diff --git a/flake.lock b/flake.lock index bd9a620..10c0e55 100644 --- a/flake.lock +++ b/flake.lock @@ -1,12 +1,15 @@ { "nodes": { "flake-utils": { + "inputs": { + "systems": "systems" + }, "locked": { - "lastModified": 1676283394, - "narHash": "sha256-XX2f9c3iySLCw54rJ/CZs+ZK6IQy7GXNY4nSOyu2QG4=", + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "owner": "numtide", "repo": "flake-utils", - "rev": "3db36a8b464d0c4532ba1c7dda728f4576d6d073", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "type": "github" }, "original": { @@ -19,15 +22,14 @@ "inputs": { "nixpkgs": [ "nixpkgs" - ], - "utils": "utils" + ] }, "locked": { - "lastModified": 1676367705, - "narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=", + "lastModified": 1739051380, + "narHash": "sha256-p1QSLO8DJnANY+ppK7fjD8GqfCrEIDjso1CSRHsXL7Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5", + "rev": "5af1b9a0f193ab6138b89a8e0af8763c21bbf491", "type": "github" }, "original": { @@ -38,11 +40,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1676569297, - "narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=", + "lastModified": 1739020877, + "narHash": "sha256-mIvECo/NNdJJ/bXjNqIh8yeoSjVLAuDuTUzAo7dzs8Y=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37", + "rev": "a79cfe0ebd24952b580b1cf08cd906354996d547", "type": "github" }, "original": { @@ -53,11 +55,11 @@ }, "nixpkgs_stable": { "locked": { - "lastModified": 1677779205, - "narHash": "sha256-6DBjL9wjq86p2GczmwnHtFRnWPBPItc67gapWENBgX8=", + "lastModified": 1688392541, + "narHash": "sha256-lHrKvEkCPTUO+7tPfjIcb7Trk6k31rz18vkyqmkeJfY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "96e18717904dfedcd884541e5a92bf9ff632cf39", + "rev": "ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b", "type": "github" }, "original": { @@ -74,18 +76,18 @@ "nixpkgs_stable": "nixpkgs_stable" } }, - "utils": { + "systems": { "locked": { - "lastModified": 1667395993, - "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", "type": "github" }, "original": { - "owner": "numtide", - "repo": "flake-utils", + "owner": "nix-systems", + "repo": "default", "type": "github" } } diff --git a/flake.nix b/flake.nix index ba537a2..73f5fa5 100644 --- a/flake.nix +++ b/flake.nix @@ -8,24 +8,16 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + tachikoma = { + url = "git+https://forge.room409.xyz/miloignis/tachikoma.git"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + flake-utils.url = "github:numtide/flake-utils"; - - # Required for making sure that Pi-hole continures running if the executing user has no active session - #linger = { - #url = "github:mindsbackyard/linger-flake"; - #inputs.flake-utils.follows = "flake-utils"; - #}; - - #pihole = { - #url = "github:mindsbackyard/pihole-flake"; - #inputs.nixpkgs.follows = "nixpkgs"; - #inputs.flake-utils.follows = "flake-utils"; - #inputs.linger.follows = "linger"; - #}; }; - outputs = { self, nixpkgs, nixpkgs_stable, home-manager, flake-utils }@attrs: + outputs = { self, nixpkgs, nixpkgs_stable, home-manager, tachikoma, flake-utils }@attrs: let system = "x86_64-linux"; in { @@ -33,11 +25,8 @@ inherit system; specialArgs = attrs; modules = [ - # make the module declared by linger flake available to our config - #linger.nixosModules.${system}.default - #pihole.nixosModules.${system}.default - home-manager.nixosModules.home-manager + tachikoma.nixosModules.default ./home_manager.nix ./panam.nix ]; diff --git a/panam.nix b/panam.nix index a829eda..b520eb0 100644 --- a/panam.nix +++ b/panam.nix @@ -13,17 +13,17 @@ fileSystems."/boot" = { device = "/dev/disk/by-uuid/BE49-6634"; fsType = "vfat"; }; swapDevices = [ { device = "/dev/disk/by-uuid/9b8aa223-f67b-4c1a-9161-a3daec3dfefc"; } ]; # Mounted data drives for use by glusterfs - fileSystems."/data/brick1" = { device = "/dev/disk/by-label/gfs_ssd1"; fsType = "xfs"; }; + #fileSystems."/data/brick1" = { device = "/dev/disk/by-label/gfs_ssd1"; fsType = "xfs"; }; fileSystems."/data/brick2" = { device = "/dev/disk/by-label/gfs_hdd1"; fsType = "xfs"; }; fileSystems."/data/brick3" = { device = "/dev/disk/by-label/gfs_hdd2"; fsType = "xfs"; }; # Glusterfs shared storage #fileSystems."/ghost_in_the_stream" = { device = "panam:/gv0"; fsType = "glusterfs"; }; networking.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display - hardware.video.hidpi.enable = lib.mkDefault true; + #hardware.video.hidpi.enable = lib.mkDefault true; boot.loader.systemd-boot.enable = true; @@ -57,67 +57,121 @@ }; # Pi Hole + docker setup - virtualisation.oci-containers.backend = "docker"; - virtualisation.docker.autoPrune.enable = true; + #virtualisation.oci-containers.backend = "docker"; + #virtualisation.docker.autoPrune.enable = true; - virtualisation.oci-containers.containers.pihole = { + #virtualisation.oci-containers.containers.pihole = { #image = "pihole/pihole:2023.02.2"; - image = "pihole/pihole:latest"; - ports = [ - "5353:53/udp" - "5353:53/tcp" - "9091:80/tcp" - ]; - volumes = [ - "/var/lib/pihole/:/etc/pihole/" - "/var/lib/dnsmasq.d:/etc/dnsmasq.d" - ]; - environment = { - TZ = config.time.timeZone; - WEB_PORT = "80"; - WEBPASSWORD = "critical"; - PIHOLE_DNS_ = "172.17.0.1"; - REV_SERVER = "true"; - REV_SERVER_DOMAIN = "pihole.local"; - REV_SERVER_TARGET = "192.168.1.1"; - REV_SERVER_CIDR = "192.168.1.0/16"; - DNSMASQ_LISTENING = "all"; + # image = "pihole/pihole:latest"; + # ports = [ + # "5353:53/udp" + # "5353:53/tcp" + # "9091:80/tcp" + # ]; + # volumes = [ + # "/var/lib/pihole/:/etc/pihole/" + # "/var/lib/dnsmasq.d:/etc/dnsmasq.d" + # ]; + # environment = { + # TZ = config.time.timeZone; + # WEB_PORT = "80"; + # WEBPASSWORD = "critical"; + # PIHOLE_DNS_ = "9.9.9.9;2620:fe::fe"; + # REV_SERVER = "true"; + # REV_SERVER_DOMAIN = "pihole.local"; + # REV_SERVER_TARGET = "192.168.4.1"; + # REV_SERVER_CIDR = "192.168.4.0/16"; + # DNSMASQ_LISTENING = "local"; + # VIRTUAL_HOST = "pi.hole"; + # }; + # extraOptions = [ + # "--add-host=host.docker.internal:host-gateway" + # ]; + #}; + #systemd.services."docker-pihole".postStart = '' + # while ! docker ps | grep pihole; do + # sleep 10s + # echo "Waiting on containers" + # done + # sleep 30s + + # docker exec pihole pihole -a adlist add "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" + # docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/AdguardDNS.txt" + # docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easylist.txt" + # docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easyprivacy.txt" + + # docker exec pihole pihole -g + # ''; + + + # Adguard Home + services.adguardhome = { + enable = true; + mutableSettings = true; + openFirewall = true; + settings = { + http = { + address = "127.0.0.1:3000"; + }; + dns = { + upstream_dns = [ + "9.9.9.9#dns.quad9.net" + "1.1.1.1" + ]; + }; + filtering = { + protection_enabled = true; + filtering_enabled = true; + parental_enabled = false; + safe_search = { + enabled = false; + }; + }; }; - extraOptions = [ - "--add-host=host.docker.internal:host-gateway" - ]; }; - systemd.services."docker-pihole".postStart = '' - while ! docker ps | grep pihole; do - sleep 10s - echo "Waiting on containers" - done - sleep 30s - - docker exec pihole pihole -a adlist add "https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt" - docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/AdguardDNS.txt" - docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easylist.txt" - docker exec pihole pihole -a adlist add "https://v.firebog.net/hosts/Easyprivacy.txt" - - docker exec pihole pihole -g - ''; - # Enable flatpak for installing/running steam link software services.flatpak.enable = true; # testing services.jellyfin.enable = true; + services.tachikoma = { + enable = true; + user = "nathan"; + config = '' + id = "panam" + database_prefix = "/home/nathan/tachikoma_db" + adam_smasher_your_io_bandwidth = false + reset_interval = 300 + port = 8080 + + [shares.default] + serve = [ "/data/brick1", "/data/brick2", "/data/brick3", "/home/videos" ] + avoid = [ "/data/brick2/grey_share", "/data/brick2/staging", "/data/brick2/cache", "data/brick2/Angel Cop - Remastered", "/data/brick2/Gunbuster - The Complete OVA Series", "/data/brick2/Iria - Zeiram the Animation/", "/data/brick2/Record of Lodoss War- Chronicles of the Heroic Knight" ] + download_dir = "/data/brick2/cache" + mount_point = "/fuse_mount" # this is optional, remove if you don't want to FUSE + max_delete = 30 + [shares.a_darker_shade_of_grey] + serve = [ "/data/brick2/grey_share" ] + max_delete = 30 + ''; + }; + programs.fuse.userAllowOther = true; + security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; + alsa.support32Bit = true; pulse.enable = true; }; services.dbus.enable = true; xdg.portal = { enable = true; wlr.enable = true; - extraPortals = [pkgs.xdg-desktop-portal-gtk ]; - gtkUsePortal = true; + extraPortals = [ + pkgs.xdg-desktop-portal-gtk + pkgs.xdg-desktop-portal-kde + ]; + #gtkUsePortal = true; }; nixpkgs.overlays = [ ]; @@ -134,7 +188,7 @@ kanshi # autorandr bemenu # is this right? i3status - ffmpeg_5-full + ffmpeg_7-full ]; }; @@ -144,29 +198,34 @@ }; }; # For steam, and Vulkan in general - hardware.opengl.driSupport = true; - hardware.opengl.driSupport32Bit = true; nixpkgs.config.packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; - hardware.opengl = { + hardware.graphics = { enable = true; + enable32Bit = true; extraPackages = with pkgs; [ intel-media-driver - vaapiIntel + intel-vaapi-driver # previously vaapiIntel vaapiVdpau libvdpau-va-gl intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in) + vpl-gpu-rt # QSV on 11th gen or newer + intel-media-sdk # QSV up to 11th gen ]; }; - + programs.bash.shellAliases = { + steamlink = "flatpak run com.valvesoftware.SteamLink"; + }; environment.systemPackages = with pkgs; [ - tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop - firefox-wayland chromium gnome.nautilus - vlc steam transmission-gtk mupdf + tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall htop + firefox pkgs.nautilus vlc steam foot pavucontrol pywal - sway wayland glib dracula-theme gnome.adwaita-icon-theme wl-clipboard + sway wayland glib dracula-theme pkgs.adwaita-icon-theme wl-clipboard + pkgs.jellyfin + pkgs.jellyfin-web + pkgs.jellyfin-ffmpeg (pkgs.writeTextFile { name = "dbus-sway-environment"; destination = "/bin/dbus-sway-environment"; @@ -213,27 +272,5 @@ services.tailscale.enable = true; networking.firewall.enable = false; - #services.pihole = { - #enable = true; - #hostConfig = { - #user = "pihole"; - #enableLingeringForUser = true; - #persistVolumes = true; - #dnsPort = 5335; - #webPort = 8080; - #}; - #piholeConfig.ftl = { - #LOCAL_IPV4 = "192.168.4.200"; - #}; - #piholeConfig.web = { - #virtualHost = "pi.hole"; - #password = "password"; - #}; - #}; - - #networking.firewall.interfaces.eth0 = { - #allowedTCPPorts = [ 5335 8080 ]; - #allowedUDPPorts = [ 5335 ]; - #}; }) diff --git a/sway_config b/sway_config index d3ed41a..36913ec 100644 --- a/sway_config +++ b/sway_config @@ -11,16 +11,20 @@ font pango:Ubuntu Sans Mono 10 #exec systemctl --user import-environment XDG_SESSION_TYPE XDG_CURRENT_DESKTOP #exec dbus-update-activation-environment WAYLAND_DISPLAY -exec dbus-sway-environment exec configure-gtk +exec dbus-sway-environment # give sway a little time to startup before starting kanshi. exec sleep 5; systemctl --user start kanshi.service +xwayland enable + #When everything's wayland, maybe #output eDP-1 scale 2 #Output HDMI-A-1 'Goldstar Company Ltd LG TV SSCR2 0x00000101' output HDMI-A-1 mode 1920x1080@60Hz +#output HDMI-A-1 mode 4096x2160@30Hz + # reload the configuration file bindsym $mod+Shift+q reload @@ -172,17 +176,19 @@ input 9456:320:Metadot_-_Das_Keyboard_Das_Keyboard { # Start i3bar to display a workspace bar (plus the system information i3status # finds out, if available) -bar { - position top +#bar { +# position top # When the status_command prints a new line to stdout, swaybar updates. # The default just shows the current date and time. #status_command while date +'%Y-%m-%d %l:%M:%S %p'; do sleep 1; done - status_command i3status +# status_command i3status - colors { - statusline $color7 - background $color0 - inactive_workspace #32323200 #32323200 #5c5c5c - } -} +# colors { +# statusline $color7 +# background $color0 +# inactive_workspace #32323200 #32323200 #5c5c5c +# } +#} + +include /etc/sway/config.d/*