diff --git a/flake.lock b/flake.lock index 703ca5b..7e64f6d 100644 --- a/flake.lock +++ b/flake.lock @@ -171,11 +171,11 @@ ] }, "locked": { - "lastModified": 1689134369, - "narHash": "sha256-0G9dutIvhS/WUr3Awcnqw71g8EVVvvkOhVDnDDbY4Fw=", + "lastModified": 1689362769, + "narHash": "sha256-5V7Z7T9019pGsFnYH6va5h6Wveq8FKmXa/xLfj0DhNI=", "owner": "nix-community", "repo": "home-manager", - "rev": "e42fb59768f0305085abde0dd27ab5e0cc15420c", + "rev": "c1cdce3d89741d402d8fd2c93e3d2643ff85b053", "type": "github" }, "original": { @@ -287,11 +287,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1689060619, + "lastModified": 1689320556, "narHash": "sha256-vODUkZLWFVCvo1KPK3dC2CbXjxa9antEn5ozwlcTr48=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "44bc025007e5fcc10dbc3d9f96dcbf06fc0e8c1c", + "rev": "d4ea64f2063820120c05f6ba93ee02e6d4671d6b", "type": "github" }, "original": { @@ -301,11 +301,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1689098530, - "narHash": "sha256-fxc/9f20wRyo/5ydkmZkX/Sh/ULa7RcT8h+cUv8p/44=", + "lastModified": 1689282004, + "narHash": "sha256-VNhuyb10c9SV+3hZOlxwJwzEGytZ31gN9w4nPCnNvdI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f2406198ea0e4e37d4380d0e20336c575b8f8ef9", + "rev": "e74e68449c385db82de3170288a28cd0f608544f", "type": "github" }, "original": { @@ -347,11 +347,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1688868408, - "narHash": "sha256-RR9N5XTAxSBhK8MCvLq9uxfdkd7etC//seVXldy0k48=", + "lastModified": 1689398528, + "narHash": "sha256-qVn/doWn20axR+KvmAAGexv0A5RVzcBbd5HfNMAMeVI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "510d721ce097150ae3b80f84b04b13b039186571", + "rev": "3dc2bc15956db2ff2316af45eefd45803fc1372b", "type": "github" }, "original": { @@ -460,11 +460,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1689149796, - "narHash": "sha256-3FCUdayBHcxk6BZOxEIfa5UxbXNQzTc/VlN7ociI2Dw=", + "lastModified": 1689405598, + "narHash": "sha256-80fuO3FiXgJmUDQgB7sc2lq8Qe/oSkqDNwx9N/fCtBs=", "owner": "Mic92", "repo": "sops-nix", - "rev": "88b964df6981e4844c07be8c192aa6bdca768a10", + "rev": "cfe47aff8660fd760b1db89613a3205c2c4ba7b6", "type": "github" }, "original": { diff --git a/hosts/nuc/default.nix b/hosts/nuc/default.nix index aa2a3e8..f408ebd 100644 --- a/hosts/nuc/default.nix +++ b/hosts/nuc/default.nix @@ -10,6 +10,7 @@ ./modules/backup ./modules/hydra ./modules/nextcloud + ./modules/uptime-kuma ./modules/vaultwarden ./modules/nginx ]; diff --git a/hosts/nuc/modules/uptime-kuma/default.nix b/hosts/nuc/modules/uptime-kuma/default.nix new file mode 100644 index 0000000..06c476f --- /dev/null +++ b/hosts/nuc/modules/uptime-kuma/default.nix @@ -0,0 +1,18 @@ +{ ... }: +let + domain = "monitoring.rfive.de"; +in +{ + services.uptime-kuma = { + enable = true; + }; + services.nginx.virtualHosts."${domain}" = { + enableACME = true; + forceSSL = true; + locations."/" = { + proxyPass = "http://127.0.0.1:3001"; + proxyWebsockets = true; + }; + }; + +} diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index 6157d23..4a288a5 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -22,6 +22,11 @@ pkiBundle = "/etc/secureboot"; configurationLimit = 10; }; + extraModulePackages = [ + config.boot.kernelPackages.v4l2loopback.out + ]; + + loader.systemd-boot.editor = false; loader.efi.canTouchEfiVariables = true; kernelPackages = pkgs.linuxPackages_latest; diff --git a/hosts/thinkpad/modules/virtualisation/default.nix b/hosts/thinkpad/modules/virtualisation/default.nix index b4a5eae..5151407 100644 --- a/hosts/thinkpad/modules/virtualisation/default.nix +++ b/hosts/thinkpad/modules/virtualisation/default.nix @@ -1,57 +1,57 @@ { config, lib, pkgs, ... }: # Virtualisation with gpu passthrough # Following https://astrid.tech/2022/09/22/0/nixos-gpu-vfio/ -let - gpuHook = pkgs.writeShellScript "gpuhook.sh" '' - export PATH=$PATH:${lib.makeBinPath [pkgs.pciutils pkgs.kmod pkgs.psmisc pkgs.systemd pkgs.coreutils]} - gpu_domains=( - win11 - ) - function gpu_begin { - set -x - device=$(lspci -nnD | grep "VGA compatible controller" | grep Intel) - # Stop display manager - systemctl stop greetd.service - # Unbind vtconsole - for i in /sys/class/vtconsole/*/bind; do - echo 0 > "$i" - done - # Kill pulseaudio - killall pipewire - killall pipewire-pulse - # Unbind GPU - echo "$device" | cut -d' ' -f1 > /sys/module/i915/drivers/pci:i915/unbind - # Unload modules - rmmod snd_hda_intel - rmmod i915 - # Load vfio - modprobe vfio-pci ids="$(echo "$device" | grep -o 8086:....)" - } - function gpu_end { - set -x - # Unload vfio - rmmod vfio_pci - # Load modules - modprobe snd_hda_intel - modprobe i915 - # Rebind vtconsole - for i in /sys/class/vtconsole/*/bind; do - echo 1 > "$i" - done - # Start display manager - systemctl start greetd.service - } - # Run only for gpu_domains - for d in "''${gpu_domains[@]}"; do - [ "$d" = "$1" ] && gpu_domain=true - done - if [ "$gpu_domain" = true ]; then - [ "$2" = prepare ] && [ "$3" = begin ] && gpu_begin - [ "$2" = release ] && [ "$3" = end ] && gpu_end - fi - true - ''; -in +# let +# gpuHook = pkgs.writeShellScript "gpuhook.sh" '' +# export PATH=$PATH:${lib.makeBinPath [pkgs.pciutils pkgs.kmod pkgs.psmisc pkgs.systemd pkgs.coreutils]} +# gpu_domains=( +# win11 +# ) +# function gpu_begin { +# set -x +# device=$(lspci -nnD | grep "VGA compatible controller" | grep Intel) +# # Stop display manager +# systemctl stop greetd.service +# # Unbind vtconsole +# for i in /sys/class/vtconsole/*/bind; do +# echo 0 > "$i" +# done +# # Kill pulseaudio +# killall pipewire +# killall pipewire-pulse +# # Unbind GPU +# echo "$device" | cut -d' ' -f1 > /sys/module/i915/drivers/pci:i915/unbind +# # Unload modules +# rmmod snd_hda_intel +# rmmod i915 +# # Load vfio +# modprobe vfio-pci ids="$(echo "$device" | grep -o 8086:....)" +# } +# function gpu_end { +# set -x +# # Unload vfio +# rmmod vfio_pci +# # Load modules +# modprobe snd_hda_intel +# modprobe i915 +# # Rebind vtconsole +# for i in /sys/class/vtconsole/*/bind; do +# echo 1 > "$i" +# done +# # Start display manager +# systemctl start greetd.service +# } +# # Run only for gpu_domains +# for d in "''${gpu_domains[@]}"; do +# [ "$d" = "$1" ] && gpu_domain=true +# done +# if [ "$gpu_domain" = true ]; then +# [ "$2" = prepare ] && [ "$3" = begin ] && gpu_begin +# [ "$2" = release ] && [ "$3" = end ] && gpu_end +# fi +# true +# ''; +# in { boot.kernelParams = [ "intel_iommu=on" ]; @@ -74,16 +74,16 @@ in environment.systemPackages = with pkgs; [ virt-viewer ]; - systemd.services.libvirtd.preStart = - '' - mkdir -p /var/lib/libvirt/hooks - chmod 755 /var/lib/libvirt/hooks + # systemd.services.libvirtd.preStart = + # '' + # mkdir -p /var/lib/libvirt/hooks + # chmod 755 /var/lib/libvirt/hooks - # Copy hook files - cp -f ${gpuHook} /var/lib/libvirt/hooks/qemu + # # Copy hook files + # cp -f ${gpuHook} /var/lib/libvirt/hooks/qemu - # Make them executable - chmod +x /var/lib/libvirt/hooks/qemu - ''; + # # Make them executable + # chmod +x /var/lib/libvirt/hooks/qemu + # ''; }