diff --git a/flake.lock b/flake.lock index d69fba0..d97f924 100644 --- a/flake.lock +++ b/flake.lock @@ -157,6 +157,38 @@ } }, "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_4": { "locked": { "lastModified": 1733328505, "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", @@ -193,6 +225,24 @@ "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, + "locked": { + "lastModified": 1743550720, + "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_3" + }, "locked": { "lastModified": 1738453229, "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", @@ -207,7 +257,7 @@ "type": "github" } }, - "flake-parts_3": { + "flake-parts_4": { "inputs": { "nixpkgs-lib": [ "stylix", @@ -249,7 +299,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems_5" + "systems": "systems_4" }, "locked": { "lastModified": 1731533236, @@ -266,6 +316,24 @@ } }, "flake-utils_3": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { "inputs": { "systems": [ "stylix", @@ -308,7 +376,7 @@ "stylix", "flake-compat" ], - "gitignore": "gitignore", + "gitignore": "gitignore_2", "nixpkgs": [ "stylix", "nixpkgs" @@ -329,6 +397,28 @@ } }, "gitignore": { + "inputs": { + "nixpkgs": [ + "nur-xddxdd", + "pre-commit-hooks-nix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_2": { "inputs": { "nixpkgs": [ "stylix", @@ -489,6 +579,27 @@ "type": "github" } }, + "nix-index-database": { + "inputs": { + "nixpkgs": [ + "nur-xddxdd", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744518957, + "narHash": "sha256-RLBSWQfTL0v+7uyskC5kP6slLK1jvIuhaAh8QvB75m4=", + "owner": "nix-community", + "repo": "nix-index-database", + "rev": "4fc9ea78c962904f4ea11046f3db37c62e8a02fd", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nix-index-database", + "type": "github" + } + }, "nixcord": { "inputs": { "flake-compat": "flake-compat", @@ -526,6 +637,22 @@ "type": "github" } }, + "nixpkgs-24_05": { + "locked": { + "lastModified": 1735563628, + "narHash": "sha256-OnSAY7XDSx7CtDoqNh8jwVwh4xNL/2HaJxGjryLWzX8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b134951a4c9f3c995fd7be05f3243f8ecd65d798", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.05", + "repo": "nixpkgs", + "type": "github" + } + }, "nixpkgs-lib": { "locked": { "lastModified": 1740877520, @@ -542,6 +669,21 @@ } }, "nixpkgs-lib_2": { + "locked": { + "lastModified": 1743296961, + "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs-lib_3": { "locked": { "lastModified": 1738452942, "narHash": "sha256-vJzFZGaCpnmo7I6i416HaBLpC+hvcURh/BQwROcGIp8=", @@ -680,12 +822,12 @@ }, "nur": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_4", "nixpkgs": [ "stylix", "nixpkgs" ], - "treefmt-nix": "treefmt-nix_2" + "treefmt-nix": "treefmt-nix_3" }, "locked": { "lastModified": 1740408283, @@ -701,17 +843,43 @@ "type": "github" } }, - "nvf": { + "nur-xddxdd": { "inputs": { "flake-parts": "flake-parts_2", - "flake-utils": "flake-utils", + "nix-index-database": "nix-index-database", + "nixpkgs": [ + "nixpkgs" + ], + "nixpkgs-24_05": "nixpkgs-24_05", + "nvfetcher": "nvfetcher", + "pre-commit-hooks-nix": "pre-commit-hooks-nix", + "treefmt-nix": "treefmt-nix_2" + }, + "locked": { + "lastModified": 1744798043, + "narHash": "sha256-Z4bd90BOo7b6uD6mJ/dbwqVg8RkXPQVDgA9ujT+mzMA=", + "owner": "xddxdd", + "repo": "nur-packages", + "rev": "c536bd168abfac67e027fe51707ddb502e218ed6", + "type": "github" + }, + "original": { + "owner": "xddxdd", + "repo": "nur-packages", + "type": "github" + } + }, + "nvf": { + "inputs": { + "flake-parts": "flake-parts_3", + "flake-utils": "flake-utils_2", "mnw": "mnw", "nil": "nil", "nixpkgs": [ "nixpkgs" ], "nmd": "nmd", - "systems": "systems_4" + "systems": "systems_5" }, "locked": { "lastModified": 1741477095, @@ -727,6 +895,52 @@ "type": "github" } }, + "nvfetcher": { + "inputs": { + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils", + "nixpkgs": [ + "nur-xddxdd", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1732501185, + "narHash": "sha256-Z0BpHelaGQsE5VD9hBsBHsvMU9h+Xt0kfkDJyFivZOU=", + "owner": "berberman", + "repo": "nvfetcher", + "rev": "bdb14eab6fe9cefc29efe01e60c3a3f616d6b62a", + "type": "github" + }, + "original": { + "owner": "berberman", + "repo": "nvfetcher", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": "flake-compat_3", + "gitignore": "gitignore", + "nixpkgs": [ + "nur-xddxdd", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1742649964, + "narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", @@ -736,6 +950,7 @@ "nixcord": "nixcord", "nixpkgs": "nixpkgs_4", "nixpkgs-stable": "nixpkgs-stable", + "nur-xddxdd": "nur-xddxdd", "nvf": "nvf", "somcli": "somcli", "stylix": "stylix" @@ -765,7 +980,7 @@ }, "somcli": { "inputs": { - "flake-utils": "flake-utils_2", + "flake-utils": "flake-utils_3", "naersk": "naersk", "nixpkgs": "nixpkgs_6" }, @@ -790,14 +1005,14 @@ "base16-helix": "base16-helix", "base16-vim": "base16-vim", "firefox-gnome-theme": "firefox-gnome-theme", - "flake-compat": "flake-compat_2", - "flake-utils": "flake-utils_3", + "flake-compat": "flake-compat_4", + "flake-utils": "flake-utils_4", "git-hooks": "git-hooks", "gnome-shell": "gnome-shell", "home-manager": "home-manager_2", "nixpkgs": "nixpkgs_7", "nur": "nur", - "systems": "systems_6", + "systems": "systems_7", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", @@ -907,6 +1122,21 @@ "type": "github" } }, + "systems_7": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "tinted-foot": { "flake": false, "locked": { @@ -1008,6 +1238,27 @@ } }, "treefmt-nix_2": { + "inputs": { + "nixpkgs": [ + "nur-xddxdd", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744707583, + "narHash": "sha256-IPFcShGro/UUp8BmwMBkq+6KscPlWQevZi9qqIwVUWg=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "49d05555ccdd2592300099d6a657cc33571f4fe0", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt-nix_3": { "inputs": { "nixpkgs": [ "stylix", diff --git a/flake.nix b/flake.nix index d860cfc..5075e4d 100644 --- a/flake.nix +++ b/flake.nix @@ -31,6 +31,10 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; # build error unrelated to config. nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11-small"; # build error unrelated to config. flake-parts.url = "github:hercules-ci/flake-parts"; + nur-xddxdd = { # FIXME: Used by flaresolverr as the nixpkgs version is broken. + url = "github:xddxdd/nur-packages"; + inputs.nixpkgs.follows = "nixpkgs"; + }; hm = { url = "github:nix-community/home-manager/master"; @@ -53,5 +57,6 @@ }; agenix.url = "github:ryantm/agenix"; + }; } diff --git a/hosts/lapserv/default.nix b/hosts/lapserv/default.nix index 3a5013f..69b99ee 100644 --- a/hosts/lapserv/default.nix +++ b/hosts/lapserv/default.nix @@ -3,7 +3,19 @@ ./hardware-configuration.nix ]; - niksos.server = true; + niksos = { + server = true; + graphics.nvidia = true; + graphics.intel = true; + }; + + services.immich = { + # settings.ffmepg.accel = "nvenc"; + settings.ffmpeg.preferredHwDevice = "/dev/dri/renderD128"; + accelerationDevices = [ + "/dev/dri/renderD128" + ]; + }; systemd.sleep.extraConfig = '' AllowSuspend=no diff --git a/secrets/transfer-sh.age b/secrets/transfer-sh.age index 6674fcd..35c4361 100644 Binary files a/secrets/transfer-sh.age and b/secrets/transfer-sh.age differ diff --git a/system/hardware/commonGraphics.nix b/system/hardware/commonGraphics.nix deleted file mode 100644 index 33907ba..0000000 --- a/system/hardware/commonGraphics.nix +++ /dev/null @@ -1,16 +0,0 @@ -{pkgs, ...}: { - hardware.graphics = { - enable = true; - enable32Bit = true; - - extraPackages = with pkgs; [ - libva - vaapiVdpau - libvdpau-va-gl - ]; - extraPackages32 = with pkgs.pkgsi686Linux; [ - vaapiVdpau - libvdpau-va-gl - ]; - }; -} diff --git a/system/hardware/default.nix b/system/hardware/default.nix index edf898b..36678f4 100644 --- a/system/hardware/default.nix +++ b/system/hardware/default.nix @@ -3,7 +3,7 @@ imports = [ ./bluetooth.nix - ./commonGraphics.nix + ./graphics.nix ./fingerprint.nix ./fwupd.nix ]; diff --git a/system/hardware/graphics.nix b/system/hardware/graphics.nix new file mode 100644 index 0000000..7683306 --- /dev/null +++ b/system/hardware/graphics.nix @@ -0,0 +1,59 @@ +{ + config, + pkgs, + lib, + ... +}: let + inherit (lib) optionals mkEnableOption mkDefault; + + graphics = config.niksos.graphics; + enable = graphics.enable; + nvidia = graphics.enable && graphics.nvidia; + intel = graphics.enable && graphics.intel; + +in { + options.niksos.graphics = { + enable = mkEnableOption "core graphics"; + intel = mkEnableOption "additional intel drivers"; + nvidia = mkEnableOption "additoinal nvidia drivers"; + }; + + config = { + niksos.graphics.enable = mkDefault true; + + hardware.graphics = { + inherit enable; + enable32Bit = enable; + extraPackages = with pkgs; + [ + libva + vaapiVdpau + libvdpau-va-gl + ] + ++ optionals intel [ + pkgs.intel-media-driver + ] + ++ optionals nvidia [ + nvidia-vaapi-driver + ]; + extraPackages32 = with pkgs.pkgsi686Linux; + [ + libva + vaapiVdpau + libvdpau-va-gl + ] + ++ optionals intel [ + pkgs.pkgsi686Linux.intel-media-driver + ] + ++ optionals nvidia [ + pkgs.pkgsi686Linux.nvidia-vaapi-driver + ]; + }; + + hardware.nvidia = { + modesetting.enable = nvidia; + open = false; + }; + services.xserver.videoDrivers = optionals nvidia ["nvidia"]; + }; +} diff --git a/system/server/default.nix b/system/server/default.nix index 658cbb3..fff9e3d 100644 --- a/system/server/default.nix +++ b/system/server/default.nix @@ -1,4 +1,4 @@ {lib, ...}: { - imports = [./caddy.nix ./transfer-sh.nix ./seafile.nix ./bot.nix]; + imports = [./caddy.nix ./transfer-sh.nix ./seafile.nix ./bot.nix ./immich.nix]; options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option. } diff --git a/system/server/immich.nix b/system/server/immich.nix new file mode 100644 index 0000000..164c1e1 --- /dev/null +++ b/system/server/immich.nix @@ -0,0 +1,57 @@ +{config, lib, ...}: let + cfg = config.niksos.server; +in { + services.immich = { + enable = cfg; + + port = 9002; + machine-learning.enable = false; + + settings = { + server.externalDomain = "https://photos.jsw.tf"; + ffmpeg = { + crf = 23; + threads = 0; + preset = "ultrafast"; + targetVideoCodec = "h264"; + acceptedVideoCodecs = [ + "h264" + ]; + targetAudioCodec = "aac"; + acceptedAudioCodecs = [ + "aac" + "mp3" + "libopus" + "pcm_s16le" + ]; + acceptedContainers = [ + "mov" + "ogg" + "webm" + ]; + targetResolution = "720"; + maxBitrate = "0"; + bframes = -1; + refs = 0; + gopSize = 0; + temporalAQ = false; + cqMode = "auto"; + twoPass = false; + preferredHwDevice = lib.mkDefault "auto"; + transcode = "all"; + tonemap = "hable"; + accel = lib.mkDefault "vaapi"; + accelDecode = true; + }; + }; + + accelerationDevices = lib.mkDefault null; + }; + users.users.immich.extraGroups = lib.mkIf cfg ["video" "render"]; + + services.caddy.virtualHosts."photos.jsw.tf" = { + extraConfig = '' + reverse_proxy localhost:9002 + ''; + }; +} diff --git a/system/server/seafile.nix b/system/server/seafile.nix index b47ae59..42ad462 100644 --- a/system/server/seafile.nix +++ b/system/server/seafile.nix @@ -1,4 +1,9 @@ -{config, inputs, pkgs, ...}:{ +{ + config, + inputs, + pkgs, + ... +}: { services.seafile = { enable = config.niksos.server; seahubPackage = inputs.nixpkgs-stable.legacyPackages.${pkgs.system}.seahub; @@ -10,21 +15,21 @@ ccnetSettings.General.SERVICE_URL = "https://files.jsw.tf"; seahubExtraConf = '' -ALLOWED_HOSTS = ['.files.jsw.tf'] -CSRF_COOKIE_SECURE = True -CSRF_COOKIE_SAMESITE = 'Strict' -CSRF_TRUSTED_ORIGINS = ['https://files.jsw.tf', 'https://www.files.jsw.tf'] + ALLOWED_HOSTS = ['.files.jsw.tf'] + CSRF_COOKIE_SECURE = True + CSRF_COOKIE_SAMESITE = 'Strict' + CSRF_TRUSTED_ORIGINS = ['https://files.jsw.tf', 'https://www.files.jsw.tf'] -SITE_NAME = "JSW Cloud" -SITE_TITLE = "JSW Cloud" + SITE_NAME = "JSW Cloud" + SITE_TITLE = "JSW Cloud" ''; seafileSettings = { quota.default = 30; history.keep_days = 40; library_trash.expire_days = 14; fileserver = { - host = "unix:/run/seafile/server.sock"; - web_token_expire_time = 14400; # 4 hours + host = "unix:/run/seafile/server.sock"; + web_token_expire_time = 14400; # 4 hours }; }; }; @@ -32,12 +37,12 @@ SITE_TITLE = "JSW Cloud" services.caddy.virtualHosts."files.jsw.tf" = { # serverAliases = ["www.share.jsw.tf"]; extraConfig = '' - handle_path /seafhttp/* { - reverse_proxy * unix//run/seafile/server.sock - } - handle_path /* { - reverse_proxy * unix//run/seahub/gunicorn.sock - } + handle_path /seafhttp/* { + reverse_proxy * unix//run/seafile/server.sock + } + handle_path /* { + reverse_proxy * unix//run/seahub/gunicorn.sock + } ''; }; }