mirror of
https://codeberg.org/ultra/nixos-dotfiles.git
synced 2024-11-22 13:53:09 +02:00
mentally draining stuff
Signed-off-by: Alex Stan <alex.stan.2010@proton.me>
This commit is contained in:
parent
01cbffc482
commit
eb5f9fc1c7
13 changed files with 388 additions and 23 deletions
4
.gitignore
vendored
4
.gitignore
vendored
|
@ -1,2 +1,6 @@
|
|||
result
|
||||
hosts/titan/services/lemmy_credentials.txt
|
||||
hosts/titan/services/Sharkey/.config/*
|
||||
hosts/titan/services/Sharkey/files
|
||||
hosts/titan/services/Sharkey/db
|
||||
hosts/titan/services/Sharkey/redis
|
||||
|
|
|
@ -83,11 +83,11 @@
|
|||
}
|
||||
];
|
||||
};
|
||||
ultrapi = nixpkgs.lib.nixosSystem {
|
||||
hypnos = nixpkgs.lib.nixosSystem {
|
||||
system = "aarch64-linux";
|
||||
specialArgs = { inherit inputs; };
|
||||
modules = [
|
||||
./hosts/ultrapi/configuration.nix
|
||||
./hosts/hypnos/configuration.nix
|
||||
{
|
||||
environment.etc."nix/inputs/nixpkgs".source = nixpkgs.outPath;
|
||||
nix.nixPath = [ "nixpkgs=/etc/nix/inputs/nixpkgs" ];
|
||||
|
|
105
hosts/hypnos/configuration.nix
Normal file
105
hosts/hypnos/configuration.nix
Normal file
|
@ -0,0 +1,105 @@
|
|||
|
||||
{ config, pkgs, lib, inputs, ... }:
|
||||
|
||||
let
|
||||
user = "graphite";
|
||||
hashedPassword = "$6$OBjnSQhhJgHsr5LE$jFtUz.2qv0l2viv86exXmfHWC0fDFXKD3rqH41NmqgkdoBrwY2rPkDBCPjdq7PSoeudYcQ0nXxJvh1N7EIUs90";
|
||||
hostname = "hypnos";
|
||||
|
||||
helix = inputs.helix.packages.${pkgs.system}.default;
|
||||
|
||||
|
||||
/*
|
||||
nixosHardware = pkgs.fetchFromGitHub {
|
||||
owner = "NixOS";
|
||||
repo = "nixos-hardware";
|
||||
rev = "51559e691f1493a26f94f1df1aaf516bb507e78b";
|
||||
sha256 = "0spswivyk006h5xr0a0yhr7wr9fh0kg7cfyxqmk521svf3x1pnr8";
|
||||
};
|
||||
*/
|
||||
in {
|
||||
|
||||
# imports = ["${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/936e4649098d6a5e0762058cb7687be1b2d90550.tar.gz" }/raspberry-pi/4"];
|
||||
|
||||
imports = [
|
||||
# "${nixosHardware}/raspberry-pi/4"
|
||||
./hardware-configuration.nix
|
||||
"${inputs.nixos-hardware}/raspberry-pi/4"
|
||||
];
|
||||
boot.loader.grub.enable = false;
|
||||
boot.loader.generic-extlinux-compatible.enable = true;
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-label/NIXOS_SD";
|
||||
fsType = "ext4";
|
||||
options = [ "noatime" ];
|
||||
};
|
||||
};
|
||||
|
||||
networking = {
|
||||
hostName = hostname;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
helix
|
||||
docker
|
||||
git
|
||||
];
|
||||
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
};
|
||||
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
users."${user}" = {
|
||||
isNormalUser = true;
|
||||
hashedPassword = "${hashedPassword}";
|
||||
extraGroups = [ "wheel" ];
|
||||
};
|
||||
};
|
||||
|
||||
# Enable GPU acceleration
|
||||
hardware.raspberry-pi."4".fkms-3d.enable = true;
|
||||
|
||||
services.xserver = {
|
||||
enable = false;
|
||||
};
|
||||
|
||||
virtualisation = {
|
||||
docker = {
|
||||
enable = true;
|
||||
enableOnBoot = true;
|
||||
rootless = {
|
||||
enable = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
security = {
|
||||
sudo = {
|
||||
extraConfig = ''
|
||||
Defaults insults,pwfeedback
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
};
|
||||
hostPlatform = "aarch64-linux";
|
||||
buildPlatform.system = "x86_64-linux";
|
||||
};
|
||||
|
||||
system = {
|
||||
stateVersion = "24.05"; # Do NOT change.
|
||||
};
|
||||
|
||||
networking = {
|
||||
nameservers = [ "8.8.8.8" ];
|
||||
};
|
||||
}
|
32
hosts/hypnos/hardware-configuration.nix
Normal file
32
hosts/hypnos/hardware-configuration.nix
Normal file
|
@ -0,0 +1,32 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-label/NIXOS_SD";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.end0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
|
||||
}
|
|
@ -4,7 +4,7 @@
|
|||
|
||||
inputs: { config, pkgs, lib, ... }:
|
||||
let
|
||||
nix-software-center = inputs.nix-software-center.packages.${pkgs.system}.nix-software-center;
|
||||
# nix-software-center = inputs.nix-software-center.packages.${pkgs.system}.nix-software-center;
|
||||
# doom-emacs = inputs.nix-doom-emacs.packages.${pkgs.system}.default;
|
||||
nh = inputs.nix-but-gigachad.packages.${pkgs.system}.default;
|
||||
in {
|
||||
|
@ -17,6 +17,8 @@ in {
|
|||
( import ./services/cloud.nix inputs )
|
||||
( import ./services/vaultwarden.nix inputs )
|
||||
( import ./services/matrix.nix inputs )
|
||||
# ( import ./services/office.nix inputs )
|
||||
# ( import ./services/Sharkey inputs )
|
||||
# ( import ./services/caddy.nix inputs ) # doesn't work
|
||||
# ( import ./services/dnsmasq.nix inputs ) # borks my DNS
|
||||
# ( import ./services/mail-server.nix inputs ) # needs a lot of DNS configs from cloudflaer, I only have 3 rules
|
||||
|
@ -68,13 +70,16 @@ in {
|
|||
# Enable networking
|
||||
networkmanager.enable = true;
|
||||
|
||||
# hosts = {
|
||||
hosts = {
|
||||
# "192.168.0.221" = [ "pi" "pi-master" ];
|
||||
# };
|
||||
|
||||
# nameservers = [
|
||||
# "192.168.1.221"
|
||||
# ];
|
||||
"65.108.48.233" = [ "queer.af" ];
|
||||
};
|
||||
/*
|
||||
nameservers = [
|
||||
"8.8.8.8"
|
||||
"94.16.114.254"
|
||||
];
|
||||
*/
|
||||
};
|
||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
|
||||
|
@ -176,6 +181,8 @@ in {
|
|||
sddm-kcm
|
||||
wooting-udev-rules
|
||||
wootility
|
||||
docker-compose
|
||||
qflipper
|
||||
];
|
||||
variables = {
|
||||
NIX_AUTO_RUN = "!";
|
||||
|
@ -381,6 +388,19 @@ hardware = {
|
|||
|
||||
wooting.enable = true;
|
||||
xpadneo.enable = true;
|
||||
flipperzero.enable = true;
|
||||
};
|
||||
|
||||
security = {
|
||||
pam = {
|
||||
loginLimits = [
|
||||
{
|
||||
domain = "*";
|
||||
item = "nproc";
|
||||
type = "soft";
|
||||
value = "10000";
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -9,10 +9,10 @@ inputs: { config, pkgs, lib, ... }: {
|
|||
};
|
||||
|
||||
nvidia = {
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
package = config.boot.kernelPackages.nvidiaPackages.latest;
|
||||
modesetting.enable = true;
|
||||
powerManagement.enable = true;
|
||||
open = true;
|
||||
#open = true;
|
||||
nvidiaSettings = true;
|
||||
};
|
||||
};
|
||||
|
|
59
hosts/titan/services/Sharkey/default.nix
Normal file
59
hosts/titan/services/Sharkey/default.nix
Normal file
|
@ -0,0 +1,59 @@
|
|||
inputs: { lib, pkgs ? import <nixpkgs>, ... }:
|
||||
let
|
||||
storeDirectory = dir:
|
||||
let
|
||||
dirName = builtins.baseNameOf dir;
|
||||
drv = derivation {
|
||||
name = dirName;
|
||||
src = dir;
|
||||
builder = pkgs.writeShellScript "builder.sh" ''
|
||||
${pkgs.coreutils}/bin/mkdir -p $out/${dirName}
|
||||
${pkgs.coreutils}/bin/cp -rf $src/* $out/${dirName}
|
||||
${pkgs.coreutils}/bin/cp -rf $src/.* $out/${dirName}
|
||||
'';
|
||||
system = pkgs.system;
|
||||
};
|
||||
in
|
||||
"${drv}/${dirName}";
|
||||
# nixos oci-containers fucking suck, so we just do a one-shot
|
||||
# systemd service that invokes docker-compose
|
||||
#
|
||||
# not very reproducible nor declarative, but compatible with pretty much
|
||||
# anything, which is (imo) more important for a home server
|
||||
mkDockerComposeContainer =
|
||||
{ directory
|
||||
, name ? builtins.baseNameOf directory
|
||||
, autoStart ? true
|
||||
, extraConfig ? { }
|
||||
, env ? { }
|
||||
, envFiles ? [ ]
|
||||
, extraFlags ? [ ]
|
||||
}:
|
||||
let
|
||||
# referencing the file directly would make the service dependant
|
||||
# on the entire flake, resulting in the container being restarted
|
||||
# every time we change anything at all
|
||||
storeDir = storeDirectory directory;
|
||||
|
||||
cmdline = [
|
||||
"--build"
|
||||
"--remove-orphans"
|
||||
] ++ map (env: "--env-file ${env}") envFiles
|
||||
++ map (name: "-e ${name}=${lib.escapeShellArg env.${name}}") (builtins.attrNames env)
|
||||
++ extraFlags;
|
||||
in
|
||||
{
|
||||
systemd.services."docker-compose-${name}" = {
|
||||
wantedBy = if autoStart then [ "multi-user.target" ] else [ ];
|
||||
after = [ "docker.service" "docker.socket" ];
|
||||
serviceConfig = {
|
||||
WorkingDirectory = storeDir;
|
||||
ExecStart = "${pkgs.docker}/bin/docker compose up ${builtins.concatStringsSep " " cmdline}";
|
||||
ExecStopPost = "${pkgs.docker}/bin/docker compose down";
|
||||
} // (extraConfig.serviceConfig or { });
|
||||
} // (builtins.removeAttrs extraConfig [ "serviceConfig" ]);
|
||||
};
|
||||
in
|
||||
mkDockerComposeContainer {
|
||||
directory = ./.;
|
||||
}
|
83
hosts/titan/services/Sharkey/docker-compose.yml
Normal file
83
hosts/titan/services/Sharkey/docker-compose.yml
Normal file
|
@ -0,0 +1,83 @@
|
|||
version: "3"
|
||||
|
||||
services:
|
||||
web:
|
||||
# replace image below with git.joinsharkey.org/sharkey/sharkey:stable on next release
|
||||
# image: git.joinsharkey.org/sharkey/sharkey:latest # - VULNERABLE
|
||||
image: registry.activitypub.software/transfem-org/sharkey:develop
|
||||
# image: ghcr.io/transfem-org/sharkey:stable
|
||||
# build: .
|
||||
restart: always
|
||||
# links:
|
||||
# - db
|
||||
# - redis
|
||||
# - meilisearch
|
||||
depends_on:
|
||||
db:
|
||||
condition: service_healthy
|
||||
redis:
|
||||
condition: service_healthy
|
||||
ports:
|
||||
- "3006:3006"
|
||||
networks:
|
||||
- shonk
|
||||
volumes:
|
||||
- ./files:/sharkey/files
|
||||
- ./.config:/sharkey/.config:ro
|
||||
extra_hosts:
|
||||
- "queer.af:65.108.48.233"
|
||||
|
||||
redis:
|
||||
restart: always
|
||||
image: redis:7-alpine
|
||||
networks:
|
||||
- shonk
|
||||
volumes:
|
||||
- ./redis:/data
|
||||
healthcheck:
|
||||
test: "redis-cli ping"
|
||||
interval: 5s
|
||||
retries: 20
|
||||
|
||||
db:
|
||||
restart: always
|
||||
image: postgres:15-alpine
|
||||
command: >-
|
||||
-c max_connections=200
|
||||
-c shared_buffers=512MB
|
||||
-c effective_cache_size=1536MB
|
||||
-c maintenance_work_mem=128MB
|
||||
-c checkpoint_completion_target=0.9
|
||||
-c wal_buffers=16MB
|
||||
-c default_statistics_target=100
|
||||
-c random_page_cost=1.1
|
||||
-c effective_io_concurrency=200
|
||||
-c work_mem=1310kB
|
||||
-c huge_pages=off
|
||||
-c min_wal_size=1GB
|
||||
-c max_wal_size=4GB
|
||||
networks:
|
||||
- shonk
|
||||
env_file:
|
||||
- .config/docker.env
|
||||
volumes:
|
||||
- ./db:/var/lib/postgresql/data
|
||||
healthcheck:
|
||||
test: "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"
|
||||
interval: 5s
|
||||
retries: 20
|
||||
|
||||
# meilisearch:
|
||||
# restart: always
|
||||
# image: getmeili/meilisearch:v1.3.4
|
||||
# environment:
|
||||
# - MEILI_NO_ANALYTICS=true
|
||||
# - MEILI_ENV=production
|
||||
# networks:
|
||||
# - shonk
|
||||
# volumes:
|
||||
# - ./meili_data:/meili_data
|
||||
|
||||
|
||||
networks:
|
||||
shonk:
|
BIN
hosts/titan/services/Sharkey/static/crumb-cat.gif
Normal file
BIN
hosts/titan/services/Sharkey/static/crumb-cat.gif
Normal file
Binary file not shown.
After Width: | Height: | Size: 1.5 MiB |
|
@ -11,7 +11,7 @@ inputs: { pkgs, config, ... }: {
|
|||
overwriteProtocol = "https";
|
||||
};
|
||||
extraApps = with config.services.nextcloud.package.packages.apps; {
|
||||
inherit news files_markdown files_texteditor forms maps memories music onlyoffice polls calendar tasks;
|
||||
inherit news files_markdown files_texteditor forms maps memories music onlyoffice polls calendar tasks contacts;
|
||||
};
|
||||
/*
|
||||
extraOptions = {
|
||||
|
|
8
hosts/titan/services/office.nix
Normal file
8
hosts/titan/services/office.nix
Normal file
|
@ -0,0 +1,8 @@
|
|||
inputs: { ... }: {
|
||||
services.onlyoffice = {
|
||||
enable = true;
|
||||
hostname = "localhost";
|
||||
port = 3005;
|
||||
};
|
||||
services.nginx.virtualHosts."localhost".listen = [ { addr = "127.0.0.1"; port = 3005; } ];
|
||||
}
|
53
llama.log
Normal file
53
llama.log
Normal file
|
@ -0,0 +1,53 @@
|
|||
[1706516367]
|
||||
llama server listening at http://127.0.0.1:62322
|
||||
|
||||
[1706516367] warming up the model with an empty run
|
||||
[1706516367] Available slots:
|
||||
[1706516367] -> Slot 0 - max context: 2048
|
||||
[1706516367] all slots are idle and system prompt is empty, clear the KV cache
|
||||
[1706516368] slot 0 is processing [task id: 0]
|
||||
[1706516368] slot 0 : kv cache rm - [0, end)
|
||||
[1706516384] sampled token: 3492: 'You'
|
||||
[1706516384] sampled token: 526: ' are'
|
||||
[1706516384] sampled token: 263: ' a'
|
||||
[1706516384] sampled token: 8444: ' helpful'
|
||||
[1706516384] sampled token: 319: ' A'
|
||||
[1706516384] sampled token: 29902: 'I'
|
||||
[1706516384] sampled token: 20255: ' assistant'
|
||||
[1706516384] sampled token: 29991: '!'
|
||||
[1706516384] sampled token: 306: ' I'
|
||||
[1706516384] sampled token: 626: ' am'
|
||||
[1706516384] sampled token: 2307: ' already'
|
||||
[1706516385] sampled token: 2734: ' running'
|
||||
[1706516385] sampled token: 373: ' on'
|
||||
[1706516385] sampled token: 596: ' your'
|
||||
[1706516385] sampled token: 3271: ' home'
|
||||
[1706516385] sampled token: 9609: ' PC'
|
||||
[1706516385] sampled token: 29889: '.'
|
||||
[1706516385] sampled token: 887: ' You'
|
||||
[1706516385] sampled token: 508: ' can'
|
||||
[1706516385] sampled token: 1423: ' check'
|
||||
[1706516385] sampled token: 590: ' my'
|
||||
[1706516385] sampled token: 4660: ' status'
|
||||
[1706516385] sampled token: 491: ' by'
|
||||
[1706516385] sampled token: 19229: ' typing'
|
||||
[1706516385] sampled token: 376: ' "'
|
||||
[1706516385] sampled token: 1004: 'me'
|
||||
[1706516385] sampled token: 29908: '"'
|
||||
[1706516385] sampled token: 472: ' at'
|
||||
[1706516385] sampled token: 278: ' the'
|
||||
[1706516385] sampled token: 9508: ' prompt'
|
||||
[1706516385] sampled token: 470: ' or'
|
||||
[1706516385] sampled token: 3763: ' simply'
|
||||
[1706516385] sampled token: 6721: ' asking'
|
||||
[1706516385] sampled token: 363: ' for'
|
||||
[1706516385] sampled token: 372: ' it'
|
||||
[1706516385] sampled token: 297: ' in'
|
||||
[1706516385] sampled token: 13563: ' chat'
|
||||
[1706516385] sampled token: 29889: '.'
|
||||
[1706516385] sampled token: 2: ''
|
||||
[1706516385]
|
||||
[1706516385] print_timings: prompt eval time = 16766.02 ms / 598 tokens ( 28.04 ms per token, 35.67 tokens per second)
|
||||
[1706516385] print_timings: eval time = 718.30 ms / 39 runs ( 18.42 ms per token, 54.29 tokens per second)
|
||||
[1706516385] print_timings: total time = 17484.32 ms
|
||||
[1706516385] slot 0 released (637 tokens in cache)
|
|
@ -187,6 +187,7 @@ in {
|
|||
ktailctl
|
||||
caddy
|
||||
floorp
|
||||
mpris-scrobbler
|
||||
];
|
||||
};
|
||||
|
||||
|
|
Loading…
Reference in a new issue