyi28cx/akT7RE/qH8s7qMjk=", + "lastModified": 1771242501, + "narHash": "sha256-7azh4I/Qxz9e3liYmslBptv/wcCZfs2mjbLueKgz6PE=", "owner": "Momoyaan", "repo": "dwproton-flake", - "rev": "2279531470e2d98febfe0ad7433bcbd7dc83c9aa", + "rev": "4455649c5773abfc22244b36b5c542282dc76112", "type": "github" }, "original": { @@ -217,11 +196,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1772408722, - "narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=", + "lastModified": 1769996383, + "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3", + "rev": "57928607ea566b5db3ad13af0e57e921e6b12381", "type": "github" }, "original": { @@ -249,12 +228,15 @@ } }, "flake-utils": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1678901627, - "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -285,17 +267,18 @@ "ghostty": { "inputs": { "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils", "home-manager": "home-manager", "nixpkgs": "nixpkgs_4", "zig": "zig", "zon2nix": "zon2nix" }, "locked": { - "lastModified": 1773361950, - "narHash": "sha256-GfVt1S3QXDxZF8wRZ5lvDJiobvRJSLB3hnOwPs5a/xM=", + "lastModified": 1772901710, + "narHash": "sha256-iHVOdllj/cLEV7SdcvSjPem2pP6K7ISPL+HKnENoWjA=", "owner": "ghostty-org", "repo": "ghostty", - "rev": "d4019fa484c821b8d3a1ef73d42357ae8d86f2b7", + "rev": "472b926a4d7abbacad4deea17aa0a0c69ffc12d3", "type": "github" }, "original": { @@ -314,11 +297,11 @@ ] }, "locked": { - "lastModified": 1772893680, - "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", + "lastModified": 1770726378, + "narHash": "sha256-kck+vIbGOaM/dHea7aTBxdFYpeUl/jHOy5W3eyRvVx8=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", + "rev": "5eaaedde414f6eb1aea8b8525c466dc37bba95ae", "type": "github" }, "original": { @@ -418,11 +401,11 @@ ] }, "locked": { - "lastModified": 1773332277, - "narHash": "sha256-1V+wRrZD9Sw12AQBUWk9CR+XhDZQ8q6yBE0S3Wjbd1M=", + "lastModified": 1772845525, + "narHash": "sha256-Dp5Ir2u4jJDGCgeMRviHvEQDe+U37hMxp6RSNOoMMPc=", "owner": "nix-community", "repo": "home-manager", - "rev": "4aeef1941f862fe3a70d1b8264b4e289358c2325", + "rev": "27b93804fbef1544cb07718d3f0a451f4c4cd6c0", "type": "github" }, "original": { @@ -506,11 +489,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1773316626, - "narHash": "sha256-BrDGYt2w2tSkCvjMtgcVGIAp3FWsV5Ycl4ongLZ/fLk=", + "lastModified": 1772907683, + "narHash": "sha256-BD6e/J2oclB0dDyvPJ9hVLNByiXaXn4jQ+CUZu5g4Kk=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "e8684034525829d58054c32da914d1713398fbb8", + "rev": "02f30ea15b349d1ed98b608ed06ec88c834592dd", "type": "github" }, "original": { @@ -792,11 +775,11 @@ "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1773283055, - "narHash": "sha256-wB/0EYnf7VnZxANC1xANXQtx5pS9riXR3Y4e2/BQ4Lo=", + "lastModified": 1772906589, + "narHash": "sha256-RF6tdst0P1es2yY0w1BjptAzBPYNVUIRbjJ6cKOvefI=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "021365f15453feab8aafc23fb3f111669a963292", + "rev": "a2456108efbdb96c0a5c2d5f733bdf8704da8254", "type": "github" }, "original": { @@ -812,11 +795,11 @@ ] }, "locked": { - "lastModified": 1772945408, - "narHash": "sha256-PMt48sEQ8cgCeljQ9I/32uoBq/8t8y+7W/nAZhf72TQ=", + "lastModified": 1772341813, + "narHash": "sha256-/PQ0ubBCMj/MVCWEI/XMStn55a8dIKsvztj4ZVLvUrQ=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "1c1d8ea87b047788fd7567adf531418c5da321ec", + "rev": "a2051ff239ce2e8a0148fa7a152903d9a78e854f", "type": "github" }, "original": { @@ -844,15 +827,14 @@ "inputs": { "flake-compat": "flake-compat_5", "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_9", - "nixpkgs-nixcord": "nixpkgs-nixcord" + "nixpkgs": "nixpkgs_9" }, "locked": { - "lastModified": 1773362752, - "narHash": "sha256-VO4M4+Tt0CgGbIj30abxIxnK0aVHklwhTzeVM2/nj4c=", + "lastModified": 1772891434, + "narHash": "sha256-+MUN+5lOvWS6T4pvIZBGL4AKJkflLXGgVRYTlNeZEiE=", "owner": "kaylorben", "repo": "nixcord", - "rev": "5f38b1630b5af54ea7bad2a2308298fe10648a36", + "rev": "fc63af2dbc92cdcfeb6c650d986280057b0f135c", "type": "github" }, "original": { @@ -879,11 +861,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1772328832, - "narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=", + "lastModified": 1769909678, + "narHash": "sha256-cBEymOf4/o3FD5AZnzC3J9hLbiZ+QDT/KDuyHXVJOpM=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742", + "rev": "72716169fe93074c333e8d0173151350670b824c", "type": "github" }, "original": { @@ -907,29 +889,13 @@ "type": "github" } }, - "nixpkgs-nixcord": { - "locked": { - "lastModified": 1773222311, - "narHash": "sha256-BHoB/XpbqoZkVYZCfXJXfkR+GXFqwb/4zbWnOr2cRcU=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "0590cd39f728e129122770c029970378a79d076a", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.11", - "repo": "nixpkgs", - "type": "github" - } - }, "nixpkgs_10": { "locked": { - "lastModified": 1773365326, - "narHash": "sha256-hSUZrHUxc1URUB7kvHEtAGiceg53s1wBk9VDCSn0+9A=", + "lastModified": 1772906963, + "narHash": "sha256-jT3m0eiRH9TLqMsMVblze5/DPupInp8Qc8Gop8Zxfho=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "84d57a69108bcf1368c30fdfcfec391bea670f59", + "rev": "5a60c0dff24e7109c0e87fd53e5bbc0032fa0cbd", "type": "github" }, "original": { @@ -940,11 +906,11 @@ }, "nixpkgs_11": { "locked": { - "lastModified": 1772956932, - "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", + "lastModified": 1772419343, + "narHash": "sha256-QU3Cd5DJH7dHyMnGEFfPcZDaCAsJQ6tUD+JuUsYqnKU=", "owner": "nixos", "repo": "nixpkgs", - "rev": "608d0cadfed240589a7eea422407a547ad626a14", + "rev": "93178f6a00c22fcdee1c6f5f9ab92f2072072ea9", "type": "github" }, "original": { @@ -972,11 +938,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1773222311, - "narHash": "sha256-BHoB/XpbqoZkVYZCfXJXfkR+GXFqwb/4zbWnOr2cRcU=", + "lastModified": 1772822230, + "narHash": "sha256-yf3iYLGbGVlIthlQIk5/4/EQDZNNEmuqKZkQssMljuw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0590cd39f728e129122770c029970378a79d076a", + "rev": "71caefce12ba78d84fe618cf61644dce01cf3a96", "type": "github" }, "original": { @@ -1049,11 +1015,11 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1772736753, - "narHash": "sha256-au/m3+EuBLoSzWUCb64a/MZq6QUtOV8oC0D9tY2scPQ=", + "lastModified": 1772173633, + "narHash": "sha256-MOH58F4AIbCkh6qlQcwMycyk5SWvsqnS/TCfnqDlpj4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "917fec990948658ef1ccd07cef2a1ef060786846", + "rev": "c0f3d81a7ddbc2b1332be0d8481a672b4f6004d6", "type": "github" }, "original": { @@ -1065,11 +1031,11 @@ }, "nixpkgs_9": { "locked": { - "lastModified": 1773222311, - "narHash": "sha256-BHoB/XpbqoZkVYZCfXJXfkR+GXFqwb/4zbWnOr2cRcU=", + "lastModified": 1772465433, + "narHash": "sha256-ywy9troNEfpgh0Ee+zaV1UTgU8kYBVKtvPSxh6clYGU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "0590cd39f728e129122770c029970378a79d076a", + "rev": "c581273b8d5bdf1c6ce7e0a54da9841e6a763913", "type": "github" }, "original": { @@ -1123,11 +1089,11 @@ "nixpkgs": "nixpkgs_11" }, "locked": { - "lastModified": 1773110605, - "narHash": "sha256-AnfAO9sLP/0r0e3ycDJ81F3nUmrkHlHmrlaejpwih+I=", + "lastModified": 1772470809, + "narHash": "sha256-exjX+6eNT+hxu7+ODK4oag4dcEY2nevXaCO+oqQIhBE=", "owner": "Arsalan2356", "repo": "proton-cachyos-flake", - "rev": "55025d0c21884159f7c33ec5887be0ca51974832", + "rev": "c419ee36b64a87b175c8c3ce49187c2a992b5be0", "type": "github" }, "original": { @@ -1143,11 +1109,11 @@ ] }, "locked": { - "lastModified": 1773313344, - "narHash": "sha256-wH4EkAGRBmmSnn8CeryL82z4648KogtPlxi0med6WEQ=", + "lastModified": 1772795720, + "narHash": "sha256-jAmJlxVl+dy3OgF9zn0MVmeXSmblRaDMMV1X1hzRN5g=", "ref": "refs/heads/master", - "rev": "706d6de7b0236cec2c25556e284b91104a4e834b", - "revCount": 754, + "rev": "6bcd3d9bbf81efdd8620409b268b90310bc1374c", + "revCount": 749, "type": "git", "url": "https://git.outfoxxed.me/outfoxxed/quickshell" }, @@ -1159,7 +1125,6 @@ "root": { "inputs": { "aagl": "aagl", - "copyparty": "copyparty", "disko": "disko", "dms-plugins-registry": "dms-plugins-registry", "dw-proton": "dw-proton", @@ -1207,11 +1172,11 @@ ] }, "locked": { - "lastModified": 1773096132, - "narHash": "sha256-M3zEnq9OElB7zqc+mjgPlByPm1O5t2fbUrH3t/Hm5Ag=", + "lastModified": 1772495394, + "narHash": "sha256-hmIvE/slLKEFKNEJz27IZ8BKlAaZDcjIHmkZ7GCEjfw=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d1ff3b1034d5bab5d7d8086a7803c5a5968cd784", + "rev": "1d9b98a29a45abe9c4d3174bd36de9f28755e3ff", "type": "github" }, "original": { @@ -1221,7 +1186,6 @@ } }, "systems": { - "flake": false, "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -1268,11 +1232,11 @@ }, "unstable": { "locked": { - "lastModified": 1773201692, - "narHash": "sha256-NXrKzNMniu4Oam2kAFvqJ3GB2kAvlAFIriTAheaY8hw=", + "lastModified": 1772736753, + "narHash": "sha256-au/m3+EuBLoSzWUCb64a/MZq6QUtOV8oC0D9tY2scPQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b6067cc0127d4db9c26c79e4de0513e58d0c40c9", + "rev": "917fec990948658ef1ccd07cef2a1ef060786846", "type": "github" }, "original": { @@ -1329,18 +1293,21 @@ "ghostty", "flake-compat" ], + "flake-utils": [ + "ghostty", + "flake-utils" + ], "nixpkgs": [ "ghostty", "nixpkgs" - ], - "systems": "systems" + ] }, "locked": { - "lastModified": 1773145353, - "narHash": "sha256-dE8zx8WA54TRmFFQBvA48x/sXGDTP7YaDmY6nNKMAYw=", + "lastModified": 1763295135, + "narHash": "sha256-sGv/NHCmEnJivguGwB5w8LRmVqr1P72OjS+NzcJsssE=", "owner": "mitchellh", "repo": "zig-overlay", - "rev": "8666155d83bf792956a7c40915508e6d4b2b8716", + "rev": "64f8b42cfc615b2cf99144adf2b7728c7847c72a", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 1b3fdd9..675acb1 100644 --- a/flake.nix +++ b/flake.nix @@ -85,11 +85,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - copyparty = { - url = "github:9001/copyparty"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; @@ -183,6 +178,7 @@ inherit inputs; hyprlanddots = inputs.hyprland-dots; nvimDots = inputs.nvim-dots; + #dankMaterialShell = inputs.dankMaterialShell.packages.${system}.default; }; sharedModules = [ inputs.nixcord.homeModules.nixcord @@ -202,8 +198,6 @@ modules = [ inputs.disko.nixosModules.disko inputs.nix-index-database.nixosModules.nix-index - inputs.copyparty.nixosModules.default - inputs.sops-nix.nixosModules.sops { nixpkgs = { config = { @@ -212,7 +206,6 @@ }; hostPlatform = system; overlays = [ - inputs.copyparty.overlays.default (final: prev: { inherit (customPkgs) diff --git a/home-manager/modules/discord.nix b/home-manager/modules/discord.nix index 031396e..ecaaf33 100644 --- a/home-manager/modules/discord.nix +++ b/home-manager/modules/discord.nix @@ -1,9 +1,13 @@ -{...}: { +{ + pkgs, + config, + ... +}: { programs.nixcord = { enable = true; discord = { enable = true; - branch = "stable"; + branch = "canary"; autoscroll.enable = true; }; config = { @@ -53,6 +57,9 @@ reverseImageSearch = { enable = true; }; + sekaiStickers = { + enable = true; + }; sendTimestamps = { enable = true; }; diff --git a/home-manager/modules/emulators.nix b/home-manager/modules/emulators.nix index 97d5d82..1e2df24 100644 --- a/home-manager/modules/emulators.nix +++ b/home-manager/modules/emulators.nix @@ -2,9 +2,6 @@ home.packages = with pkgs; [ desmume rpcs3 - ppsspp - mgba - dolphin-emu input-remapper ]; } diff --git a/home-manager/modules/imagemagick.nix b/home-manager/modules/imagemagick.nix index c2d15dc..708a7bf 100644 --- a/home-manager/modules/imagemagick.nix +++ b/home-manager/modules/imagemagick.nix @@ -1,6 +1,6 @@ -{pkgs, ...}: { +{pkgs, ...}: +{ home.packages = with pkgs; [ imagemagick - pinta ]; } diff --git a/hosts/magus.nix b/hosts/magus.nix index f7d18fa..0ce061a 100644 --- a/hosts/magus.nix +++ b/hosts/magus.nix @@ -1,5 +1,8 @@ { + config, pkgs, + lib, + inputs, modulesPath, ... }: { @@ -19,9 +22,8 @@ ./modules/rust.nix ./modules/python.nix ./modules/go.nix - ./modules/misc.nix - ./server/forgejo.nix - ./server/copyparty.nix + ./modules/ld.nix + ./modules/core.nix ]; system.stateVersion = "25.11"; @@ -32,10 +34,20 @@ programs.fish.enable = true; + npm.enable = true; + environment.systemPackages = with pkgs; [ xclip direnv ]; + nix = { + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + settings.auto-optimise-store = true; + }; services = { fstrim.enable = true; xserver.enable = false; diff --git a/hosts/modules/boot.nix b/hosts/modules/boot.nix index 9faa4c5..d4e334d 100644 --- a/hosts/modules/boot.nix +++ b/hosts/modules/boot.nix @@ -8,10 +8,7 @@ efi.canTouchEfiVariables = true; timeout = 5; }; - tmp = { - useTmpfs = true; - tmpfsSize = "50%"; - }; + tmp.cleanOnBoot = true; kernelPackages = pkgs.linuxPackages_latest; #50 series nvidia drivers are kinda a mess; use 6.12 if there's any issues #kernelPackages = pkgs.linuxPackages_6_12; @@ -26,41 +23,16 @@ "boot.shell_on_fail" "udev.log_priority=3" "rd.systemd.show_status=auto" - "nowatchdog" + "nvidia_drm.modeset=1" + "nvidia_drm.fbdev=1" ]; - kernelModules = ["tcp_bbr"]; + # cpu specific optimizations kernel.sysctl = { - "vm.swappiness" = 60; + "vm.swappiness" = 10; "vm.vfs_cache_pressure" = 50; - "vm.compaction_proactiveness" = 0; - "vm.page_lock_unfairness" = 1; - "vm.max_map_count" = 2147483642; #SteamOS default - "kernel.split_lock_mitigate" = 0; - "net.core.rmem_max" = 16777216; - "net.core.wmem_max" = 16777216; - "net.ipv4.tcp_fastopen" = 3; - "net.ipv4.tcp_congestion_control" = "bbr"; }; - kernelPatches = [ - { - name = "Rust"; - patch = null; - features = { - rust = true; - }; - } - ]; }; - # redirect builds to disk so tmpfs doesn't blow up - systemd.services.nix-daemon.environment.TMPDIR = "/var/tmp"; - - zramSwap = { - enable = true; - algorithm = "zstd"; - memoryPercent = 50; - priority = 100; - }; # been annoying as of late systemd.oomd.enable = false; diff --git a/hosts/modules/env.nix b/hosts/modules/env.nix index f5dd64f..bb5a4f6 100644 --- a/hosts/modules/env.nix +++ b/hosts/modules/env.nix @@ -1,5 +1,6 @@ { pkgs, + lib, config, ... }: { @@ -11,6 +12,30 @@ XCURSOR_SIZE = toString config.theme.cursorSize; QT_QPA_PLATFORMTHEME = config.theme.qtTheme; QT_STYLE_OVERRIDE = config.theme.qtOverride; + CC = "${pkgs.gcc}/bin/gcc"; + LIBCLANG_PATH = "${pkgs.llvmPackages.libclang.lib}/lib"; + LUA_PATH = "${pkgs.luajit}/share/lua/${pkgs.luajit.luaversion}/?.lua;${pkgs.luajit}/share/lua/${pkgs.luajit.luaversion}/?/init.lua;;"; + LUA_CPATH = "${pkgs.luajit}/lib/lua/${pkgs.luajit.luaversion}/?.so;;"; + }; + + environment.sessionVariables = { + PKG_CONFIG_PATH = lib.makeSearchPath "lib/pkgconfig" [ + pkgs.portaudio + pkgs.alsa-lib + pkgs.stdenv.cc.cc + ]; + + LD_LIBRARY_PATH = lib.makeLibraryPath [ + pkgs.libglvnd + pkgs.mesa + pkgs.cudatoolkit + pkgs.mangohud + pkgs.portaudio + pkgs.alsa-lib + pkgs.wayland + pkgs.libxkbcommon + pkgs.glib + ]; }; environment.pathsToLink = [ @@ -20,21 +45,6 @@ "/share/pixmaps" ]; - programs.nix-ld = { - enable = true; - libraries = with pkgs; [ - libglvnd - mesa - cudatoolkit - mangohud - portaudio - alsa-lib - wayland - libxkbcommon - glib - ]; - }; - programs.direnv = { enable = true; nix-direnv.enable = true; diff --git a/hosts/modules/nixos.nix b/hosts/modules/nixos.nix index a681a17..b0524a9 100644 --- a/hosts/modules/nixos.nix +++ b/hosts/modules/nixos.nix @@ -7,6 +7,7 @@ nixpkgs.config.allowUnfree = true; programs.nix-index.enable = true; programs.command-not-found.enable = false; + zramSwap.enable = true; environment.systemPackages = with pkgs; [ cachix nix-prefetch-git diff --git a/hosts/modules/nvidia.nix b/hosts/modules/nvidia.nix index a4f5987..cd2af69 100644 --- a/hosts/modules/nvidia.nix +++ b/hosts/modules/nvidia.nix @@ -11,13 +11,27 @@ powerManagement.enable = false; nvidiaSettings = true; nvidiaPersistenced = true; - package = config.boot.kernelPackages.nvidiaPackages.mkDriver { - version = "595.45.04"; - sha256_64bit = "sha256-zUllSSRsuio7dSkcbBTuxF+dN12d6jEPE0WgGvVOj14="; - openSha256 = "sha256-uqNfImwTKhK8gncUdP1TPp0D6Gog4MSeIJMZQiJWDoE="; - settingsSha256 = "sha256-Y45pryyM+6ZTJyRaRF3LMKaiIWxB5gF5gGEEcQVr9nA="; - persistencedSha256 = "sha256-5FoeUaRRMBIPEWGy4Uo0Aho39KXmjzQsuAD9m/XkNpA="; - }; + + package = let + base = config.boot.kernelPackages.nvidiaPackages.mkDriver { + version = "590.48.01"; + sha256_64bit = "sha256-ueL4BpN4FDHMh/TNKRCeEz3Oy1ClDWto1LO/LWlr1ok="; + openSha256 = "sha256-hECHfguzwduEfPo5pCDjWE/MjtRDhINVr4b1awFdP44="; + settingsSha256 = "sha256-4SfCWp3swUp+x+4cuIZ7SA5H7/NoizqgPJ6S9fm90fA="; + persistencedSha256 = "sha256-wsNeuw7IaY6Qc/i/AzT/4N82lPjkwfrhxidKWUtcwW8="; + }; + + cachyosPatch = pkgs.fetchpatch { + url = "https://raw.githubusercontent.com/CachyOS/CachyOS-PKGBUILDS/master/nvidia/nvidia-utils/kernel-6.19.patch"; + sha256 = "sha256-YuJjSUXE6jYSuZySYGnWSNG5sfVei7vvxDcHx3K+IN4="; + }; + in + base + // { + open = base.open.overrideAttrs (old: { + patches = (old.patches or []) ++ [cachyosPatch]; + }); + }; }; hardware.nvidia-container-toolkit.enable = true; diff --git a/hosts/server/copyparty.nix b/hosts/server/copyparty.nix deleted file mode 100644 index 8991d1d..0000000 --- a/hosts/server/copyparty.nix +++ /dev/null @@ -1,64 +0,0 @@ -{config, ...}: { - sops = { - defaultSopsFile = ../../secrets/secrets.yaml; - defaultSopsFormat = "yaml"; - age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; - secrets.copyparty = { - owner = "copyparty"; - }; - }; - services.copyparty = { - enable = true; - settings = { - i = "127.0.0.1"; - p = [3923]; - e2dsa = true; - e2ts = true; - xff-src = "127.0.0.1"; - og-ua = "(Discord|Twitter|Slack)bot"; - }; - accounts = { - admin.passwordFile = config.sops.secrets.copyparty.path; - }; - volumes = { - "/" = { - path = "/srv/copyparty"; - access = { - A = "admin"; - g = "*"; - }; - flags = { - e2d = true; - dedup = true; - }; - }; - }; - }; - systemd.tmpfiles.rules = [ - "d /srv/copyparty 0750 copyparty copyparty -" - ]; - services.nginx = { - enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - virtualHosts."share.monaie.ca" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3923"; - proxyWebsockets = true; - extraConfig = '' - client_max_body_size 0; - proxy_buffering off; - proxy_request_buffering off; - proxy_buffers 32 8k; - proxy_buffer_size 16k; - proxy_busy_buffers_size 24k; - proxy_set_header Connection "Keep-Alive"; - proxy_read_timeout 36000s; - proxy_send_timeout 36000s; - ''; - }; - }; - }; -} diff --git a/hosts/server/filebrowser.nix b/hosts/server/filebrowser.nix deleted file mode 100644 index 4ddeff7..0000000 --- a/hosts/server/filebrowser.nix +++ /dev/null @@ -1,34 +0,0 @@ -{...}: { - services.filebrowser = { - enable = true; - settings = { - address = "127.0.0.1"; - port = 6767; - root = "/srv/filebrowser"; - database = "/var/lib/filebrowser/filebrowser.db"; - }; - }; - - systemd.tmpfiles.rules = [ - "d /srv/filebrowser 0750 filebrowser filebrowser -" - ]; - - services.nginx = { - enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - - virtualHosts."share.monaie.ca" = { - forceSSL = true; - enableACME = true; - - locations."/" = { - proxyPass = "http://127.0.0.1:6767"; - proxyWebsockets = true; - extraConfig = '' - client_max_body_size 0; - ''; - }; - }; - }; -} diff --git a/hosts/server/forgejo.nix b/hosts/server/forgejo.nix deleted file mode 100644 index 414f439..0000000 --- a/hosts/server/forgejo.nix +++ /dev/null @@ -1,79 +0,0 @@ -{...}: let - domain = "git.monaie.ca"; - port = 3000; -in { - services.postgresql = { - enable = true; - ensureDatabases = ["forgejo"]; - ensureUsers = [ - { - name = "forgejo"; - ensureDBOwnership = true; - } - ]; - }; - - services.forgejo = { - enable = true; - database.type = "postgres"; - lfs.enable = true; - settings = { - server = { - DOMAIN = domain; - ROOT_URL = "https://${domain}/"; - HTTP_ADDR = "127.0.0.1"; - HTTP_PORT = port; - SSH_DOMAIN = domain; - }; - service = { - DISABLE_REGISTRATION = true; - REQUIRE_SIGNIN_VIEW = false; - }; - session = { - PROVIDER = "redis"; - PROVIDER_CONFIG = "network=unix,addr=/run/redis-forgejo/redis.sock,db=0,pool_size=100,idle_timeout=180"; - }; - cache = { - ADAPTER = "redis"; - HOST = "network=unix,addr=/run/redis-forgejo/redis.sock,db=1,pool_size=100,idle_timeout=180"; - }; - queue = { - TYPE = "redis"; - CONN_STR = "network=unix,addr=/run/redis-forgejo/redis.sock,db=2"; - }; - log.LEVEL = "Warn"; - security.INSTALL_LOCK = true; - actions.ENABLED = false; - }; - }; - - services.redis.servers.forgejo = { - enable = true; - port = 0; - unixSocket = "/run/redis-forgejo/redis.sock"; - unixSocketPerm = 660; - }; - users.users.forgejo.extraGroups = ["redis-forgejo"]; - - services.nginx = { - enable = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedOptimisation = true; - recommendedGzipSettings = true; - virtualHosts.${domain} = { - forceSSL = true; - enableACME = true; - extraConfig = "client_max_body_size 0M;"; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString port}"; - proxyWebsockets = true; - }; - }; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "riiidge.racer@gmail.com"; - }; -} diff --git a/hosts/server/networking.nix b/hosts/server/networking.nix index 8fb41e1..48c50a9 100644 --- a/hosts/server/networking.nix +++ b/hosts/server/networking.nix @@ -1,4 +1,8 @@ -{...}: { +{ + config, + lib, + ... +}: { networking = { hostName = "magus"; useDHCP = false; diff --git a/hosts/server/redis.nix b/hosts/server/redis.nix index 40efad2..55a5cd4 100644 --- a/hosts/server/redis.nix +++ b/hosts/server/redis.nix @@ -1,4 +1,8 @@ -{...}: { +{ + config, + pkgs, + ... +}: { services.redis.servers."" = { enable = true; bind = "127.0.0.1"; diff --git a/hosts/server/security.nix b/hosts/server/security.nix index 3b7057b..fbf7c58 100644 --- a/hosts/server/security.nix +++ b/hosts/server/security.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + config, + pkgs, + ... +}: { services.openssh = { enable = true; ports = [8123]; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 2d938c1..a04bd6a 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -16,37 +16,27 @@ api: cachix: ENC[AES256_GCM,data:9qtGi/0eJep0vHafCLnJAWJxFBMP0nNiiDkvTYhZDMw+PcwTe2nsWZ/IPpBGfAayv9/vPv60U5vwPYJyzTVuo5UXVBSWTISzydTn6OZNhGbItHPg76TZOAP1Aj14Qk/Q9XMrWCs2AtwmkQlG8R4nRL0I5i+7xnn9PvjBRO3RiduREox+4qZuE6WcIXSg2pm0BA==,iv:B2pVSZXtIhUnUcIyMdYyWVpo58V8oAh+EhKUfhaV7A4=,tag:RLC+SspSqP47sB5sLojx3Q==,type:str] vast: ENC[AES256_GCM,data:sR/Dz8uIzm22gPWUN/mcWpF9UsPQd5x836ohnp+RVw5YS4cTGe0lzpIYvEofNoChijABhzarr7aFcT9Wwas6eQ==,iv:P1BCmKMO3kJU4IZIxfxLyAsMG5Gv2/ceCZsFYFtsRts=,tag:SFXNtEuIswPAoeZp6Vg+Pw==,type:str] hf: ENC[AES256_GCM,data:VRZd9BkraUJzuIzPYaB/+/S4AMJKeRU3hJiBaej+VimfePI9COGnnGItd/YL+Nsh0u6FrPZGuu1HJxJHGw4Ydrbk24s=,iv:DtaVaUNEqgE3tIRBJ+XiO5T8qkf6mEciNGLKRRVfjWc=,tag:tCehxESzfSsdmpezK0bWyg==,type:str] -copyparty: ENC[AES256_GCM,data:mdGOMAxJz7AZufV6aKAE3P6zlsKg,iv:Rn4/opEVreG18Fk6hba2mGG+T7L+isGd9HIUoArFMzw=,tag:zTb46zo59Yr5HweaHJuYyw==,type:str] sops: age: - recipient: age1rqnmhrrauup2wdhwsahq2ewk39ea9mwhuut2hzpmjfsnhdrxndcsajgj6a enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuWW4rdWF1cDRDWlIyRGpG - TEl5U3JOS3JvVElLUGZENmFncFdBTVh0dlEwClZRL2cxcDllc0cyR1g4bUJxREFt - Ylp4akJRK01OVTZFZTZJQW9nNzR2ekEKLS0tIHF3STYxUVVhZy9GS1Y2M09xMFlW - REFnSVc2Tk4zYnFpY1hHOE9lVjlMbFUKZpyLFtIcSkaGgT6uCBpPH8i3VQDmJnCQ - r480BWwsLQNZ3jThRPsMRKWwddWgDz1uw/+d3Xq0NXU5XaPwuYpylQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtUVF5QzJtUG5xWjhxL3JO + dHV0Yjl6eUR0M1FsWS9tOCtKUkhYenVCbUNVCmd0enpVdGZuYnNySE1CVTBzcnZ0 + ckVxSEk4VDRvTzN6SS9IWExtKzlqYkUKLS0tIC9FT1BVdWpISVIySEdwUGMzU21H + aEpXN3BCY2Qxb2I5eUpIUitkaGJxU1kKBWHVxyj529sPs/V4S8TXYeiHU10EphXR + 8H5MCUFywwqDFD6xG3kzthx8yn+sNqsmeoU0rqlDEIQJhBmJLnjeUg== -----END AGE ENCRYPTED FILE----- - recipient: age195uflh4prg2ysxghpe4h4fvzngc3flheh2yk558fnfrys9c82uvq8xyala enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBveHQyQXVZaGRLU2E0WGs3 - VmY3QjVrVUVxbGZBVjNOVTVLTFZ4WlE0VXcwCkdCejF4VytSVk9yUmVEcjBNU3k4 - NlhXY3pOYkFjS1lPVjUwaitLSWxHUDgKLS0tIDZ1Ry8xZVBhQjZpM25lQVhDTlE1 - Q1o4Z3VKckRsU0k4S3lGSlRUejRQYzAKsrjzyRFJCfGccxHQvW9m5UpTBLg3vIS4 - OWXeNOIaLJOndJqfJanpjygLYchifbMY2WLYkiuO1vZzuqUh/DASDw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBVSkoyVDlmdjliaDhYWnNC + c2pUZjBxMjZKaW40Z2t1aUNRelFmRGlVa3pJCkxRaU5jKytBWk0xbFVLOEJ5a0lw + aHR1N1h6dzd6Z3czWjR1ZFh5aFY4RG8KLS0tIEJGSkdhV1RyRE1rbVAwajlvLzBi + MWloN252SnJPYitMYUN5eTZtbUtTbHMK1wBkjyg/dHbm6Pf9mDh91Ve0m9ZyRvcR + LgEeeWTq6bs8LeslSlv6KNzvEPdNPbhUC0UX1AwYw1Re3/VuXxPHnA== -----END AGE ENCRYPTED FILE----- - - recipient: age1l30vp2udwqguzy82vat7p947fr8ss3cxt2turan3533007q80vss46m9vd - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBlQm1HOG1oOGJWUi8ycXQx - Yzgzem01eWZKdDB4bFpDUy84Q2FpaVJJWEhZCjRKL0tGSDIzUDBvaUFHaE1GNUpM - SXZROENva3FlT05XTk5EOEUvVFR2S00KLS0tIHg1K2Z0MHR2TmRmU1BVVExOQXFy - d29DcTBRdGM4MnBlVlRqNUMyRzZuOUkKynbZibt5vQFeEnfVcO812NbY3jnJNUCp - 9SHgNo0PYlFJGkWx8vZxc4gNYBEXqCwxuHvI7IDqOw2HRD1G+rHrSw== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-03-13T04:13:02Z" - mac: ENC[AES256_GCM,data:VP5Q+ik65yNKLZm8G2f+uv4rU3qCTugZM8xdASI740enurprk6nfCaPiCTKF2CEiINb0ZKOy+0nKntTB3GEQcYOom0wxZUOhoavmkqxuqXNMTkeyXhk5Af9BVz5Kxqlhd5gHXQvDDrZYxCSgFTrt4QoTmLNqg5rHkSRUDCa/MGI=,iv:J046v5FeyIa/wWNZmcL4LSDyu0XfNpqDCyg8kNMREfk=,tag:Qqrg8Azb3GJSsCXe6sQIig==,type:str] + lastmodified: "2026-03-07T04:53:38Z" + mac: ENC[AES256_GCM,data:hz7qNqFvgB//6OEJb0S5nxE8htYlNihYCHSFaaFSw8vltuvofZ7kJSDgO5WfTGcj+B312wBhPn+TYINmmL2+KSYHsPW1erQsLqS8/hI5buU1ixYKEfnuXdt8/EtWT9zjTYFer8U871e5fYmFnpvlelAweT2x1psOEGI5ERy7/VM=,iv:ktrO/uakTz5o6vR41bDBXMSU//hwfXmurtrXeBz65UU=,tag:itOQIy2m8L9c6qiytyRT7w==,type:str] unencrypted_suffix: _unencrypted version: 3.12.1