From fbe803b928783345d22486755daabef6cd57213f Mon Sep 17 00:00:00 2001 From: Raphael Date: Thu, 9 Oct 2025 00:09:26 +0200 Subject: [PATCH] style(nixfmt): formatting using nixfmt cli tools --- flake.nix | 98 ++--- .../modules/boot-m1n1/default.nix | 17 +- .../apple-silicon-support/modules/default.nix | 60 +-- .../modules/kernel/default.nix | 21 +- .../modules/mesa/default.nix | 66 ++-- .../modules/peripheral-firmware/default.nix | 65 ++-- .../modules/sound/default.nix | 124 ++++--- .../packages/alsa-ucm-conf-asahi/default.nix | 41 ++- .../packages/asahi-audio/default.nix | 7 +- .../packages/asahi-fwextract/default.nix | 13 +- .../packages/linux-asahi/default.nix | 205 +++++++---- .../packages/m1n1/default.nix | 104 +++--- .../packages/mesa-asahi-edge/default.nix | 90 +++-- .../packages/uboot-asahi/default.nix | 34 +- hosts/asahi/configuration.nix | 173 ++++----- hosts/asahi/hardware-configuration.nix | 40 +- hosts/fix/configuration.nix | 260 ++++++------- hosts/fix/hardware-configuration.nix | 14 +- hosts/global.nix | 187 +++++----- hosts/server/configuration.nix | 89 ++--- hosts/server/hardware-configuration.nix | 128 +++---- modules/games/global.nix | 47 ++- modules/games/lutris.nix | 25 +- modules/games/steam.nix | 49 +++ services/bot_discord/ada.nix | 71 ++-- services/bot_discord/bde.nix | 71 ++-- services/bot_discord/bot_loc.nix | 71 ++-- services/bot_discord/marty.nix | 87 ++--- services/bot_discord/master.nix | 77 ++-- services/bot_discord/music.nix | 69 ++-- services/bot_discord/tempvoc.nix | 69 ++-- services/bot_discord/ticket.nix | 69 ++-- services/discord.nix | 161 +++++---- services/forty_two.nix | 35 +- services/forty_two/irc.nix | 83 +++-- services/games.nix | 17 +- services/games/minecraft.nix | 64 ++-- services/self_host.nix | 166 +++++---- services/self_host/htop.nix | 35 +- services/self_host/mail.nix | 77 ++-- services/self_host/monitor.nix | 341 +++++++++--------- services/self_host/nextcloud.nix | 71 ++-- services/self_host/ollama.nix | 55 +-- services/self_host/teamspeak.nix | 39 +- services/web.nix | 69 ++-- services/web/portefolio.nix | 79 ++-- 46 files changed, 2133 insertions(+), 1700 deletions(-) create mode 100644 modules/games/steam.nix diff --git a/flake.nix b/flake.nix index 6033c60..2f7e53d 100644 --- a/flake.nix +++ b/flake.nix @@ -1,49 +1,57 @@ { - description = "NixOS Configuration"; + description = "NixOS Configuration"; - inputs = { - flake-utils.url = "github:numtide/flake-utils"; - home-manager = { - url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; - minecraft.url = "github:Infinidoge/nix-minecraft"; - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; - }; + inputs = { + flake-utils.url = "github:numtide/flake-utils"; + home-manager = { + url = "github:nix-community/home-manager"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver"; + minecraft.url = "github:Infinidoge/nix-minecraft"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + }; - outputs = { self, nixpkgs, flake-utils, simple-nixos-mailserver, ... }@inputs: - let - pkgs = import nixpkgs { - config.allowUnfree = true; - }; - in { - nixosConfigurations = { - "nixos-fix" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./hosts/fix/configuration.nix - ]; - specialArgs = { - inherit inputs; - }; - }; - "nixos-server" = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./hosts/server/configuration.nix - simple-nixos-mailserver.nixosModule - ]; - specialArgs = { - inherit inputs; - }; - }; - "nixos-asahi" = nixpkgs.lib.nixosSystem { - system = "aarch64-linux"; - modules = [ - ./hosts/asahi/configuration.nix - ]; - }; - }; - }; + outputs = + { + self, + nixpkgs, + flake-utils, + simple-nixos-mailserver, + ... + }@inputs: + let + pkgs = import nixpkgs { + config.allowUnfree = true; + }; + in + { + nixosConfigurations = { + "nixos-fix" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/fix/configuration.nix + ]; + specialArgs = { + inherit inputs; + }; + }; + "nixos-server" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./hosts/server/configuration.nix + simple-nixos-mailserver.nixosModule + ]; + specialArgs = { + inherit inputs; + }; + }; + "nixos-asahi" = nixpkgs.lib.nixosSystem { + system = "aarch64-linux"; + modules = [ + ./hosts/asahi/configuration.nix + ]; + }; + }; + }; } diff --git a/hosts/asahi/apple-silicon-support/modules/boot-m1n1/default.nix b/hosts/asahi/apple-silicon-support/modules/boot-m1n1/default.nix index ccbd40b..e84766e 100644 --- a/hosts/asahi/apple-silicon-support/modules/boot-m1n1/default.nix +++ b/hosts/asahi/apple-silicon-support/modules/boot-m1n1/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let pkgs' = config.hardware.asahi.pkgs; @@ -13,7 +18,7 @@ let }; bootFiles = { - "m1n1/boot.bin" = pkgs.runCommand "boot.bin" {} '' + "m1n1/boot.bin" = pkgs.runCommand "boot.bin" { } '' cat ${bootM1n1}/build/m1n1.bin > $out cat ${config.boot.kernelPackages.kernel}/dtbs/apple/*.dtb >> $out cat ${bootUBoot}/u-boot-nodtb.bin.gz >> $out @@ -22,14 +27,18 @@ let fi ''; }; -in { +in +{ config = lib.mkIf config.hardware.asahi.enable { # install m1n1 with the boot loader boot.loader.grub.extraFiles = bootFiles; boot.loader.systemd-boot.extraFiles = bootFiles; # ensure the installer has m1n1 in the image - system.extraDependencies = lib.mkForce [ bootM1n1 bootUBoot ]; + system.extraDependencies = lib.mkForce [ + bootM1n1 + bootUBoot + ]; system.build.m1n1 = bootFiles."m1n1/boot.bin"; }; diff --git a/hosts/asahi/apple-silicon-support/modules/default.nix b/hosts/asahi/apple-silicon-support/modules/default.nix index 6278945..c34b576 100644 --- a/hosts/asahi/apple-silicon-support/modules/default.nix +++ b/hosts/asahi/apple-silicon-support/modules/default.nix @@ -1,4 +1,9 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { imports = [ ./kernel @@ -8,43 +13,52 @@ ./sound ]; - config = let + config = + let cfg = config.hardware.asahi; - in lib.mkIf cfg.enable { + in + lib.mkIf cfg.enable { nixpkgs.overlays = lib.mkBefore [ cfg.overlay ]; # patch systemd-boot to boot in Apple Silicon UEFI environment. # This regression only appeared in systemd 256.7. # see https://github.com/NixOS/nixpkgs/pull/355290 # and https://github.com/systemd/systemd/issues/35026 - systemd.package = let - systemdBroken = (pkgs.systemd.version == "256.7"); + systemd.package = + let + systemdBroken = (pkgs.systemd.version == "256.7"); - systemdPatched = pkgs.systemd.overrideAttrs (old: { - patches = let - oldPatches = (old.patches or []); - # not sure why there are non-paths in there but oh well - patchNames = (builtins.map (p: if ((builtins.typeOf p) == "path") then builtins.baseNameOf p else "") oldPatches); - fixName = "0019-Revert-boot-Make-initrd_prepare-semantically-equival.patch"; - alreadyPatched = builtins.elem fixName patchNames; - in oldPatches ++ lib.optionals (!alreadyPatched) [ - (pkgs.fetchpatch { - url = "https://raw.githubusercontent.com/NixOS/nixpkgs/125e99477b0ac0a54b7cddc6c5a704821a3074c7/pkgs/os-specific/linux/systemd/${fixName}"; - hash = "sha256-UW3DZiaykQUUNcGA5UFxN+/wgNSW3ufxDDCZ7emD16o="; - }) - ]; - }); - in if systemdBroken then systemdPatched else pkgs.systemd; + systemdPatched = pkgs.systemd.overrideAttrs (old: { + patches = + let + oldPatches = (old.patches or [ ]); + # not sure why there are non-paths in there but oh well + patchNames = ( + builtins.map (p: if ((builtins.typeOf p) == "path") then builtins.baseNameOf p else "") oldPatches + ); + fixName = "0019-Revert-boot-Make-initrd_prepare-semantically-equival.patch"; + alreadyPatched = builtins.elem fixName patchNames; + in + oldPatches + ++ lib.optionals (!alreadyPatched) [ + (pkgs.fetchpatch { + url = "https://raw.githubusercontent.com/NixOS/nixpkgs/125e99477b0ac0a54b7cddc6c5a704821a3074c7/pkgs/os-specific/linux/systemd/${fixName}"; + hash = "sha256-UW3DZiaykQUUNcGA5UFxN+/wgNSW3ufxDDCZ7emD16o="; + }) + ]; + }); + in + if systemdBroken then systemdPatched else pkgs.systemd; hardware.asahi.pkgs = - if cfg.pkgsSystem != "aarch64-linux" - then + if cfg.pkgsSystem != "aarch64-linux" then import (pkgs.path) { crossSystem.system = "aarch64-linux"; localSystem.system = cfg.pkgsSystem; overlays = [ cfg.overlay ]; } - else pkgs; + else + pkgs; }; options.hardware.asahi = { diff --git a/hosts/asahi/apple-silicon-support/modules/kernel/default.nix b/hosts/asahi/apple-silicon-support/modules/kernel/default.nix index aeb6d62..fdded06 100644 --- a/hosts/asahi/apple-silicon-support/modules/kernel/default.nix +++ b/hosts/asahi/apple-silicon-support/modules/kernel/default.nix @@ -1,11 +1,17 @@ # the Asahi Linux kernel and options that must go along with it -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { config = lib.mkIf config.hardware.asahi.enable { - boot.kernelPackages = let - pkgs' = config.hardware.asahi.pkgs; - in + boot.kernelPackages = + let + pkgs' = config.hardware.asahi.pkgs; + in pkgs'.linux-asahi.override { _kernelPatches = config.boot.kernelPatches; withRust = config.hardware.asahi.withRust; @@ -93,8 +99,11 @@ }; imports = [ - (lib.mkRemovedOptionModule [ "hardware" "asahi" "addEdgeKernelConfig" ] - "All edge kernel config options are now the default.") + (lib.mkRemovedOptionModule [ + "hardware" + "asahi" + "addEdgeKernelConfig" + ] "All edge kernel config options are now the default.") ]; options.hardware.asahi.withRust = lib.mkOption { diff --git a/hosts/asahi/apple-silicon-support/modules/mesa/default.nix b/hosts/asahi/apple-silicon-support/modules/mesa/default.nix index 9152db6..ace466f 100644 --- a/hosts/asahi/apple-silicon-support/modules/mesa/default.nix +++ b/hosts/asahi/apple-silicon-support/modules/mesa/default.nix @@ -1,27 +1,41 @@ -{ options, config, pkgs, lib, ... }: { - config = let - isMode = mode: (config.hardware.asahi.useExperimentalGPUDriver - && config.hardware.asahi.experimentalGPUInstallMode == mode); - in lib.mkIf config.hardware.asahi.enable (lib.mkMerge [ - { - # required for proper DRM setup even without GPU driver - services.xserver.config = '' - Section "OutputClass" - Identifier "appledrm" - MatchDriver "apple" - Driver "modesetting" - Option "PrimaryGPU" "true" - EndSection - ''; - } - (lib.mkIf config.hardware.asahi.useExperimentalGPUDriver { - # install the Asahi Mesa version - hardware.graphics.package = config.hardware.asahi.pkgs.mesa-asahi-edge.drivers; - # required for in-kernel GPU driver - hardware.asahi.withRust = true; - }) - ]); + options, + config, + pkgs, + lib, + ... +}: +{ + config = + let + isMode = + mode: + ( + config.hardware.asahi.useExperimentalGPUDriver + && config.hardware.asahi.experimentalGPUInstallMode == mode + ); + in + lib.mkIf config.hardware.asahi.enable ( + lib.mkMerge [ + { + # required for proper DRM setup even without GPU driver + services.xserver.config = '' + Section "OutputClass" + Identifier "appledrm" + MatchDriver "apple" + Driver "modesetting" + Option "PrimaryGPU" "true" + EndSection + ''; + } + (lib.mkIf config.hardware.asahi.useExperimentalGPUDriver { + # install the Asahi Mesa version + hardware.graphics.package = config.hardware.asahi.pkgs.mesa-asahi-edge.drivers; + # required for in-kernel GPU driver + hardware.asahi.withRust = true; + }) + ] + ); options.hardware.asahi.useExperimentalGPUDriver = lib.mkOption { type = lib.types.bool; @@ -35,7 +49,11 @@ # hopefully no longer used, should be deprecated eventually options.hardware.asahi.experimentalGPUInstallMode = lib.mkOption { - type = lib.types.enum [ "driver" "replace" "overlay" ]; + type = lib.types.enum [ + "driver" + "replace" + "overlay" + ]; default = "replace"; description = '' Mode to use to install the experimental GPU driver into the system. diff --git a/hosts/asahi/apple-silicon-support/modules/peripheral-firmware/default.nix b/hosts/asahi/apple-silicon-support/modules/peripheral-firmware/default.nix index e10632f..27f1f34 100644 --- a/hosts/asahi/apple-silicon-support/modules/peripheral-firmware/default.nix +++ b/hosts/asahi/apple-silicon-support/modules/peripheral-firmware/default.nix @@ -1,8 +1,14 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: { config = lib.mkIf config.hardware.asahi.enable { assertions = lib.mkIf config.hardware.asahi.extractPeripheralFirmware [ - { assertion = config.hardware.asahi.peripheralFirmwareDirectory != null; + { + assertion = config.hardware.asahi.peripheralFirmwareDirectory != null; message = '' Asahi peripheral firmware extraction is enabled but the firmware location appears incorrect. @@ -10,26 +16,34 @@ } ]; - hardware.firmware = let - pkgs' = config.hardware.asahi.pkgs; - in - lib.mkIf ((config.hardware.asahi.peripheralFirmwareDirectory != null) - && config.hardware.asahi.extractPeripheralFirmware) [ - (pkgs.stdenv.mkDerivation { - name = "asahi-peripheral-firmware"; + hardware.firmware = + let + pkgs' = config.hardware.asahi.pkgs; + in + lib.mkIf + ( + (config.hardware.asahi.peripheralFirmwareDirectory != null) + && config.hardware.asahi.extractPeripheralFirmware + ) + [ + (pkgs.stdenv.mkDerivation { + name = "asahi-peripheral-firmware"; - nativeBuildInputs = [ pkgs'.asahi-fwextract pkgs.cpio ]; + nativeBuildInputs = [ + pkgs'.asahi-fwextract + pkgs.cpio + ]; - buildCommand = '' - mkdir extracted - asahi-fwextract ${config.hardware.asahi.peripheralFirmwareDirectory} extracted + buildCommand = '' + mkdir extracted + asahi-fwextract ${config.hardware.asahi.peripheralFirmwareDirectory} extracted - mkdir -p $out/lib/firmware - cat extracted/firmware.cpio | cpio -id --quiet --no-absolute-filenames - mv vendorfw/* $out/lib/firmware - ''; - }) - ]; + mkdir -p $out/lib/firmware + cat extracted/firmware.cpio | cpio -id --quiet --no-absolute-filenames + mv vendorfw/* $out/lib/firmware + ''; + }) + ]; }; options.hardware.asahi = { @@ -45,13 +59,12 @@ peripheralFirmwareDirectory = lib.mkOption { type = lib.types.nullOr lib.types.path; - default = lib.findFirst (path: builtins.pathExists (path + "/all_firmware.tar.gz")) null - [ - # path when the system is operating normally - /boot/asahi - # path when the system is mounted in the installer - /mnt/boot/asahi - ]; + default = lib.findFirst (path: builtins.pathExists (path + "/all_firmware.tar.gz")) null [ + # path when the system is operating normally + /boot/asahi + # path when the system is mounted in the installer + /mnt/boot/asahi + ]; description = '' Path to the directory containing the non-free non-redistributable diff --git a/hosts/asahi/apple-silicon-support/modules/sound/default.nix b/hosts/asahi/apple-silicon-support/modules/sound/default.nix index 10bf546..fd9121e 100644 --- a/hosts/asahi/apple-silicon-support/modules/sound/default.nix +++ b/hosts/asahi/apple-silicon-support/modules/sound/default.nix @@ -1,4 +1,10 @@ -{ config, options, pkgs, lib, ... }: +{ + config, + options, + pkgs, + lib, + ... +}: { options.hardware.asahi = { @@ -12,59 +18,75 @@ }; }; - config = let - cfg = config.hardware.asahi; + config = + let + cfg = config.hardware.asahi; - asahi-audio = pkgs.asahi-audio; # the asahi-audio we use + asahi-audio = pkgs.asahi-audio; # the asahi-audio we use - lsp-plugins = pkgs.lsp-plugins; + lsp-plugins = pkgs.lsp-plugins; - lsp-plugins-is-safe = (pkgs.lib.versionAtLeast lsp-plugins.version "1.2.14"); + lsp-plugins-is-safe = (pkgs.lib.versionAtLeast lsp-plugins.version "1.2.14"); - lv2Path = lib.makeSearchPath "lib/lv2" [ lsp-plugins pkgs.bankstown-lv2 ]; - in lib.mkIf (cfg.setupAsahiSound && cfg.enable) (lib.mkMerge [ - { - # can't be used by Asahi sound infrastructure - services.pulseaudio.enable = false; - # enable pipewire to run real-time and avoid audible glitches - security.rtkit.enable = true; - # set up pipewire with the supported capabilities (instead of pulseaudio) - # and asahi-audio configs and plugins - services.pipewire = { - enable = true; - alsa.enable = true; - pulse.enable = true; - - configPackages = [ asahi-audio ]; - extraLv2Packages = [ lsp-plugins pkgs.bankstown-lv2 ]; - - wireplumber = { - enable = true; - - configPackages = [ asahi-audio ]; - extraLv2Packages = [ lsp-plugins pkgs.bankstown-lv2 ]; - }; - }; - - # set up enivronment so that UCM configs are used as well - environment.variables.ALSA_CONFIG_UCM2 = "${pkgs.alsa-ucm-conf-asahi}/share/alsa/ucm2"; - systemd.user.services.pipewire.environment.ALSA_CONFIG_UCM2 = config.environment.variables.ALSA_CONFIG_UCM2; - systemd.user.services.wireplumber.environment.ALSA_CONFIG_UCM2 = config.environment.variables.ALSA_CONFIG_UCM2; - - # enable speakersafetyd to protect speakers - systemd.packages = lib.mkAssert lsp-plugins-is-safe - "lsp-plugins is unpatched/outdated and speakers cannot be safely enabled" - [ pkgs.speakersafetyd ]; - services.udev.packages = [ pkgs.speakersafetyd ]; - - # asahi-sound requires wireplumber 0.5.2 or above - # https://github.com/AsahiLinux/asahi-audio/commit/29ec1056c18193ffa09a990b1b61ed273e97fee6 - assertions = [ - { - assertion = lib.versionAtLeast pkgs.wireplumber.version "0.5.2"; - message = "wireplumber >= 0.5.2 is required for sound with nixos-apple-silicon."; - } + lv2Path = lib.makeSearchPath "lib/lv2" [ + lsp-plugins + pkgs.bankstown-lv2 ]; - } - ]); + in + lib.mkIf (cfg.setupAsahiSound && cfg.enable) ( + lib.mkMerge [ + { + # can't be used by Asahi sound infrastructure + services.pulseaudio.enable = false; + # enable pipewire to run real-time and avoid audible glitches + security.rtkit.enable = true; + # set up pipewire with the supported capabilities (instead of pulseaudio) + # and asahi-audio configs and plugins + services.pipewire = { + enable = true; + alsa.enable = true; + pulse.enable = true; + + configPackages = [ asahi-audio ]; + extraLv2Packages = [ + lsp-plugins + pkgs.bankstown-lv2 + ]; + + wireplumber = { + enable = true; + + configPackages = [ asahi-audio ]; + extraLv2Packages = [ + lsp-plugins + pkgs.bankstown-lv2 + ]; + }; + }; + + # set up enivronment so that UCM configs are used as well + environment.variables.ALSA_CONFIG_UCM2 = "${pkgs.alsa-ucm-conf-asahi}/share/alsa/ucm2"; + systemd.user.services.pipewire.environment.ALSA_CONFIG_UCM2 = + config.environment.variables.ALSA_CONFIG_UCM2; + systemd.user.services.wireplumber.environment.ALSA_CONFIG_UCM2 = + config.environment.variables.ALSA_CONFIG_UCM2; + + # enable speakersafetyd to protect speakers + systemd.packages = + lib.mkAssert lsp-plugins-is-safe + "lsp-plugins is unpatched/outdated and speakers cannot be safely enabled" + [ pkgs.speakersafetyd ]; + services.udev.packages = [ pkgs.speakersafetyd ]; + + # asahi-sound requires wireplumber 0.5.2 or above + # https://github.com/AsahiLinux/asahi-audio/commit/29ec1056c18193ffa09a990b1b61ed273e97fee6 + assertions = [ + { + assertion = lib.versionAtLeast pkgs.wireplumber.version "0.5.2"; + message = "wireplumber >= 0.5.2 is required for sound with nixos-apple-silicon."; + } + ]; + } + ] + ); } diff --git a/hosts/asahi/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix b/hosts/asahi/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix index a129d48..b6018de 100644 --- a/hosts/asahi/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix +++ b/hosts/asahi/apple-silicon-support/packages/alsa-ucm-conf-asahi/default.nix @@ -1,22 +1,27 @@ -{ lib -, fetchFromGitHub -, alsa-ucm-conf +{ + lib, + fetchFromGitHub, + alsa-ucm-conf, }: -(alsa-ucm-conf.overrideAttrs (oldAttrs: let - versionAsahi = "5"; +(alsa-ucm-conf.overrideAttrs ( + oldAttrs: + let + versionAsahi = "5"; - srcAsahi = fetchFromGitHub { - # tracking: https://src.fedoraproject.org/rpms/alsa-ucm-asahi - owner = "AsahiLinux"; - repo = "alsa-ucm-conf-asahi"; - rev = "v${versionAsahi}"; - hash = "sha256-daUNz5oUrPfSMO0Tqq/WbtiLHMOtPeQQlI+juGrhTxw="; - }; -in { - name = "${oldAttrs.pname}-${oldAttrs.version}-asahi-${versionAsahi}"; + srcAsahi = fetchFromGitHub { + # tracking: https://src.fedoraproject.org/rpms/alsa-ucm-asahi + owner = "AsahiLinux"; + repo = "alsa-ucm-conf-asahi"; + rev = "v${versionAsahi}"; + hash = "sha256-daUNz5oUrPfSMO0Tqq/WbtiLHMOtPeQQlI+juGrhTxw="; + }; + in + { + name = "${oldAttrs.pname}-${oldAttrs.version}-asahi-${versionAsahi}"; - postInstall = oldAttrs.postInstall or "" + '' - cp -r ${srcAsahi}/ucm2 $out/share/alsa - ''; -})) + postInstall = oldAttrs.postInstall or "" + '' + cp -r ${srcAsahi}/ucm2 $out/share/alsa + ''; + } +)) diff --git a/hosts/asahi/apple-silicon-support/packages/asahi-audio/default.nix b/hosts/asahi/apple-silicon-support/packages/asahi-audio/default.nix index 0198f49..95c889a 100644 --- a/hosts/asahi/apple-silicon-support/packages/asahi-audio/default.nix +++ b/hosts/asahi/apple-silicon-support/packages/asahi-audio/default.nix @@ -1,6 +1,7 @@ -{ stdenv -, lib -, fetchFromGitHub +{ + stdenv, + lib, + fetchFromGitHub, }: stdenv.mkDerivation rec { diff --git a/hosts/asahi/apple-silicon-support/packages/asahi-fwextract/default.nix b/hosts/asahi/apple-silicon-support/packages/asahi-fwextract/default.nix index 95159d4..75425c8 100755 --- a/hosts/asahi/apple-silicon-support/packages/asahi-fwextract/default.nix +++ b/hosts/asahi/apple-silicon-support/packages/asahi-fwextract/default.nix @@ -1,9 +1,10 @@ -{ lib -, python3 -, fetchFromGitHub -, gzip -, gnutar -, lzfse +{ + lib, + python3, + fetchFromGitHub, + gzip, + gnutar, + lzfse, }: python3.pkgs.buildPythonApplication rec { diff --git a/hosts/asahi/apple-silicon-support/packages/linux-asahi/default.nix b/hosts/asahi/apple-silicon-support/packages/linux-asahi/default.nix index a54b763..7ef79eb 100644 --- a/hosts/asahi/apple-silicon-support/packages/linux-asahi/default.nix +++ b/hosts/asahi/apple-silicon-support/packages/linux-asahi/default.nix @@ -1,11 +1,12 @@ -{ lib -, pkgs -, callPackage -, writeShellScriptBin -, writeText -, linuxPackagesFor -, withRust ? false -, _kernelPatches ? [ ] +{ + lib, + pkgs, + callPackage, + writeShellScriptBin, + writeText, + linuxPackagesFor, + withRust ? false, + _kernelPatches ? [ ], }: let @@ -13,67 +14,107 @@ let # parse [ymn]|foo style configuration as found in a patch's extraConfig # into a list of k, v tuples - parseExtraConfig = config: + parseExtraConfig = + config: let - lines = - builtins.filter (s: s != "") (lib.strings.splitString "\n" config); - parseLine = line: let - t = lib.strings.splitString " " line; - join = l: builtins.foldl' (a: b: "${a} ${b}") - (builtins.head l) (builtins.tail l); - v = if (builtins.length t) > 2 then join (builtins.tail t) else (i t 1); - in [ "CONFIG_${i t 0}" v ]; - in map parseLine lines; + lines = builtins.filter (s: s != "") (lib.strings.splitString "\n" config); + parseLine = + line: + let + t = lib.strings.splitString " " line; + join = l: builtins.foldl' (a: b: "${a} ${b}") (builtins.head l) (builtins.tail l); + v = if (builtins.length t) > 2 then join (builtins.tail t) else (i t 1); + in + [ + "CONFIG_${i t 0}" + v + ]; + in + map parseLine lines; # parse =lib.kernel.(yes|module|no)|lib.kernel.freeform "foo" # style configuration as found in a patch's extraStructuredConfig into # a list of k, v tuples - parseExtraStructuredConfig = config: lib.attrsets.mapAttrsToList - (k: v: [ "CONFIG_${k}" (v.tristate or v.freeform) ] ) config; + parseExtraStructuredConfig = + config: + lib.attrsets.mapAttrsToList (k: v: [ + "CONFIG_${k}" + (v.tristate or v.freeform) + ]) config; - parsePatchConfig = { extraConfig ? "", extraStructuredConfig ? {}, ... }: - (parseExtraConfig extraConfig) ++ - (parseExtraStructuredConfig extraStructuredConfig); + parsePatchConfig = + { + extraConfig ? "", + extraStructuredConfig ? { }, + ... + }: + (parseExtraConfig extraConfig) ++ (parseExtraStructuredConfig extraStructuredConfig); # parse CONFIG_=[ymn]|"foo" style configuration as found in a config file # into a list of k, v tuples - parseConfig = config: + parseConfig = + config: let parseLine = builtins.match ''(CONFIG_[[:upper:][:digit:]_]+)=(([ymn])|"([^"]*)")''; # get either the [ymn] option or the "foo" option; whichever matched - t = l: let v = (i l 2); in [ (i l 0) (if v != null then v else (i l 3)) ]; + t = + l: + let + v = (i l 2); + in + [ + (i l 0) + (if v != null then v else (i l 3)) + ]; lines = lib.strings.splitString "\n" config; - in map t (builtins.filter (l: l != null) (map parseLine lines)); + in + map t (builtins.filter (l: l != null) (map parseLine lines)); origConfigfile = ./config; - linux-asahi-pkg = { stdenv, lib, fetchFromGitHub, fetchpatch, linuxKernel, - rustPlatform, rustc, rustfmt, rust-bindgen, ... } @ args: + linux-asahi-pkg = + { + stdenv, + lib, + fetchFromGitHub, + fetchpatch, + linuxKernel, + rustPlatform, + rustc, + rustfmt, + rust-bindgen, + ... + }@args: let origConfigText = builtins.readFile origConfigfile; # extraConfig from all patches in order - extraConfig = - lib.fold (patch: ex: ex ++ (parsePatchConfig patch)) [] _kernelPatches; + extraConfig = lib.fold (patch: ex: ex ++ (parsePatchConfig patch)) [ ] _kernelPatches; # config file text for above - extraConfigText = let - text = k: v: if (v == "y") || (v == "m") || (v == "n") - then "${k}=${v}" else ''${k}="${v}"''; - in (map (t: text (i t 0) (i t 1)) extraConfig); + extraConfigText = + let + text = k: v: if (v == "y") || (v == "m") || (v == "n") then "${k}=${v}" else ''${k}="${v}"''; + in + (map (t: text (i t 0) (i t 1)) extraConfig); # final config as a text file path - configfile = if extraConfig == [] then origConfigfile else - writeText "config" '' - ${origConfigText} + configfile = + if extraConfig == [ ] then + origConfigfile + else + writeText "config" '' + ${origConfigText} - # Patches - ${lib.strings.concatStringsSep "\n" extraConfigText} - ''; + # Patches + ${lib.strings.concatStringsSep "\n" extraConfigText} + ''; # final config as an attrset - configAttrs = let - makePair = t: lib.nameValuePair (i t 0) (i t 1); - configList = (parseConfig origConfigText) ++ extraConfig; - in builtins.listToAttrs (map makePair (lib.lists.reverseList configList)); + configAttrs = + let + makePair = t: lib.nameValuePair (i t 0) (i t 1); + configList = (parseConfig origConfigText) ++ extraConfig; + in + builtins.listToAttrs (map makePair (lib.lists.reverseList configList)); # used to (ostensibly) keep compatibility for those running stable versions of nixos rustOlder = version: withRust && (lib.versionOlder rustc.version version); @@ -83,40 +124,54 @@ let rustAtLeast = version: withRust && (lib.versionAtLeast rustc.version version); bindgenAtLeast = version: withRust && (lib.versionAtLeast rust-bindgen.unwrapped.version version); in - (linuxKernel.manualConfig rec { - inherit stdenv lib; + ( + linuxKernel.manualConfig rec { + inherit stdenv lib; - version = "6.12.12-asahi"; - modDirVersion = version; - extraMeta.branch = "6.12"; + version = "6.12.12-asahi"; + modDirVersion = version; + extraMeta.branch = "6.12"; - src = fetchFromGitHub { - # tracking: https://github.com/AsahiLinux/linux/tree/asahi-wip (w/ fedora verification) - owner = "AsahiLinux"; - repo = "linux"; - rev = "asahi-6.12.12-1"; - hash = "sha256-910TiROccEleI/qB34DWh3M3bgP3SSCjEP9z7lD9BjM="; - }; + src = fetchFromGitHub { + # tracking: https://github.com/AsahiLinux/linux/tree/asahi-wip (w/ fedora verification) + owner = "AsahiLinux"; + repo = "linux"; + rev = "asahi-6.12.12-1"; + hash = "sha256-910TiROccEleI/qB34DWh3M3bgP3SSCjEP9z7lD9BjM="; + }; - kernelPatches = [ - { name = "coreutils-fix"; - patch = ./0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch; - } - ] ++ _kernelPatches; + kernelPatches = [ + { + name = "coreutils-fix"; + patch = ./0001-fs-fcntl-accept-more-values-as-F_DUPFD_CLOEXEC-args.patch; + } + ] + ++ _kernelPatches; - inherit configfile; - # hide Rust support from the nixpkgs infra to avoid it re-adding the rust packages. - # we can't use it until it's in stable and until we've evaluated the cross-compilation impact. - config = configAttrs // { "CONFIG_RUST" = "n"; }; - } // (args.argsOverride or {})).overrideAttrs (old: if withRust then { - nativeBuildInputs = (old.nativeBuildInputs or []) ++ [ - rust-bindgen - rustfmt - rustc - ]; - RUST_LIB_SRC = rustPlatform.rustLibSrc; - } else {}); + inherit configfile; + # hide Rust support from the nixpkgs infra to avoid it re-adding the rust packages. + # we can't use it until it's in stable and until we've evaluated the cross-compilation impact. + config = configAttrs // { + "CONFIG_RUST" = "n"; + }; + } + // (args.argsOverride or { }) + ).overrideAttrs + ( + old: + if withRust then + { + nativeBuildInputs = (old.nativeBuildInputs or [ ]) ++ [ + rust-bindgen + rustfmt + rustc + ]; + RUST_LIB_SRC = rustPlatform.rustLibSrc; + } + else + { } + ); linux-asahi = (callPackage linux-asahi-pkg { }); -in lib.recurseIntoAttrs (linuxPackagesFor linux-asahi) - +in +lib.recurseIntoAttrs (linuxPackagesFor linux-asahi) diff --git a/hosts/asahi/apple-silicon-support/packages/m1n1/default.nix b/hosts/asahi/apple-silicon-support/packages/m1n1/default.nix index bf29469..ea4dd39 100644 --- a/hosts/asahi/apple-silicon-support/packages/m1n1/default.nix +++ b/hosts/asahi/apple-silicon-support/packages/m1n1/default.nix @@ -1,29 +1,36 @@ -{ stdenv -, buildPackages -, lib -, fetchFromGitHub -, python3 -, dtc -, imagemagick -, isRelease ? false -, withTools ? true -, withChainloading ? false -, rust-bin ? null -, customLogo ? null +{ + stdenv, + buildPackages, + lib, + fetchFromGitHub, + python3, + dtc, + imagemagick, + isRelease ? false, + withTools ? true, + withChainloading ? false, + rust-bin ? null, + customLogo ? null, }: assert withChainloading -> rust-bin != null; let - pyenv = python3.withPackages (p: with p; [ - construct - pyserial - ]); + pyenv = python3.withPackages ( + p: with p; [ + construct + pyserial + ] + ); - rustenv = rust-bin.selectLatestNightlyWith (toolchain: toolchain.minimal.override { - targets = [ "aarch64-unknown-none-softfloat" ]; - }); -in stdenv.mkDerivation rec { + rustenv = rust-bin.selectLatestNightlyWith ( + toolchain: + toolchain.minimal.override { + targets = [ "aarch64-unknown-none-softfloat" ]; + } + ); +in +stdenv.mkDerivation rec { pname = "m1n1"; version = "1.4.21"; @@ -36,15 +43,18 @@ in stdenv.mkDerivation rec { fetchSubmodules = true; }; - makeFlags = [ "ARCH=${stdenv.cc.targetPrefix}" ] - ++ lib.optional isRelease "RELEASE=1" - ++ lib.optional withChainloading "CHAINLOADING=1"; + makeFlags = [ + "ARCH=${stdenv.cc.targetPrefix}" + ] + ++ lib.optional isRelease "RELEASE=1" + ++ lib.optional withChainloading "CHAINLOADING=1"; nativeBuildInputs = [ dtc buildPackages.gcc - ] ++ lib.optional withChainloading rustenv - ++ lib.optional (customLogo != null) imagemagick; + ] + ++ lib.optional withChainloading rustenv + ++ lib.optional (customLogo != null) imagemagick; postPatch = '' substituteInPlace proxyclient/m1n1/asm.py \ @@ -72,30 +82,32 @@ in stdenv.mkDerivation rec { mkdir -p $out/build cp build/m1n1.bin $out/build - '' + (lib.optionalString withTools '' - mkdir -p $out/{bin,script,toolchain-bin} - cp -r proxyclient $out/script - cp -r tools $out/script + '' + + (lib.optionalString withTools '' + mkdir -p $out/{bin,script,toolchain-bin} + cp -r proxyclient $out/script + cp -r tools $out/script - for toolpath in $out/script/proxyclient/tools/*.py; do - tool=$(basename $toolpath .py) - script=$out/bin/m1n1-$tool - cat > $script < $script < +#+ +:+ +#+ # -# +#+#+#+#+#+ +#+ # -# Created: 2025/10/02 00:54:38 by rparodi #+# #+# # -# Updated: 2025/10/02 11:44:15 by rparodi ### ########.fr # -# # -# **************************************************************************** # +{ + inputs, + config, + pkgs, + lib, + ... +}: -{ inputs, config, pkgs, lib, ... }: - - { +{ imports = [ ../global.nix ./hardware-configuration.nix @@ -57,14 +51,6 @@ }; }; - programs = { - steam = { - enable = true; - gamescopeSession.enable = true; - }; - gamemode.enable = true; - }; - users = { defaultUserShell = pkgs.zsh; users = { @@ -85,7 +71,6 @@ }; }; - # Bootloader. boot.loader = { systemd-boot.enable = true; @@ -94,44 +79,34 @@ services = { seatd.enable = true; - displayManager = { - defaultSession = "steam"; - gdm.enable = true; - autoLogin = { - enable = true; - user = "raphael"; - }; - }; xserver = { enable = true; videoDrivers = [ "nvidia" ]; }; - dbus.enable = true; - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - }; - openssh = { - enable = true; - ports = [ 42131 ]; - }; - udev.extraRules = '' - SUBSYSTEM=="usb", ATTR{idVendor}=="0483", ATTR{idProduct}=="5740", MODE="0666" - ''; - redis.servers."" = { - enable = true; - }; - postgresql = { - enable = true; - }; + dbus.enable = true; + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; }; - - virtualisation.docker.enable = true; - - system.stateVersion = "24.05"; - } + openssh = { + enable = true; + ports = [ 42131 ]; + }; + udev.extraRules = '' + SUBSYSTEM=="usb", ATTR{idVendor}=="0483", ATTR{idProduct}=="5740", MODE="0666" + ''; + redis.servers."" = { + enable = true; + }; + postgresql = { + enable = true; + }; + }; + virtualisation.docker.enable = true; + system.stateVersion = "24.05"; +} diff --git a/hosts/server/hardware-configuration.nix b/hosts/server/hardware-configuration.nix index aedd31c..67cb508 100644 --- a/hosts/server/hardware-configuration.nix +++ b/hosts/server/hardware-configuration.nix @@ -1,73 +1,79 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; -# services.dbus.enable = true; - boot = { - initrd = { - availableKernelModules = [ - "xhci_pci" - "ahci" - "usbhid" - "sd_mod" - ]; - kernelModules = []; - }; - kernelModules = [ - "kvm-intel" - ]; - extraModulePackages = []; - }; + # services.dbus.enable = true; + boot = { + initrd = { + availableKernelModules = [ + "xhci_pci" + "ahci" + "usbhid" + "sd_mod" + ]; + kernelModules = [ ]; + }; + kernelModules = [ + "kvm-intel" + ]; + extraModulePackages = [ ]; + }; - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/a943d592-57d3-497e-bf43-49b50ac73f0b"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/5AAB-0026"; - fsType = "vfat"; - options = [ - "fmask=0077" - "dmask=0077" - ]; - }; - "/mnt/data" = { - device = "/dev/disk/by-uuid/5729d30c-5806-4ccd-8a2a-080a258084dc"; - fsType = "ext4"; - }; - }; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/a943d592-57d3-497e-bf43-49b50ac73f0b"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/5AAB-0026"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + "/mnt/data" = { + device = "/dev/disk/by-uuid/5729d30c-5806-4ccd-8a2a-080a258084dc"; + fsType = "ext4"; + }; + }; - swapDevices = [ ]; + swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.docker0.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - - services.xserver.videoDrivers = ["nvidia"]; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.docker0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - hardware = { - graphics.enable = true; - nvidia = { - open = false; - modesetting.enable = true; - powerManagement.enable = false; - powerManagement.finegrained = false; - nvidiaSettings = true; - package = config.boot.kernelPackages.nvidiaPackages.stable; - }; - }; + services.xserver.videoDrivers = [ "nvidia" ]; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware = { + graphics.enable = true; + nvidia = { + open = false; + modesetting.enable = true; + powerManagement.enable = false; + powerManagement.finegrained = false; + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/modules/games/global.nix b/modules/games/global.nix index 719ac92..302d285 100644 --- a/modules/games/global.nix +++ b/modules/games/global.nix @@ -1,21 +1,38 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - lutris = import ./lutris.nix { - inherit config pkgs lib; - }; - cfg = config.games; + lutris = import ./lutris.nix { + inherit config pkgs lib; + }; + cfg = config.games; in { - imports = [ - lutris - ]; + imports = [ + lutris + ]; - options.games = { - lutris = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable lutris"; - }; - }; + options.games = { + steam = { + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable steam installation"; + }; + bp = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the autostart of steam in big picture"; + }; + }; + lutris = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable lutris"; + }; + }; } diff --git a/modules/games/lutris.nix b/modules/games/lutris.nix index 76ec516..2b87c16 100644 --- a/modules/games/lutris.nix +++ b/modules/games/lutris.nix @@ -1,15 +1,20 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.games.lutris; + cfg = config.games.lutris; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - wine-staging - lutris - dxvk - vkd3d - ]; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + wine-staging + lutris + dxvk + vkd3d + ]; + }; } diff --git a/modules/games/steam.nix b/modules/games/steam.nix new file mode 100644 index 0000000..bc32b95 --- /dev/null +++ b/modules/games/steam.nix @@ -0,0 +1,49 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + cfg = config.games.steam; +in +{ + config = lib.mkIf cfg.enable { + programs.steam = { + enable = true; + gamescopeSession.enable = true; + extraCompatPackages = with pkgs; [ + proton-ge-bin + ]; + }; + + programs.gamemode.enable = true; + + systemd.user.services."steam-bp" = lib.mkIf cfg.bp { + description = "Steam Big Picture auto start"; + wantedBy = [ "graphical-session.target" ]; + serviceConfig = { + ExecStart = "${pkgs.steam}/bin/steam -tenfoot -fulldesktopres"; + Restart = "on-failure"; + Environment = [ + "SDL_VIDEO_X11_DGAMOUSE=0" + "STEAM_USE_OGL=1" + "GAMEMODERUNEXEC=1" + ]; + }; + }; + + services = { + desktopManager.plasma6.enable = lib.mkIf cfg.bp true; + displayManager = lib.mkIf cfg.bp { + defaultSession = "plasmax11"; + sddm.enable = true; + autoLogin = { + enable = true; + user = "raphael"; + }; + }; + }; + }; +} diff --git a/services/bot_discord/ada.nix b/services/bot_discord/ada.nix index b5e676c..2f2e78c 100644 --- a/services/bot_discord/ada.nix +++ b/services/bot_discord/ada.nix @@ -1,39 +1,44 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.ada; + cfg = config.service.bot_discord.ada; in { - config = lib.mkIf cfg { - users = { - groups.dsc_ada = { - name = "dsc_ada"; - }; - users.dsc_ada = { - description = "Utilisateur pour le bot Ada"; - group = "dsc_ada"; - home = "/opt/Ada"; - isSystemUser = true; - }; - }; + config = lib.mkIf cfg { + users = { + groups.dsc_ada = { + name = "dsc_ada"; + }; + users.dsc_ada = { + description = "Utilisateur pour le bot Ada"; + group = "dsc_ada"; + home = "/opt/Ada"; + isSystemUser = true; + }; + }; - systemd.services.bot_ada = { - description = "Ada (chdoe asso) discord bot public"; - after = [ - "network.target" - ]; - wantedBy = [ - "multi-user.target" - ]; - serviceConfig = { - Type = "simple"; - User = "dsc_ada"; - WorkingDirectory = "/opt/Ada"; - ExecStart = "/opt/Ada/bot.py"; - EnvironmentFile = "/opt/Ada/.env"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + systemd.services.bot_ada = { + description = "Ada (chdoe asso) discord bot public"; + after = [ + "network.target" + ]; + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + Type = "simple"; + User = "dsc_ada"; + WorkingDirectory = "/opt/Ada"; + ExecStart = "/opt/Ada/bot.py"; + EnvironmentFile = "/opt/Ada/.env"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/bde.nix b/services/bot_discord/bde.nix index 8fe4073..4f1c6f0 100644 --- a/services/bot_discord/bde.nix +++ b/services/bot_discord/bde.nix @@ -1,39 +1,44 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.bde; + cfg = config.service.bot_discord.bde; in { - config = lib.mkIf cfg { - users = { - groups.dsc_bde = { - name = "dsc_bde"; - }; - users.dsc_bde = { - description = "Utilisateur pour le bot BDE"; - group = "dsc_bde"; - home = "/opt/bde"; - isSystemUser = true; - }; - }; + config = lib.mkIf cfg { + users = { + groups.dsc_bde = { + name = "dsc_bde"; + }; + users.dsc_bde = { + description = "Utilisateur pour le bot BDE"; + group = "dsc_bde"; + home = "/opt/bde"; + isSystemUser = true; + }; + }; - systemd.services.bot_bde = { - description = "BDE discord bot public"; - after = [ - "network.target" - ]; - wantedBy = [ - "multi-user.target" - ]; - serviceConfig = { - Type = "simple"; - User = "dsc_bde"; - WorkingDirectory = "/opt/Bde"; - ExecStart = "/opt/Bde/.venv/bin/python /opt/Bde/bot.py"; - EnvironmentFile = "/opt/Bde/.env"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + systemd.services.bot_bde = { + description = "BDE discord bot public"; + after = [ + "network.target" + ]; + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + Type = "simple"; + User = "dsc_bde"; + WorkingDirectory = "/opt/Bde"; + ExecStart = "/opt/Bde/.venv/bin/python /opt/Bde/bot.py"; + EnvironmentFile = "/opt/Bde/.env"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/bot_loc.nix b/services/bot_discord/bot_loc.nix index 7b9f436..548019c 100644 --- a/services/bot_discord/bot_loc.nix +++ b/services/bot_discord/bot_loc.nix @@ -1,39 +1,44 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.tut; + cfg = config.service.bot_discord.tut; in { - config = lib.mkIf cfg { - users = { - groups.dsc_loc = { - name = "dsc_loc"; - }; - users.dsc_loc = { - description = "Utilisateur pour le bot tut"; - group = "dsc_loc"; - home = "/opt/alerte_poste-master"; - isSystemUser = true; - }; - }; + config = lib.mkIf cfg { + users = { + groups.dsc_loc = { + name = "dsc_loc"; + }; + users.dsc_loc = { + description = "Utilisateur pour le bot tut"; + group = "dsc_loc"; + home = "/opt/alerte_poste-master"; + isSystemUser = true; + }; + }; - systemd.services.bot_loc = { - description = "loc discord bot public"; - after = [ - "network.target" - ]; - wantedBy = [ - "multi-user.target" - ]; - serviceConfig = { - Type = "simple"; - User = "dsc_loc"; - WorkingDirectory = "/opt/alerte-poste"; - ExecStart = "/opt/alerte-poste/.venv/bin/python /opt/alerte-poste/src/main.py"; - EnvironmentFile = "/opt/alerte-poste/.env"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + systemd.services.bot_loc = { + description = "loc discord bot public"; + after = [ + "network.target" + ]; + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + Type = "simple"; + User = "dsc_loc"; + WorkingDirectory = "/opt/alerte-poste"; + ExecStart = "/opt/alerte-poste/.venv/bin/python /opt/alerte-poste/src/main.py"; + EnvironmentFile = "/opt/alerte-poste/.env"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/marty.nix b/services/bot_discord/marty.nix index 1955406..3e339a1 100644 --- a/services/bot_discord/marty.nix +++ b/services/bot_discord/marty.nix @@ -1,47 +1,52 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.marty; + cfg = config.service.bot_discord.marty; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - nodejs - ]; - users = { - groups.dsc_marty = { - name = "dsc_marty"; - }; - users.dsc_marty = { - description = "Utilisateur pour le bot BDE"; - group = "dsc_marty"; - home = "/opt/marty"; - isSystemUser = true; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + nodejs + ]; + users = { + groups.dsc_marty = { + name = "dsc_marty"; + }; + users.dsc_marty = { + description = "Utilisateur pour le bot BDE"; + group = "dsc_marty"; + home = "/opt/marty"; + isSystemUser = true; + }; + }; - systemd.services.bot_marty = { - description = "marty discord bot"; - after = [ - "network.target" - ]; - wantedBy = [ - "multi-user.target" - ]; - serviceConfig = { - Type = "simple"; - User = "dsc_marty"; - WorkingDirectory = "/opt/marty"; - Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; - ExecStartPre = [ - "${pkgs.nodejs}/bin/npm install" - "${pkgs.nodejs}/bin/npm run build" - ]; - ExecStart = "${pkgs.nodejs}/bin/npm run start-prod"; - EnvironmentFile = "/opt/marty/.env"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + systemd.services.bot_marty = { + description = "marty discord bot"; + after = [ + "network.target" + ]; + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + Type = "simple"; + User = "dsc_marty"; + WorkingDirectory = "/opt/marty"; + Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; + ExecStartPre = [ + "${pkgs.nodejs}/bin/npm install" + "${pkgs.nodejs}/bin/npm run build" + ]; + ExecStart = "${pkgs.nodejs}/bin/npm run start-prod"; + EnvironmentFile = "/opt/marty/.env"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/master.nix b/services/bot_discord/master.nix index 10e7c1c..c7d0969 100644 --- a/services/bot_discord/master.nix +++ b/services/bot_discord/master.nix @@ -1,41 +1,46 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.master; + cfg = config.service.bot_discord.master; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - go - ]; - users = { - groups.dsc_master = { - name = "dsc_master"; - }; - users.dsc_master = { - description = "Utilisateur pour le bot master"; - group = "dsc_master"; - home = "/opt/master"; - isSystemUser = true; - }; - }; - systemd.services.yagpdb = { - description = "Enium discord master bot"; - after = [ - "network.target" - ]; - wantedBy = [ - "multi-user.target" - ]; - serviceConfig = { - Type = "simple"; - User = "dsc_master"; - WorkingDirectory = "/opt/yagpdb/cmd/yagpdb"; - ExecStart = "/opt/yagpdb/cmd/yagpdb/yagpdb -all -pa"; - EnvironmentFile = "/opt/yagpdb/cmd/yagpdb/sampleenvfile"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + go + ]; + users = { + groups.dsc_master = { + name = "dsc_master"; + }; + users.dsc_master = { + description = "Utilisateur pour le bot master"; + group = "dsc_master"; + home = "/opt/master"; + isSystemUser = true; + }; + }; + systemd.services.yagpdb = { + description = "Enium discord master bot"; + after = [ + "network.target" + ]; + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + Type = "simple"; + User = "dsc_master"; + WorkingDirectory = "/opt/yagpdb/cmd/yagpdb"; + ExecStart = "/opt/yagpdb/cmd/yagpdb/yagpdb -all -pa"; + EnvironmentFile = "/opt/yagpdb/cmd/yagpdb/sampleenvfile"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/music.nix b/services/bot_discord/music.nix index 1bb30b4..3c6180e 100644 --- a/services/bot_discord/music.nix +++ b/services/bot_discord/music.nix @@ -1,37 +1,42 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.music; + cfg = config.service.bot_discord.music; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - nodejs - ]; - users = { - groups.dsc_music = { - name = "dsc_music"; - }; - users.dsc_music = { - description = "Utilisateur pour le bot music"; - group = "dsc_music"; - home = "/opt/music"; - isSystemUser = true; - }; - }; - systemd.services.music = { - description = "Enium discord bot for music"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "simple"; - User = "dsc_music"; - WorkingDirectory = "/opt/music"; - ExecStart = "${pkgs.nodejs}/bin/npm start"; - Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + nodejs + ]; + users = { + groups.dsc_music = { + name = "dsc_music"; + }; + users.dsc_music = { + description = "Utilisateur pour le bot music"; + group = "dsc_music"; + home = "/opt/music"; + isSystemUser = true; + }; + }; + systemd.services.music = { + description = "Enium discord bot for music"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + User = "dsc_music"; + WorkingDirectory = "/opt/music"; + ExecStart = "${pkgs.nodejs}/bin/npm start"; + Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/tempvoc.nix b/services/bot_discord/tempvoc.nix index 550aaed..ae07a46 100644 --- a/services/bot_discord/tempvoc.nix +++ b/services/bot_discord/tempvoc.nix @@ -1,37 +1,42 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.tempvoc; + cfg = config.service.bot_discord.tempvoc; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - nodejs - ]; - users = { - groups.dsc_tempvoc = { - name = "dsc_tempvoc"; - }; - users.dsc_tempvoc = { - description = "Utilisateur pour le bot tempvoc"; - group = "dsc_tempvoc"; - home = "/opt/tempvoc"; - isSystemUser = true; - }; - }; - systemd.services.tempvoc = { - description = "Enium discord bot for tempvoc"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "simple"; - User = "dsc_tempvoc"; - WorkingDirectory = "/opt/tempvoc"; - ExecStart = "${pkgs.nodejs}/bin/npm start"; - Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + nodejs + ]; + users = { + groups.dsc_tempvoc = { + name = "dsc_tempvoc"; + }; + users.dsc_tempvoc = { + description = "Utilisateur pour le bot tempvoc"; + group = "dsc_tempvoc"; + home = "/opt/tempvoc"; + isSystemUser = true; + }; + }; + systemd.services.tempvoc = { + description = "Enium discord bot for tempvoc"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + User = "dsc_tempvoc"; + WorkingDirectory = "/opt/tempvoc"; + ExecStart = "${pkgs.nodejs}/bin/npm start"; + Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/bot_discord/ticket.nix b/services/bot_discord/ticket.nix index c77ca79..f08d526 100644 --- a/services/bot_discord/ticket.nix +++ b/services/bot_discord/ticket.nix @@ -1,37 +1,42 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.bot_discord.ticket; + cfg = config.service.bot_discord.ticket; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - nodejs - ]; - users = { - groups.dsc_ticket = { - name = "dsc_ticket"; - }; - users.dsc_ticket = { - description = "Utilisateur pour le bot ticket"; - group = "dsc_ticket"; - home = "/opt/ticket"; - isSystemUser = true; - }; - }; - systemd.services.ticket = { - description = "Service for ticket"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - Type = "simple"; - User = "dsc_ticket"; - WorkingDirectory = "/opt/ticket"; - ExecStart = "${pkgs.nodejs}/bin/npm start"; - Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; - Restart = "on-failure"; - RestartSec = 5; - }; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + nodejs + ]; + users = { + groups.dsc_ticket = { + name = "dsc_ticket"; + }; + users.dsc_ticket = { + description = "Utilisateur pour le bot ticket"; + group = "dsc_ticket"; + home = "/opt/ticket"; + isSystemUser = true; + }; + }; + systemd.services.ticket = { + description = "Service for ticket"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + Type = "simple"; + User = "dsc_ticket"; + WorkingDirectory = "/opt/ticket"; + ExecStart = "${pkgs.nodejs}/bin/npm start"; + Environment = "PATH=${pkgs.coreutils}/bin:${pkgs.bash}/bin:${pkgs.nodejs}/bin"; + Restart = "on-failure"; + RestartSec = 5; + }; + }; + }; } diff --git a/services/discord.nix b/services/discord.nix index 26fc1ad..b019b45 100644 --- a/services/discord.nix +++ b/services/discord.nix @@ -1,84 +1,89 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - master_bot = import ./bot_discord/master.nix { - inherit config pkgs lib; - }; - music_bot = import ./bot_discord/music.nix { - inherit config pkgs lib; - }; - tempvoc_bot = import ./bot_discord/tempvoc.nix { - inherit config pkgs lib; - }; - ada_bot = import ./bot_discord/ada.nix { - inherit config pkgs lib; - }; - tut_bot = import ./bot_discord/bot_loc.nix { - inherit config pkgs lib; - }; - bde_bot = import ./bot_discord/bde.nix { - inherit config pkgs lib; - }; - marty_bot = import ./bot_discord/marty.nix { - inherit config pkgs lib; - }; - ticket_bot = import ./bot_discord/ticket.nix { - inherit config pkgs lib; - }; - cfg = config.service.bot_discord; + master_bot = import ./bot_discord/master.nix { + inherit config pkgs lib; + }; + music_bot = import ./bot_discord/music.nix { + inherit config pkgs lib; + }; + tempvoc_bot = import ./bot_discord/tempvoc.nix { + inherit config pkgs lib; + }; + ada_bot = import ./bot_discord/ada.nix { + inherit config pkgs lib; + }; + tut_bot = import ./bot_discord/bot_loc.nix { + inherit config pkgs lib; + }; + bde_bot = import ./bot_discord/bde.nix { + inherit config pkgs lib; + }; + marty_bot = import ./bot_discord/marty.nix { + inherit config pkgs lib; + }; + ticket_bot = import ./bot_discord/ticket.nix { + inherit config pkgs lib; + }; + cfg = config.service.bot_discord; in { - imports = [ - ada_bot - bde_bot - tut_bot - master_bot - music_bot - tempvoc_bot - ticket_bot - marty_bot - ]; + imports = [ + ada_bot + bde_bot + tut_bot + master_bot + music_bot + tempvoc_bot + ticket_bot + marty_bot + ]; - options.service.bot_discord = { - master = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable master bot"; - }; - ada = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable ada bot"; - }; - tut = lib.mkOption { - type = lib.types.bool; - default = false; - description = "enable tut bot"; - }; - bde = lib.mkOption { - type = lib.types.bool; - default = false; - description = "enable bde bot"; - }; - marty = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable marty bot"; - }; - music = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable music bot"; - }; - tempvoc = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable tempvoc bot"; - }; - ticket = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable ticket bot"; - }; - }; + options.service.bot_discord = { + master = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable master bot"; + }; + ada = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable ada bot"; + }; + tut = lib.mkOption { + type = lib.types.bool; + default = false; + description = "enable tut bot"; + }; + bde = lib.mkOption { + type = lib.types.bool; + default = false; + description = "enable bde bot"; + }; + marty = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable marty bot"; + }; + music = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable music bot"; + }; + tempvoc = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable tempvoc bot"; + }; + ticket = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable ticket bot"; + }; + }; } diff --git a/services/forty_two.nix b/services/forty_two.nix index 879cf6d..25b3811 100644 --- a/services/forty_two.nix +++ b/services/forty_two.nix @@ -1,21 +1,26 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - irc = import ./forty_two/irc.nix { - inherit config pkgs lib; - }; - cfg = config.service.forty_two; + irc = import ./forty_two/irc.nix { + inherit config pkgs lib; + }; + cfg = config.service.forty_two; in { - imports = [ - irc - ]; + imports = [ + irc + ]; - options.service.forty_two = { - irc = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the ft_irc server"; - }; - }; + options.service.forty_two = { + irc = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the ft_irc server"; + }; + }; } diff --git a/services/forty_two/irc.nix b/services/forty_two/irc.nix index 3740694..0347841 100644 --- a/services/forty_two/irc.nix +++ b/services/forty_two/irc.nix @@ -1,45 +1,50 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.forty_two.irc; + cfg = config.service.forty_two.irc; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - llvmPackages.clang - llvmPackages.clang-tools - gnumake - ]; - users = { - groups.ft_irc = { - name = "ft_irc"; - }; - users.ft_irc = { - description = "Utilisateur the ft_irc server"; - group = "ft_irc"; - home = "/opt/irc/"; - isSystemUser = true; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + llvmPackages.clang + llvmPackages.clang-tools + gnumake + ]; + users = { + groups.ft_irc = { + name = "ft_irc"; + }; + users.ft_irc = { + description = "Utilisateur the ft_irc server"; + group = "ft_irc"; + home = "/opt/irc/"; + isSystemUser = true; + }; + }; - systemd.services.ft_irc = { - description = "Upload our irc on my own server"; - after = [ - "network.target" - ]; - wantedBy = [ - "multi-user.target" - ]; - serviceConfig = { - Type = "simple"; - User = "ft_irc"; - WorkingDirectory = "/opt/irc"; - ExecStartPre = "${pkgs.git}/bin/git pull"; - ExecStart = "/opt/irc/ircserv 4243 irc"; - Restart = "on-failure"; - RestartSec = 30; - RemainAfterExit = false; - }; - }; - }; + systemd.services.ft_irc = { + description = "Upload our irc on my own server"; + after = [ + "network.target" + ]; + wantedBy = [ + "multi-user.target" + ]; + serviceConfig = { + Type = "simple"; + User = "ft_irc"; + WorkingDirectory = "/opt/irc"; + ExecStartPre = "${pkgs.git}/bin/git pull"; + ExecStart = "/opt/irc/ircserv 4243 irc"; + Restart = "on-failure"; + RestartSec = 30; + RemainAfterExit = false; + }; + }; + }; } diff --git a/services/games.nix b/services/games.nix index 837d6ce..30f3f18 100644 --- a/services/games.nix +++ b/services/games.nix @@ -1,12 +1,23 @@ -{ inputs, config, pkgs, lib, ... }: +{ + inputs, + config, + pkgs, + lib, + ... +}: let enium-pv = import ./games/minecraft.nix { - inherit inputs config pkgs lib; + inherit + inputs + config + pkgs + lib + ; }; cfg = config.service; in - { +{ imports = [ enium-pv ]; diff --git a/services/games/minecraft.nix b/services/games/minecraft.nix index 7e78e8d..cfc71ae 100644 --- a/services/games/minecraft.nix +++ b/services/games/minecraft.nix @@ -1,36 +1,42 @@ -{ inputs, config, pkgs, lib, ... }: +{ + inputs, + config, + pkgs, + lib, + ... +}: let - cfg = config.service.games.enium-pv; + cfg = config.service.games.enium-pv; in { - imports = [ - inputs.minecraft.nixosModules.minecraft-servers - ]; + imports = [ + inputs.minecraft.nixosModules.minecraft-servers + ]; - config = lib.mkIf cfg { - nixpkgs.overlays = [ - inputs.minecraft.overlay - ]; - services.minecraft-servers = { - enable = true; - eula = true; + config = lib.mkIf cfg { + nixpkgs.overlays = [ + inputs.minecraft.overlay + ]; + services.minecraft-servers = { + enable = true; + eula = true; - servers.enium-pv = { - enable = true; - package = pkgs.fabricServers.fabric-1_20_1; - jvmOpts = "-Xms4092M -Xmx4092M"; - serverProperties = { - difficulty = 3; - gamemode = 0; - max-players = 42; - motd = "§l §3 Enium Survival§r\n§l §b Whitelisted Server"; - server-port = 64421; - spawn-protection=16; - white-list = true; - }; - restart = "no"; - }; - }; - }; + servers.enium-pv = { + enable = true; + package = pkgs.fabricServers.fabric-1_20_1; + jvmOpts = "-Xms4092M -Xmx4092M"; + serverProperties = { + difficulty = 3; + gamemode = 0; + max-players = 42; + motd = "§l §3 Enium Survival§r\n§l §b Whitelisted Server"; + server-port = 64421; + spawn-protection = 16; + white-list = true; + }; + restart = "no"; + }; + }; + }; } diff --git a/services/self_host.nix b/services/self_host.nix index b87de96..46e4b77 100644 --- a/services/self_host.nix +++ b/services/self_host.nix @@ -1,71 +1,107 @@ -{ inputs, config, pkgs, lib, ... }: +{ + inputs, + config, + pkgs, + lib, + ... +}: let - htop = import ./self_host/htop.nix { - inherit inputs config pkgs lib; - }; - mail = import ./self_host/mail.nix { - inherit inputs config pkgs lib; - }; - monitor = import ./self_host/monitor.nix { - inherit inputs config pkgs lib; - }; - teamspeak = import ./self_host/teamspeak.nix { - inherit inputs config pkgs lib; - }; - ollama = import ./self_host/ollama.nix { - inherit inputs config pkgs lib; - }; - nextcloud = import ./self_host/nextcloud.nix { - inherit inputs config pkgs lib; - }; - cfg = config.service.selfhost; + htop = import ./self_host/htop.nix { + inherit + inputs + config + pkgs + lib + ; + }; + mail = import ./self_host/mail.nix { + inherit + inputs + config + pkgs + lib + ; + }; + monitor = import ./self_host/monitor.nix { + inherit + inputs + config + pkgs + lib + ; + }; + teamspeak = import ./self_host/teamspeak.nix { + inherit + inputs + config + pkgs + lib + ; + }; + ollama = import ./self_host/ollama.nix { + inherit + inputs + config + pkgs + lib + ; + }; + nextcloud = import ./self_host/nextcloud.nix { + inherit + inputs + config + pkgs + lib + ; + }; + cfg = config.service.selfhost; in { - imports = [ - nextcloud - mail - htop - ollama - teamspeak - monitor - ]; + imports = [ + nextcloud + mail + htop + ollama + teamspeak + monitor + ]; - config = { - services.nginx = { - enable = true; - }; - }; - options.service.selfhost = { - htop = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the htop"; - }; - teamspeak = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the teamspeak"; - }; - ollama = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the ollama"; - }; - mail = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the mail"; - }; - monitor = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the monitor"; - }; - nextcloud = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the nextcloud"; - }; - }; + config = { + services.nginx = { + enable = true; + }; + }; + options.service.selfhost = { + htop = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the htop"; + }; + teamspeak = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the teamspeak"; + }; + ollama = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the ollama"; + }; + mail = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the mail"; + }; + monitor = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the monitor"; + }; + nextcloud = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the nextcloud"; + }; + }; } diff --git a/services/self_host/htop.nix b/services/self_host/htop.nix index e6b71f4..c94cd03 100644 --- a/services/self_host/htop.nix +++ b/services/self_host/htop.nix @@ -1,21 +1,26 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.selfhost.monitor; + cfg = config.service.selfhost.monitor; in { - config = lib.mkIf cfg { - services = { - glances.enable = true; + config = lib.mkIf cfg { + services = { + glances.enable = true; - nginx.virtualHosts."htop.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:61208"; - proxyWebsockets = true; - }; - }; - }; - }; + nginx.virtualHosts."htop.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:61208"; + proxyWebsockets = true; + }; + }; + }; + }; } diff --git a/services/self_host/mail.nix b/services/self_host/mail.nix index cc1153e..15190e1 100644 --- a/services/self_host/mail.nix +++ b/services/self_host/mail.nix @@ -1,42 +1,47 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.selfhost.mail; + cfg = config.service.selfhost.mail; in { - config = lib.mkIf cfg { - services.rspamd.enable = true; - mailserver = { - enable = true; - stateVersion = 3; - fqdn = "mail.enium.eu"; - domains = [ - "enium.eu" - ]; - loginAccounts = { - "no-reply@enium.eu" = { - hashedPasswordFile = "/root/mail-passwd.txt"; - }; - }; - certificateScheme = "acme-nginx"; - }; + config = lib.mkIf cfg { + services.rspamd.enable = true; + mailserver = { + enable = true; + stateVersion = 3; + fqdn = "mail.enium.eu"; + domains = [ + "enium.eu" + ]; + loginAccounts = { + "no-reply@enium.eu" = { + hashedPasswordFile = "/root/mail-passwd.txt"; + }; + }; + certificateScheme = "acme-nginx"; + }; - services = { - roundcube = { - enable = true; - hostName = "mail.enium.eu"; - extraConfig = '' - $config['smtp_host'] = "tls://mail.enium.eu"; - $config['smtp_user'] = "%u"; - $config['smtp_pass'] = "%p"; - ''; - }; - nginx = { - virtualHosts."mail.enium.eu" = { - forceSSL = true; - enableACME = true; - }; - }; - }; - }; + services = { + roundcube = { + enable = true; + hostName = "mail.enium.eu"; + extraConfig = '' + $config['smtp_host'] = "tls://mail.enium.eu"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; + ''; + }; + nginx = { + virtualHosts."mail.enium.eu" = { + forceSSL = true; + enableACME = true; + }; + }; + }; + }; } diff --git a/services/self_host/monitor.nix b/services/self_host/monitor.nix index 65ed0f3..4c47c2f 100644 --- a/services/self_host/monitor.nix +++ b/services/self_host/monitor.nix @@ -1,170 +1,189 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.selfhost.monitor; - monitored = [ "nginx" "grafana" ]; - email = "raphael@enium.eu"; + cfg = config.service.selfhost.monitor; + monitored = [ + "nginx" + "grafana" + ]; + email = "raphael@enium.eu"; in { - config = lib.mkIf cfg { - services.grafana = { - enable = true; - package = pkgs.grafana; - dataDir = "/var/lib/grafana"; - }; - - environment.etc."process-exporter.json".text = builtins.toJSON { - procMatchers = lib.map (svc: { - name = svc; - cmdline = [ - "${svc}:" - ]; - }) monitored; - }; - - systemd.services.process_exporter = { - description = "Prometheus Process Exporter"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json"; - Restart = "always"; - }; - }; - - services.prometheus = { - enable = true; - checkConfig = false; - exporters = { - blackbox = { - enable = true; - configFile = pkgs.writeText "blackbox-exporter.yml" '' - modules: - http_2xx: - prober: http - timeout: 5s - http: - valid_http_versions: ["HTTP/1.1", "HTTP/2.0"] - valid_status_codes: [] - method: GET - no_follow_redirects: false - fail_if_not_ssl: false -''; - }; - node.enable = true; - systemd.enable = true; - }; - scrapeConfigs = [ - { - job_name = "systemd_exporter"; - metrics_path = "/metrics"; - static_configs = [{ - targets = [ - "127.0.0.1:9558" - ]; - }]; - } - { - job_name = "node_exporter"; - static_configs = [{ - targets = [ - "127.0.0.1:9100" - ]; - }]; - } - { - job_name = "process_exporter"; - metrics_path = "/metrics"; - scheme = "http"; - static_configs = [{ - targets = [ - "127.0.0.1:9256" - ]; - }]; - } - { - job_name = "blackbox_http_probe"; - metrics_path = "/probe"; - params = { - module = [ - "http_2xx" - ]; - }; - static_configs = [{ - targets = [ - "https://raphael.parodi.pro" - "https://nextcloud.enium.eu" - "https://htop.enium.eu" - "https://monitor.enium.eu" - "https://ollama.enium.eu" - "http://relance-pas-stp.me:4242" - ]; - }]; - relabel_configs = [ - { source_labels = [ "__address__" ]; - target_label = "__param_target"; - } - { source_labels = [ "__param_target" ]; - target_label = "instance"; - } - { target_label = "__address__"; - replacement = "127.0.0.1:9115"; - } - ]; - proxy_url = "http://127.0.0.1:9115"; - } - ]; - ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ]; - }; - - environment.etc."prometheus/services.rules".text = '' -groups: -- name: services - rules: - - alert: nginxServiceDown - expr: process_up{job="process_exporter",name="nginx"} == 0 - for: 1m - labels: - severity: critical - annotations: - summary: "Processus nginx arrêté" - description: "Le processus nginx ne tourne plus depuis >1m." + config = lib.mkIf cfg { + services.grafana = { + enable = true; + package = pkgs.grafana; + dataDir = "/var/lib/grafana"; + }; - - alert: nginxServiceUp - expr: process_up{job="process_exporter",name="nginx"} == 1 - for: 1m - labels: - severity: info - annotations: - summary: "Processus nginx rétabli" - description: "Le processus nginx tourne de nouveau." + environment.etc."process-exporter.json".text = builtins.toJSON { + procMatchers = lib.map (svc: { + name = svc; + cmdline = [ + "${svc}:" + ]; + }) monitored; + }; - - alert: grafanaServiceDown - expr: process_up{job="process_exporter",name="grafana"} == 0 - for: 1m - labels: - severity: critical - annotations: - summary: "Processus grafana arrêté" - description: "Le processus grafana ne tourne plus depuis >1m." + systemd.services.process_exporter = { + description = "Prometheus Process Exporter"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json"; + Restart = "always"; + }; + }; - - alert: grafanaServiceUp - expr: process_up{job="process_exporter",name="grafana"} == 1 - for: 1m - labels: - severity: info - annotations: - summary: "Processus grafana rétabli" - description: "Le processus grafana tourne de nouveau." -''; + services.prometheus = { + enable = true; + checkConfig = false; + exporters = { + blackbox = { + enable = true; + configFile = pkgs.writeText "blackbox-exporter.yml" '' + modules: + http_2xx: + prober: http + timeout: 5s + http: + valid_http_versions: ["HTTP/1.1", "HTTP/2.0"] + valid_status_codes: [] + method: GET + no_follow_redirects: false + fail_if_not_ssl: false + ''; + }; + node.enable = true; + systemd.enable = true; + }; + scrapeConfigs = [ + { + job_name = "systemd_exporter"; + metrics_path = "/metrics"; + static_configs = [ + { + targets = [ + "127.0.0.1:9558" + ]; + } + ]; + } + { + job_name = "node_exporter"; + static_configs = [ + { + targets = [ + "127.0.0.1:9100" + ]; + } + ]; + } + { + job_name = "process_exporter"; + metrics_path = "/metrics"; + scheme = "http"; + static_configs = [ + { + targets = [ + "127.0.0.1:9256" + ]; + } + ]; + } + { + job_name = "blackbox_http_probe"; + metrics_path = "/probe"; + params = { + module = [ + "http_2xx" + ]; + }; + static_configs = [ + { + targets = [ + "https://raphael.parodi.pro" + "https://nextcloud.enium.eu" + "https://htop.enium.eu" + "https://monitor.enium.eu" + "https://ollama.enium.eu" + "http://relance-pas-stp.me:4242" + ]; + } + ]; + relabel_configs = [ + { + source_labels = [ "__address__" ]; + target_label = "__param_target"; + } + { + source_labels = [ "__param_target" ]; + target_label = "instance"; + } + { + target_label = "__address__"; + replacement = "127.0.0.1:9115"; + } + ]; + proxy_url = "http://127.0.0.1:9115"; + } + ]; + ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ]; + }; - services.nginx.virtualHosts."monitor.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:3000"; - proxyWebsockets = true; - }; - }; - }; + environment.etc."prometheus/services.rules".text = '' + groups: + - name: services + rules: + - alert: nginxServiceDown + expr: process_up{job="process_exporter",name="nginx"} == 0 + for: 1m + labels: + severity: critical + annotations: + summary: "Processus nginx arrêté" + description: "Le processus nginx ne tourne plus depuis >1m." + + - alert: nginxServiceUp + expr: process_up{job="process_exporter",name="nginx"} == 1 + for: 1m + labels: + severity: info + annotations: + summary: "Processus nginx rétabli" + description: "Le processus nginx tourne de nouveau." + + - alert: grafanaServiceDown + expr: process_up{job="process_exporter",name="grafana"} == 0 + for: 1m + labels: + severity: critical + annotations: + summary: "Processus grafana arrêté" + description: "Le processus grafana ne tourne plus depuis >1m." + + - alert: grafanaServiceUp + expr: process_up{job="process_exporter",name="grafana"} == 1 + for: 1m + labels: + severity: info + annotations: + summary: "Processus grafana rétabli" + description: "Le processus grafana tourne de nouveau." + ''; + + services.nginx.virtualHosts."monitor.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3000"; + proxyWebsockets = true; + }; + }; + }; } diff --git a/services/self_host/nextcloud.nix b/services/self_host/nextcloud.nix index b6218bc..2893a58 100644 --- a/services/self_host/nextcloud.nix +++ b/services/self_host/nextcloud.nix @@ -1,38 +1,43 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.selfhost.nextcloud; - dataDir = "/mnt/data/nextcloud"; + cfg = config.service.selfhost.nextcloud; + dataDir = "/mnt/data/nextcloud"; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - php - ]; - services = { - nextcloud = { - enable = true; - https = true; - package = pkgs.nextcloud31; - hostName = "nextcloud.enium.eu"; - datadir = "/mnt/data/nextcloud/"; - config = { - adminpassFile = "/etc/nextcloud-pass.txt"; - adminuser = "OwnedByTheEniumTeam"; - dbtype = "sqlite"; - }; - settings = { - trusted_domains = [ - "192.168.1.254" - ]; - default_phone_region = "FR"; - }; - }; - nginx.virtualHosts."nextcloud.enium.eu".enableACME = true; - nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true; - nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = '' - fastcgi_pass unix:/run/phpfpm-nextcloud.sock; - ''; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + php + ]; + services = { + nextcloud = { + enable = true; + https = true; + package = pkgs.nextcloud31; + hostName = "nextcloud.enium.eu"; + datadir = "/mnt/data/nextcloud/"; + config = { + adminpassFile = "/etc/nextcloud-pass.txt"; + adminuser = "OwnedByTheEniumTeam"; + dbtype = "sqlite"; + }; + settings = { + trusted_domains = [ + "192.168.1.254" + ]; + default_phone_region = "FR"; + }; + }; + nginx.virtualHosts."nextcloud.enium.eu".enableACME = true; + nginx.virtualHosts."nextcloud.enium.eu".forceSSL = true; + nginx.virtualHosts."nextcloud.enium.eu".locations."~ \.php$".extraConfig = '' + fastcgi_pass unix:/run/phpfpm-nextcloud.sock; + ''; + }; + }; } diff --git a/services/self_host/ollama.nix b/services/self_host/ollama.nix index dc6ca5d..e3b374e 100644 --- a/services/self_host/ollama.nix +++ b/services/self_host/ollama.nix @@ -1,31 +1,36 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.selfhost.ollama; + cfg = config.service.selfhost.ollama; in { - config = lib.mkIf cfg { - services = { - ollama = { - enable = true; - loadModels = [ - "qwen2.5:3b" - ]; - acceleration = "cuda"; - }; + config = lib.mkIf cfg { + services = { + ollama = { + enable = true; + loadModels = [ + "qwen2.5:3b" + ]; + acceleration = "cuda"; + }; - open-webui = { - enable = true; - port = 13007; - }; - nginx.virtualHosts."ollama.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:13007"; - proxyWebsockets = true; - }; - }; - }; - }; + open-webui = { + enable = true; + port = 13007; + }; + nginx.virtualHosts."ollama.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:13007"; + proxyWebsockets = true; + }; + }; + }; + }; } diff --git a/services/self_host/teamspeak.nix b/services/self_host/teamspeak.nix index aebf66f..ca74dcc 100644 --- a/services/self_host/teamspeak.nix +++ b/services/self_host/teamspeak.nix @@ -1,23 +1,28 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.selfhost.monitor; + cfg = config.service.selfhost.monitor; in { - config = lib.mkIf cfg { - services = { - teamspeak3 = { - enable = true; - }; + config = lib.mkIf cfg { + services = { + teamspeak3 = { + enable = true; + }; - nginx.virtualHosts."ts.enium.eu" = { - enableACME = true; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:9987"; - proxyWebsockets = true; - }; - }; - }; - }; + nginx.virtualHosts."ts.enium.eu" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:9987"; + proxyWebsockets = true; + }; + }; + }; + }; } diff --git a/services/web.nix b/services/web.nix index 6ad0c73..712cf85 100644 --- a/services/web.nix +++ b/services/web.nix @@ -1,35 +1,46 @@ -{ inputs, config, pkgs, lib, ... }: +{ + inputs, + config, + pkgs, + lib, + ... +}: let - portefolio = import ./web/portefolio.nix { - inherit inputs config pkgs lib; - }; - cfg = config.service.web; + portefolio = import ./web/portefolio.nix { + inherit + inputs + config + pkgs + lib + ; + }; + cfg = config.service.web; in { - imports = [ - portefolio - ]; + imports = [ + portefolio + ]; - config = { - services.nginx = { - enable = true; - recommendedGzipSettings = true; - recommendedProxySettings = true; - }; - security.acme = { - acceptTerms = true; - defaults.email = "raphael@parodi.pro"; - certs = { - "raphael.parodi.pro" = {}; - }; - }; - }; - options.service.web = { - portefolio = lib.mkOption { - type = lib.types.bool; - default = false; - description = "Enable the portefolio"; - }; - }; + config = { + services.nginx = { + enable = true; + recommendedGzipSettings = true; + recommendedProxySettings = true; + }; + security.acme = { + acceptTerms = true; + defaults.email = "raphael@parodi.pro"; + certs = { + "raphael.parodi.pro" = { }; + }; + }; + }; + options.service.web = { + portefolio = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Enable the portefolio"; + }; + }; } diff --git a/services/web/portefolio.nix b/services/web/portefolio.nix index 1e67439..a1bcda6 100644 --- a/services/web/portefolio.nix +++ b/services/web/portefolio.nix @@ -1,43 +1,48 @@ -{ config, pkgs, lib, ... }: +{ + config, + pkgs, + lib, + ... +}: let - cfg = config.service.web.portefolio; + cfg = config.service.web.portefolio; in { - config = lib.mkIf cfg { - environment.systemPackages = with pkgs; [ - nodejs - pnpm - ]; - users = { - groups.web_portefolio = { - name = "web_portefolio"; - }; - users.web_portefolio = { - description = "Utilisateur pour le bot BDE"; - group = "web_portefolio"; - home = "/opt/portefolio/"; - isSystemUser = true; - }; - }; + config = lib.mkIf cfg { + environment.systemPackages = with pkgs; [ + nodejs + pnpm + ]; + users = { + groups.web_portefolio = { + name = "web_portefolio"; + }; + users.web_portefolio = { + description = "Utilisateur pour le bot BDE"; + group = "web_portefolio"; + home = "/opt/portefolio/"; + isSystemUser = true; + }; + }; - services.nginx = { - virtualHosts."raphael.parodi.pro" = { - forceSSL = true; - enableACME = true; - locations."/" = { - root = "/opt/portefolio/dist"; - index = "index.html"; - extraConfig = '' - try_files $uri /index.html; - ''; - }; - }; - }; - security.acme = { - certs = { - "raphael.parodi.pro" = {}; - }; - }; - }; + services.nginx = { + virtualHosts."raphael.parodi.pro" = { + forceSSL = true; + enableACME = true; + locations."/" = { + root = "/opt/portefolio/dist"; + index = "index.html"; + extraConfig = '' + try_files $uri /index.html; + ''; + }; + }; + }; + security.acme = { + certs = { + "raphael.parodi.pro" = { }; + }; + }; + }; }