diff --git a/config/hosts/samhain/configuration.nix b/config/hosts/samhain/configuration.nix index 7df33dd0..6bcbcdff 100644 --- a/config/hosts/samhain/configuration.nix +++ b/config/hosts/samhain/configuration.nix @@ -2,100 +2,17 @@ { imports = [ + ./hardware.nix ../../services/zfs.nix - ./hardware.nix ../../services/nginx.nix - ./thermal/thermal.nix + ./thermal + ./vm ./torrenting.nix ]; deploy.profiles = [ "gui" "sway" "kat" ]; deploy.ssh.host = "192.168.1.135"; - # libvirtd is used for our virtual machine - virtualisation.libvirtd = { - enable = true; - qemuOvmf = true; - qemuRunAsRoot = false; - onBoot = "ignore"; - onShutdown = "shutdown"; - }; - - # required for guest reboots with the 580 - boot.extraModulePackages = - [ (pkgs.linuxPackagesFor config.boot.kernelPackages.kernel).vendor-reset ]; - - # required groups for various intentions - users.users.kat.extraGroups = [ "libvirtd" "input" "qemu-libvirtd" ]; - - # video=efifb:off allows the 580 to be passed through regardless of being the boot display and allows the 560 to act as a console device - # pci=noats means that it doesn't kernel panic on my specific configuration - boot.kernelParams = [ - "amd_iommu=on" - "pci=noats" - "video=efifb:off" - ]; # eventually switch to vfio-pci.ids to replace the boot.initrd.preDeviceCommands block - boot.initrd.availableKernelModules = - [ "amdgpu" "vfio-pci" ]; # vfio-pci is required for pci passthrough - boot.kernelModules = - [ "i2c-dev" "kvm-amd" ]; # i2c-dev is required for DDC/CI for screenstub - - # this section makes vfio-pci be injected as the driver for the 580 and its audio thingy - # it should be replaced as mentioned with vfio-pci.ids - # the script provided: https://alexbakker.me/post/nixos-pci-passthrough-qemu-vfio.html can be used to find iommu groups - boot.initrd.preDeviceCommands = '' - DEVS="0000:26:00.0 0000:26:00.1" - for DEV in $DEVS; do - echo "vfio-pci" > /sys/bus/pci/devices/$DEV/driver_override - done - modprobe -i vfio-pci - ''; - - # rules are for: - # * monitor ddc/ci - # * input for qemu - # * rule for event-mouse (i hope?) - # * uinput rule - services.udev.extraRules = '' - SUBSYSTEM=="i2c-dev", GROUP="users", MODE="0660" - SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="fa58", ATTRS{idProduct}=="04d9", GROUP="users" - SUBSYSTEM=="misc", KERNEL=="uinput", OPTIONS+="static_node=uinput", MODE="0660", GROUP="uinput" - SUBSYSTEM=="input", ACTION=="add", DEVPATH=="/devices/virtual/input/*", MODE="0660", GROUP="qemu-libvirtd", RUN+="${ - pkgs.writeShellScript "mewdev" - "${pkgs.coreutils}/bin/echo 'c 13:* rw' > /sys/fs/cgroup/devices/machine.slice/machine-qemu*/devices.allow" - }" - ''; - - environment.systemPackages = [ - # pkgs.nur.repos.arc.packages.screenstub # for DDC/CI and input forwarding (currently disabled due to using changed source) - pkgs.arc.pkgs.scream-arc # for audio forwarding - pkgs.screenstub # for input handling - pkgs.ddcutil # for diagnostics on DDC/CI - pkgs.virt-manager # obvious reasons - ]; - - home-manager.users.kat = { - # audio for vm on startup - systemd.user.services = { - scream = { - Unit = { Description = "Scream - Audio forwarding from the VM."; }; - Service = { - ExecStart = - "${pkgs.arc.pkgs.scream-arc}/bin/scream -i virbr0 -o pulse"; - Restart = "always"; - }; - Install = { WantedBy = [ "default.target" ]; }; - }; - }; - }; - - # BusId is used to specify the graphics card used for X / lightdm / wayland - # BusId must be decimal conversion of the equivalent but matching the format, this was 0000:25:00.0 - services.xserver.deviceSection = lib.mkDefault '' - Option "TearFree" "true" - BusID "PCI:37:0:0" - ''; - # graphics tablet services.xserver.wacom.enable = true; diff --git a/config/hosts/samhain/thermal/thermal.nix b/config/hosts/samhain/thermal/default.nix similarity index 100% rename from config/hosts/samhain/thermal/thermal.nix rename to config/hosts/samhain/thermal/default.nix diff --git a/config/hosts/samhain/vm/default.nix b/config/hosts/samhain/vm/default.nix new file mode 100644 index 00000000..d88083c9 --- /dev/null +++ b/config/hosts/samhain/vm/default.nix @@ -0,0 +1,85 @@ +{ config, pkgs, lib, sources, witch, ... }: + +{ + # libvirtd is used for our virtual machine + virtualisation.libvirtd = { + enable = true; + qemuOvmf = true; + qemuRunAsRoot = false; + onBoot = "ignore"; + onShutdown = "shutdown"; + }; + + # required for guest reboots with the 580 + boot.extraModulePackages = + [ (pkgs.linuxPackagesFor config.boot.kernelPackages.kernel).vendor-reset ];# required groups for various intentions + users.users.kat.extraGroups = [ "libvirtd" "input" "qemu-libvirtd" ]; + + # video=efifb:off allows the 580 to be passed through regardless of being the boot display and allows the 560 to act as a console device + # pci=noats means that it doesn't kernel panic on my specific configuration + boot.kernelParams = [ + "amd_iommu=on" + "pci=noats" + "video=efifb:off" + ]; # eventually switch to vfio-pci.ids to replace the boot.initrd.preDeviceCommands block + boot.initrd.availableKernelModules = + [ "amdgpu" "vfio-pci" ]; # vfio-pci is required for pci passthrough + boot.kernelModules = + [ "i2c-dev" "kvm-amd" ]; # i2c-dev is required for DDC/CI for screenstub + + # this section makes vfio-pci be injected as the driver for the 580 and its audio thingy + # it should be replaced as mentioned with vfio-pci.ids + # the script provided: https://alexbakker.me/post/nixos-pci-passthrough-qemu-vfio.html can be used to find iommu groups + boot.initrd.preDeviceCommands = '' + DEVS="0000:26:00.0 0000:26:00.1" + for DEV in $DEVS; do + echo "vfio-pci" > /sys/bus/pci/devices/$DEV/driver_override + done + modprobe -i vfio-pci + ''; + + # rules are for: + # * monitor ddc/ci + # * input for qemu + # * rule for event-mouse (i hope?) + # * uinput rule + services.udev.extraRules = '' + SUBSYSTEM=="i2c-dev", GROUP="users", MODE="0660" + SUBSYSTEM=="usb", ACTION=="add", ATTRS{idVendor}=="fa58", ATTRS{idProduct}=="04d9", GROUP="users" + SUBSYSTEM=="misc", KERNEL=="uinput", OPTIONS+="static_node=uinput", MODE="0660", GROUP="uinput" + SUBSYSTEM=="input", ACTION=="add", DEVPATH=="/devices/virtual/input/*", MODE="0660", GROUP="qemu-libvirtd", RUN+="${ + pkgs.writeShellScript "mewdev" + "${pkgs.coreutils}/bin/echo 'c 13:* rw' > /sys/fs/cgroup/devices/machine.slice/machine-qemu*/devices.allow" + }" + ''; + + environment.systemPackages = [ + # pkgs.nur.repos.arc.packages.screenstub # for DDC/CI and input forwarding (currently disabled due to using changed source) + pkgs.arc.pkgs.scream-arc # for audio forwarding + pkgs.screenstub # for input handling + pkgs.ddcutil # for diagnostics on DDC/CI + pkgs.virt-manager # obvious reasons + ]; + + home-manager.users.kat = { + # audio for vm on startup + systemd.user.services = { + scream = { + Unit = { Description = "Scream - Audio forwarding from the VM."; }; + Service = { + ExecStart = + "${pkgs.arc.pkgs.scream-arc}/bin/scream -i virbr0 -o pulse"; + Restart = "always"; + }; + Install = { WantedBy = [ "default.target" ]; }; + }; + }; + }; + + # BusId is used to specify the graphics card used for X / lightdm / wayland + # BusId must be decimal conversion of the equivalent but matching the format, this was 0000:25:00.0 + services.xserver.deviceSection = lib.mkDefault '' + Option "TearFree" "true" + BusID "PCI:37:0:0" + ''; +} \ No newline at end of file diff --git a/config/profiles/common/nixos/nix.nix b/config/profiles/common/nixos/nix.nix index 1f02e8ec..67bdcea3 100644 --- a/config/profiles/common/nixos/nix.nix +++ b/config/profiles/common/nixos/nix.nix @@ -7,7 +7,7 @@ nixpkgs.config = { allowUnfree = true; }; nix = { nixPath = [ - "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" + "nixpkgs=${sources.nixpkgs}" "nixpkgs-unstable=${sources.nixpkgs-unstable}" "nixpkgs-mozilla=${sources.nixpkgs-mozilla}" "NUR=${sources.NUR}" diff --git a/config/profiles/kat/home/shell.nix b/config/profiles/kat/home/shell.nix index 29fb3b75..b24ae0e5 100644 --- a/config/profiles/kat/home/shell.nix +++ b/config/profiles/kat/home/shell.nix @@ -9,6 +9,7 @@ "export SSH_AUTH_SOCK=(gpgconf --list-dirs agent-ssh-socket)" else ""} + fish_vi_key_bindings set -g fish_greeting "" ''; shellAliases = { nixdirfmt = "fd --color=never .nix | xargs nixfmt"; }; diff --git a/modules/home/default.nix b/modules/home/default.nix index 41356c0c..acc7c018 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -1,5 +1,8 @@ { sources, ... }: { - imports = [ (sources.tf-nix + "/modules/home/secrets.nix") ]; + imports = [ + (sources.tf-nix + "/modules/home/secrets.nix") + (sources.arc-nixexprs + "/modules/home/weechat.nix") + ]; } diff --git a/todo.org b/todo.org index 4c79dc7e..8bfb5c0e 100644 --- a/todo.org +++ b/todo.org @@ -1,20 +1,71 @@ * Tasks ** TODO Move virtual machine config into nixfiles +virsh edit win10-3, steal the XML, make a service, ... +https://nixos.wiki/wiki/Virtualization_in_NixOS#Okay.2C_Okay.2C_I.27ll_Do_It_Myself + ** TODO Add dork.dev to mailserver +Don't want to pay for fastmail. + ** TODO Migrate non-PGSQL services to PGSQL -** TODO Gitea theme + resources overwrite - See PBB gitea +bitwarden-rs, Gitea, ... + +** TODO Maybe restructure services away from hosts. +See PBB structure for services/. +https://git.petabyte.dev/petabyteboy/nixfiles/src/branch/main/services/ + +** TODO Gitea theme + resources overwrite +See PBB/milan gitea. +https://git.petabyte.dev/petabyteboy/nixfiles/src/branch/main/services/gitea/default.nix + ** TODO Move network config away from network manager. -** TODO Separate home-manager closure +network.wireless is good enough. nm-applet doesn't work on Sway anyway. + ** TODO Nixfiles working outside of NixOS, e.g. Fedora + macOS +Investigate build module for these systems. See: Investigate nix-darwin. + ** TODO Refactor Sway config for separate input/outputs on different systems +Each gui host should have their own sway config. + ** TODO Refactor waybar config for separate modules on different systems +Each gui host should have their own waybar config. + ** TODO Refactor Sway config for separate wallpapers on different systems as a result of the prior outputs change -** TODO Investigate nix-darwin -** TODO Investigate pipewire +Each gui host should have their own sway config. + ** TODO Fix function parameter headers +Too many excess unneccessary parameters. + ** TODO Syncplay server +Need to do SSL properly. Also set up salt + room passwords. + +** TODO Unfuckulate the weechat config +Move to arc's weechat module. +https://github.com/arcnmx/nixexprs/blob/f3f24ef4226a8ff3531d9a3e005c4993ed0d7ba2/modules/home/weechat.nix + +* Research + +** TODO Investigate nix-darwin +Mostly differences for deployment. Set up a macOS VM. .-. + +** TODO Investigate pipewire +Viable yet on NixOS? Probably not on 20.09 itself, but maybe... + +** TODO Investigate ncmpcpp +Need to build a music collection. + +** TODO Investigate further vimode stuff +Weechat, certainly. Fish vimode enabled. + +** TODO Crawl more nixfiles for new things / workflows +arc, milan, ... + ** TODO Investigate audio source switching (Arctis 5, integrated front, integrated back) +For arctis 5 to integrated probably paswitch. Rest is output switch. * Secrets handling ** TODO Bitwarden integration for secrets obtainment +Should be possible. Need to investigate alternate implementation (check arc's... for this) + +** TODO Split secrets usage in-store towards private config instead of embedding inside configs using a secrets file +Definitely doable.