xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

some stuff

Browse source
This commit is contained in:
xunuwu 2024-05-10 19:39:17 +02:00
parent 68bee9a3aa
commit cd8343c0c4
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
38 changed files with 992 additions and 206 deletions
Download patch file Download diff file Expand all files Collapse all files

17
hosts/default.nix
View file

@ -2,6 +2,7 @@
self,
inputs,
homeImports,
lib,
...
}: let
specialArgs = {
@ -18,6 +19,16 @@ in {
config.allowUnfree = true;
};
nodeNixpkgs = {
nixdesk = import inputs.nixpkgs {
system = "x86_64-linux";
config = {
allowUnfree = true;
rocmSupport = true;
};
};
};
inherit specialArgs;
};
nixdesk = {
@ -37,7 +48,7 @@ in {
"${mod}/services/virt/podman.nix"
"${mod}/services/virt/waydroid.nix"
"${mod}/services/virt/distrobox.nix"
"${mod}/services/ollama.nix"
#"${mod}/services/ollama.nix"
"${mod}/desktop/x11/nosleep.nix"
"${mod}/programs/gamemode.nix"
@ -84,10 +95,6 @@ in {
#"${mod}/services/containers/server"
"${mod}/services/containers/experimental"
#"${mod}/services/networkd-wireguard.nix"
#"${mod}/services/wireguard.nix"
#"${mod}/services/transmission.nix"
{
home-manager = {
users.xun.imports = homeImports."xun@hopper";

156
hosts/hopper/brawlstats.nix Normal file
View file

@ -0,0 +1,156 @@
{
pkgs,
lib,
config,
...
}: {
networking.firewall.allowedTCPPorts = [4444];
systemd.sockets."brawlstats-web" = {
wantedBy = ["sockets.target"];
socketConfig = {
ListenStream = "4444";
TriggerLimitIntervalSec = 0;
Accept = "yes";
};
};
systemd.services."brawlstats-web@" = {
serviceConfig = {
StandardInput = "socket";
ExecStart = "${pkgs.writeShellScript "brawlstats-web.sh" ''
parameters=$(head -n1 | ${lib.getExe pkgs.gawk} '{print $2}' | ${lib.getExe pkgs.gnused} 's/%20/ /g')
response=""
tosvg() {
${lib.getExe pkgs.gnuplot} -c ${pkgs.writeText "gnuplotcmds" ''
set xdata time
set timefmt '%Y%m%dT%H%M%S.000Z'
set format x '%H:%M'
set xlabel 'Time'
set ylabel 'Trophies'
set term svg
plot "/dev/stdin" using 1:2 with linespoints title 'Data'
''} # 2>/dev/null
}
case ''${parameters:1} in
total*)
id=$(echo $parameters | ${lib.getExe pkgs.gawk} '{print $2}')
trophies=$(cat "/var/lib/brawlstats/$id-player.json" | ${lib.getExe pkgs.jq} '.trophies')
response=$(${lib.getExe pkgs.jq} -r \
"sort_by(.battleTime)
| reverse | .[]
| .battleTime, .battle.trophyChange" "/var/lib/brawlstats/$id-log.json" \
| paste - - \
| ${lib.getExe pkgs.gawk} -v total=$trophies '{total -= $2; $2 = total}2' \
| tosvg)
;;
brawler*)
id=$(echo $parameters | ${lib.getExe pkgs.gawk} '{print $2}')
brawler=$(echo $parameters | ${lib.getExe pkgs.gawk} '{print $3}')
response=$(${lib.getExe pkgs.jq} -r \
"sort_by(.battleTime)
| reverse
| map (select (.. | .tag? == \"#$id\" and .brawler.name == \"$brawler\")).[]
| .battleTime,
(.battle | (.teams[]?,.players) | select(.)[] | select(.tag == \"#$id\") | .brawler.trophies) + .battle.trophyChange" "/var/lib/brawlstats/$id-log.json" \
| paste - - \
| tosvg)
#reponse=$(${lib.getExe pkgs.jq} -r \
# "sort_by(.battleTime)
# | reverse
# | map (select (.. | .tag? == \"#$id\" and .brawler.name == \"$brawler\")).[]
# | .battleTime,
# (.battle | (.teams[]?,.players) | select(.)[] | select(.tag == \"#$id\") | .brawler.trophies) + .battle.trophyChange" \
# "/var/lib/brawlstats/$id-log.json" \
# | paste - - \
# | tosvg)
#echo $response
;;
*)
response="parameters: $parameters | firstparam: $(echo "$parameters" | ${lib.getExe pkgs.gawk} '{print $1}')"
;;
esac
#file="/var/lib/brawlstats/output.svg"
echo -e "HTTP/1.1 200 OK\r\nContent-Length: $(echo "$response" | wc -c)\r\nContent-Type: text/html\r\n\r\n$response"
#echo $endpoint
#cat "$file"
#while read -r LINE
#do
# echo "$LINE"
# [ -z "$LINE" ] && break
#done
''}";
};
};
systemd.timers."brawlstats" = {
wantedBy = ["timers.target"];
timerConfig = {
OnCalendar = "*:0/30";
Unit = "brawlstats.service";
};
};
systemd.services."brawlstats" = {
serviceConfig = {
Type = "oneshot";
User = "root";
StateDirectory = "brawlstats";
PrivateTmp = true;
LoadCredential = "apitoken:${config.sops.secrets.brawlstars-api-key.path}";
Environment = "TOKEN=%d/apitoken";
ExecStart = "${pkgs.writeShellScript "brawlstats.sh" ''
TOKEN=$(cat $TOKEN)
cd "$STATE_DIRECTORY"
ids=("VLJY22GY" "VLJV2CYL")
for id in ''${ids[@]}; do
echo "id: $id"
sleep 1
battlelogout=$(mktemp)
${lib.getExe pkgs.curl} -H "Authorization: Bearer $TOKEN" "https://api.brawlstars.com/v1/players/%23$id/battlelog" | ${lib.getExe pkgs.jq} '[.items[]]' > "$battlelogout"
sleep 1
${lib.getExe pkgs.curl} -H "Authorization: Bearer $TOKEN" "https://api.brawlstars.com/v1/players/%23$id" > "$id-player.json"
if [ ! -s "$battlelogout" ]; then
echo "battlelogout is empty"
rm "$battlelogout"
continue
fi
if [ ! -s "$id-player.json" ]; then
echo "$id-player.json is empty"
continue
fi
tmplog=$(mktemp)
cat "$battlelogout" "$id-log.json" | ${lib.getExe pkgs.jq} -s 'add | unique' > "$tmplog"
cat "$tmplog" > "$id-log.json"
rm -f "$tmplog"
rm -f "$battlelogout"
# create backup
cp "$id-log.json" "$id-log-$(date +'%s').json"
# remove old backups
find . -type f -name "$id-log-*.json" | sort | head -n -5 | xargs -r rm
done
''}";
};
};
}

1
hosts/hopper/default.nix
View file

@ -4,6 +4,7 @@
common-pc-hdd
./hardware.nix
./brawlstats.nix
];
networking.hostName = "hopper";

13
hosts/liveiso/sway.nix
View file

@ -7,14 +7,11 @@
enable = true;
};
services.xserver = {
enable = true;
displayManager = {
sddm.enable = true;
autoLogin = {
enable = true;
user = "nixos";
};
services.displayManager = {
sddm.enable = true;
autoLogin = {
enable = true;
user = "nixos";
};
};
}

5
hosts/nixdesk/default.nix
View file

@ -1,13 +1,10 @@
{
pkgs,
inputs,
lib,
...
}: {
imports = [
inputs.hardware.nixosModules.common-cpu-amd
inputs.hardware.nixosModules.common-gpu-amd
inputs.hardware.nixosModules.common-pc-ssd
./hardware.nix
];

37
hosts/nixdesk/gigabyte-b550-fix.nix Normal file
View file

@ -0,0 +1,37 @@
{
pkgs,
lib,
...
}: {
# From https://github.com/NixOS/nixos-hardware/blob/master/gigabyte/b550/b550-fix-suspend.nix using until
# it has been merged into the flake.
systemd.services.bugfixSuspend-GPP0 = {
enable = lib.mkDefault true;
description = "Fix crash on wakeup from suspend/hibernate (b550 bugfix)";
unitConfig = {
Type = "oneshot";
};
serviceConfig = {
User = "root"; # root may not be necessary
# check for gppN, disable if enabled
# lifted from https://www.reddit.com/r/gigabyte/comments/p5ewjn/comment/ksbm0mb/ /u/Demotay
ExecStart = "-${pkgs.bash}/bin/bash -c 'if grep 'GPP0' /proc/acpi/wakeup | grep -q 'enabled'; then echo 'GPP0' > /proc/acpi/wakeup; fi'";
RemainAfterExit = "yes"; # required to not toggle when `nixos-rebuild switch` is ran
};
wantedBy = ["multi-user.target"];
};
systemd.services.bugfixSuspend-GPP8 = {
enable = lib.mkDefault true;
description = "Fix crash on wakeup from suspend/hibernate (b550 bugfix)";
unitConfig = {
Type = "oneshot";
};
serviceConfig = {
User = "root";
ExecStart = "-${pkgs.bash}/bin/bash -c 'if grep 'GPP8' /proc/acpi/wakeup | grep -q 'enabled'; then echo 'GPP8' > /proc/acpi/wakeup; fi'";
RemainAfterExit = "yes";
};
wantedBy = ["multi-user.target"];
};
}

8
hosts/nixdesk/hardware.nix
View file

@ -1,4 +1,10 @@
{...}: {
{inputs, ...}: {
imports = [
inputs.hardware.nixosModules.common-cpu-amd
inputs.hardware.nixosModules.common-gpu-amd
inputs.hardware.nixosModules.common-pc-ssd
./gigabyte-b550-fix.nix
];
boot = {
initrd = {
availableKernelModules = [

94
hosts/nixdesk/jellyfin.nix Normal file
View file

@ -0,0 +1,94 @@
{config, ...}: {
security.acme = {
acceptTerms = true;
defaults = {
email = "xunuwu@gmail.com";
reloadServices = ["podman-caddy.service"];
};
certs = {
"xun.cam" = {
dnsProvider = "cloudflare";
credentialFiles = {
CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path;
};
extraDomainNames = ["jellyfin.desktop.xun.cam"];
};
};
};
virtualisation.podman = {
enable = true;
autoPrune.enable = true;
dockerSocket.enable = true;
};
systemd.tmpfiles.rules = [
"d /media/config/caddy/data 0750 root root -"
"d /media/config/caddy/config 0750 root root -"
"d /media/config/jellyfin/config 0750 root root -"
"d /media/config/jellyfin/cache 0750 root root -"
"d /media/library 0750 root root -"
];
virtualisation.oci-containers = {
backend = "podman";
containers = {
gluetun = {
image = "qmcgaw/gluetun:v3";
volumes = [
"${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf"
];
ports = [
## This bypasses the firewall
## use 127.0.0.1:XXXX:XXXX if you only want it to be accessible locally
"8096:8096" # jellyfin local network
"60926:60926" # jellyfin
];
environment = {
VPN_SERVICE_PROVIDER = "airvpn";
VPN_TYPE = "wireguard";
SERVER_COUNTRIES = "Netherlands";
FIREWALL_VPN_INPUT_PORTS = "60926";
};
extraOptions = [
"--cap-add=NET_ADMIN"
"--device=/dev/net/tun:/dev/net/tun"
];
};
jellyfin = {
image = "jellyfin/jellyfin";
volumes = [
"/media/config/jellyfin/config:/config"
"/media/config/jellyfin/cache:/cache"
"/media/library:/library"
];
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
"--device=/dev/dri:/dev/dri"
];
};
caddy = {
image = "caddy";
volumes = [
"${builtins.toFile "Caddyfile" ''
https://jellyfin.desktop.xun.cam:60926 {
tls /etc/ssl/certs/xun.cam/cert.pem /etc/ssl/certs/xun.cam/key.pem
reverse_proxy localhost:8096
}
''}:/etc/caddy/Caddyfile"
"/var/lib/acme/xun.cam:/etc/ssl/certs/xun.cam"
"/media/config/caddy/data:/data"
"/media/config/caddy/config:/config"
];
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
];
};
};
};
}