Review/revert later

2025-12-06 08:07:45 +00:00 · 2024-07-10 21:12:56 +00:00 · 2024-07-10 21:12:56 +00:00 · 6bb34e1c51
commit 6bb34e1c51
parent f4354da57d
13 changed files with 293 additions and 38 deletions
--- a/flake.lock
+++ b/flake.lock
@ -101,15 +101,15 @@
    "base16-vim": {
      "flake": false,
      "locked": {
-        "lastModified": 1663659192,
-        "narHash": "sha256-uJvaYYDMXvoo0fhBZUhN8WBXeJ87SRgof6GEK2efFT0=",
-        "owner": "chriskempson",
+        "lastModified": 1716150083,
+        "narHash": "sha256-ZMhnNmw34ogE5rJZrjRv5MtG3WaqKd60ds2VXvT6hEc=",
+        "owner": "tinted-theming",
        "repo": "base16-vim",
-        "rev": "3be3cd82cd31acfcab9a41bad853d9c68d30478d",
+        "rev": "6e955d704d046b0dc3e5c2d68a2a6eeffd2b5d3d",
        "type": "github"
      },
      "original": {
-        "owner": "chriskempson",
+        "owner": "tinted-theming",
        "repo": "base16-vim",
        "type": "github"
      }
@ -170,11 +170,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1717931644,
-        "narHash": "sha256-Sz8Wh9cAiD5FhL8UWvZxBfnvxETSCVZlqWSYWaCPyu0=",
+        "lastModified": 1718788307,
+        "narHash": "sha256-SqiOz0sljM0GjyQEVinPXQxaGcbOXw5OgpCWGPgh/vo=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "3d65009effd77cb0d6e7520b68b039836a7606cf",
+        "rev": "d7830d05421d0ced83a0f007900898bdcaf2a2ca",
        "type": "github"
      },
      "original": {
@ -191,11 +191,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1714981474,
-        "narHash": "sha256-b3/U21CJjCjJKmA9WqUbZGZgCvospO3ArOUTgJugkOY=",
+        "lastModified": 1715930644,
+        "narHash": "sha256-W9pyM3/vePxrffHtzlJI6lDS3seANQ+Nqp+i58O46LI=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "6ebe7be2e67be7b9b54d61ce5704f6fb466c536f",
+        "rev": "e3ad5108f54177e6520535768ddbf1e6af54b59d",
        "type": "github"
      },
      "original": {
@ -206,11 +206,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1717974879,
-        "narHash": "sha256-GTO3C88+5DX171F/gVS3Qga/hOs/eRMxPFpiHq2t+D8=",
+        "lastModified": 1718714799,
+        "narHash": "sha256-FUZpz9rg3gL8NVPKbqU8ei1VkPLsTIfAJ2fdAf5qjak=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "c7b821ba2e1e635ba5a76d299af62821cbcb09f3",
+        "rev": "c00d587b1a1afbf200b1d8f0b0e4ba9deb1c7f0e",
        "type": "github"
      },
      "original": {
@ -258,11 +258,11 @@
        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
-        "lastModified": 1718122552,
-        "narHash": "sha256-A+dBkSwp8ssHKV/WyXb9uqIYrHBqHvtSedU24Lq9lqw=",
+        "lastModified": 1718789425,
+        "narHash": "sha256-YJvgBThIUPeywoTjnFk+F73c0l2oaAENIrz2uldqb5A=",
        "owner": "danth",
        "repo": "stylix",
-        "rev": "e59d2c1725b237c362e4a62f5722f5b268d566c7",
+        "rev": "7dcab0711bfc103a1fb05ba643ee7a3bd309fbe4",
        "type": "github"
      },
      "original": {
--- a/hosts/muon/configuration.nix
+++ b/hosts/muon/configuration.nix
@ -32,6 +32,8 @@ in {
  mods.theme.wallpaper = ./wallpaper.png;
  mods.openvpn.enable = true;
  mods.containers.steam.enable = true;
+  mods.containers.steam-test.enable = true;
+  mods.server.media.enable = true;

  services.xserver.windowManager.i3.enable = true;

@ -67,6 +69,10 @@ in {
      };
    };
  };
+
+  environment.systemPackages = with pkgs; [
+    arandr
+  ];
 
  # Backup environment
  services.xserver.windowManager.qtile.enable = true;
--- a/modules/home/desktop/media.nix
+++ b/modules/home/desktop/media.nix
@ -9,5 +9,6 @@
      pavucontrol
    ];
    programs.mpv.enable = true;
+
  };
 }
--- a/modules/home/desktop/social.nix
+++ b/modules/home/desktop/social.nix
@ -11,6 +11,9 @@

      # Video
      freetube
+
+      # Gaming
+      prismlauncher
    ];
  };
 }
--- a/modules/nixos/core/network.nix
+++ b/modules/nixos/core/network.nix
@ -14,8 +14,13 @@
  config = {
    networking.networkmanager.enable = true;
    services.tailscale.enable = true;
-    # services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
-    #   remote.config = ''config ${config.mods.openvpn.config}'';
-    # };
+
+    environment.systemPackages = with pkgs; [
+      openvpn
+    ];
+
+    services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
+      remote.config = ''config ${config.mods.openvpn.config}'';
+    };
  };
 }
--- a/modules/nixos/core/user.nix
+++ b/modules/nixos/core/user.nix
@ -7,7 +7,7 @@
  config = {
    users.users.${config.mods.user.name} = {
      isNormalUser = true;
-      extraGroups = [ "wheel" ];
+      extraGroups = [ "wheel" "docker" ];
      initialPassword = "changeme";
      shell = if config.programs.zsh.enable
        then pkgs.zsh
--- a/modules/nixos/server/containers/default.nix
+++ b/modules/nixos/server/containers/default.nix
@ -8,9 +8,15 @@

  imports = [
    ./steam.nix
+    ./steam-test.nix
  ];

  config = lib.mkIf config.mods.containers.enable {
+    virtualisation.docker.enable = true;
+    virtualisation.docker.rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
    networking.nat = {
      enable = true;
      internalInterfaces = ["ve-+"];
@ -18,6 +24,14 @@
    };
    networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];

+    # networking.firewall.allowedTCPPorts = [ 4713 6000 ];
+    # hardware.pulseaudio = {
+    #   enable = true;
+    #   systemWide = true;
+    #   support32Bit = true;
+    #   tcp = { enable = true; anonymousClients = { allowedIpRanges = ["127.0.0.1" "192.168.100.0/24"]; }; };
+    # };
+
    environment.systemPackages = with pkgs; [
      xorg.xhost
    ];
--- a/modules/nixos/server/containers/smoop.nix
+++ b/modules/nixos/server/containers/smoop.nix
@ -0,0 +1,40 @@
+{ lib, python3Packages, pkgs, config }:
+with pkgs;
+python3Packages.buildPythonApplication {
+  pname = "smoop";
+  version = "1.0";
+
+  propagatedBuildInputs = [ 
+    python3
+    python3Packages.pip
+    python3Packages.virtualenv
+    python3Packages.tkinter
+    python3Packages.xlib
+    python3Packages.pillow
+    python3Packages.python-dotenv
+    python3Packages.pyautogui
+    python3Packages.aiohttp
+    python3Packages.discordpy
+    python3Packages.opencv4
+    stdenv.cc.cc.lib
+    glib
+    libglvnd
+  ];
+
+  nativeCheckInputs = [
+    xvfb-run
+    scrot
+  ];
+  checkPhase = ''
+    xvfb-run python -c 'import smoop'
+    # The tests depend on some specific things that xvfb cant provide, like keyboard and mouse
+    # xvfb-run python -m unittest tests.test_pyautogui
+  '';
+  installCheckPhase = ''
+    xvfb-run python -c 'import smoop'
+    # The tests depend on some specific things that xvfb cant provide, like keyboard and mouse
+    # xvfb-run python -m unittest tests.test_pyautogui
+  '';
+
+  src = /home/muon/projects/smoop;
+}
--- a/modules/nixos/server/containers/steam-test.nix
+++ b/modules/nixos/server/containers/steam-test.nix
@ -0,0 +1,112 @@
+{ pkgs, lib, config, ... }: let 
+  # steam-xinit = pkgs.writeShellScriptBin "steam-xinit" ''
+  #   ${lib.getExe pkgs.steam}
+  #   # exec ${lib.getExe pkgs.xterm}
+  # '';
+  stest = pkgs.writeShellScriptBin "stest" ''
+    socat -d TCP-LISTEN:6000,fork,bind=192.168.100.10 UNIX-CONNECT:/tmp/.X11-unix/X0 &
+    xhost +
+    ssh -X steam@192.168.100.12 steam-test-serve
+  '';
+  steam-test-serve = pkgs.writeShellScriptBin "steam-test-serve" ''
+    PULSE_SERVER=tcp:192.168.100.10:4713 XAUTHORITY="/home/steam/.Xauthority" DBUS_SESSION_BUS_ADDRESS="" DISPLAY=192.168.100.10:0.0 apulse steam $@
+  '';
+in {
+  options.mods.containers.steam-test = {
+    enable = lib.mkEnableOption {
+      default = false;
+      description = "enables steam container";
+    };
+  };
+
+
+  config = lib.mkIf config.mods.containers.steam-test.enable {
+    mods.containers.enable = true;
+    # services.xserver.displayManager.xpra.enable = true;
+    environment.systemPackages = with pkgs; [
+      socat
+      stest
+    ];
+
+    containers.stest = {
+      privateNetwork = true;
+      hostAddress = "192.168.100.10";
+      localAddress = "192.168.100.12";
+
+      bindMounts = {
+        # "/home/steam/.steam/steam/steamapps/common/SMITE" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/common/SMITE";
+        #   isReadOnly = true;
+        # };
+        # "/home/steam/.steam/steam/steamapps/shadercache/386360" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/shadercache/386360";
+        #   isReadOnly = true;
+        # };
+        # "/home/steam/.steam/steam/steamapps/appmanifest_386360.acf" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/appmanifest_386360.acf";
+        #   isReadOnly = true;
+        # };
+        # "/home/steam/.steam/steam/steamapps/compatdata/386360/pfx/drive_c/users/steamuser/My Documents/My Games" = {
+        #   hostPath = "/home/muon/documents/My Games";
+        #   isReadOnly = false;
+        # };
+        # "/home/steam/.steam/steam/steamapps/appmanifest_386360.acf" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/appmanifest_386360.acf";
+        #   isReadOnly = true;
+        # };
+      };
+
+      config = { config, pkgs, lib, ... }: {
+        nixpkgs.config.allowUnfreePredicate = pkg:
+          builtins.elem (lib.getName pkg) [
+            "steam"
+            "steam-original"
+            "steam-run"
+          ];
+
+
+        programs.steam = {
+          enable = true;
+          remotePlay.openFirewall = true;
+        };
+
+        environment.systemPackages = with pkgs; [
+          xterm
+          glxinfo
+          wget
+          bottles
+          apulse
+
+          steam-test-serve
+
+          # xpra
+          # steam-xinit
+          # xorg.xinit
+        ];
+
+        # services.xserver.enable = true;
+
+        hardware.opengl = {
+          enable = true;
+          driSupport = true;
+          driSupport32Bit = true;
+        };
+
+        # programs.ssh.forwardX11 = true;
+        services.openssh = {
+          enable = true;
+          # settings.X11Forwarding = true;
+        };
+
+        users.users.steam = {
+          isNormalUser = true;
+          extraGroups = [ "wheel" "audio" "video" ];
+          openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKEio+Y5wBVD1wILaH2R3wV10FvVjiqy/4gGBWHOITTB muon@muon" ];
+          initialPassword = "changeme";
+        };
+
+        system.stateVersion = "23.11";
+      };
+    };
+  };
+}
--- a/modules/nixos/server/containers/steam.nix
+++ b/modules/nixos/server/containers/steam.nix
@ -1,4 +1,13 @@
-{ pkgs, lib, config, ... }: {
+{ pkgs, lib, config, ... }: let 
+  # smoop = pkgs.callPackage ./smoop.nix {};
+
+  steam-xinit = pkgs.writeShellScriptBin "steam-xinit" ''
+    ${lib.getExe pkgs.steam} &       
+    exec ${lib.getExe pkgs.openbox} &
+    exec ${lib.getExe pkgs.xterm}
+  '';
+
+in {
  options.mods.containers.steam = {
    enable = lib.mkEnableOption {
      default = false;
@ -9,12 +18,6 @@
  config = lib.mkIf config.mods.containers.steam.enable {
    mods.containers.enable = true;

-    environment.systemPackages = with pkgs; [
-      x2goclient
-      guacamole-client
-      remmina
-    ];
-
    containers.steam = {
      privateNetwork = true;
      hostAddress = "192.168.100.10";
@ -33,6 +36,10 @@
          hostPath = "/mnt/bulk/SteamLibrary/steamapps/appmanifest_386360.acf";
          isReadOnly = true;
        };
+        "/home/steam/smoop" = {
+          hostPath = "/home/muon/projects/smoop";
+          isReadOnly = true;
+        };
      };

      config = { config, pkgs, lib, ... }: {
@ -49,21 +56,66 @@
          remotePlay.openFirewall = true;
        };

+        programs.direnv = {
+          enable = true;
+          nix-direnv.enable = true;
+        };
+
        environment.systemPackages = with pkgs; [
          xterm
          glxinfo
-          guacamole-server
          wget
          bottles
+
+          openbox
+          steam-xinit
+          # smoop
+          novnc
+          tigervnc
+          xorg.xinit
+
+          
+          python3
+          python3Packages.pip
+          python3Packages.virtualenv
+          python3Packages.tkinter
+          python3Packages.xlib
+          python3Packages.pillow
+          python3Packages.python-dotenv
+          python3Packages.pyautogui
+          python3Packages.aiohttp
+          python3Packages.discordpy
+          python3Packages.opencv4
+          stdenv.cc.cc.lib
+          glib
+          libglvnd
        ];

-        services.xserver.enable = true;
-        services.xserver.displayManager.sddm.enable = true;
-        services.xserver.desktopManager.plasma5.enable = true;
+        environment.sessionVariables = rec {
+          LD_LIBRARY_PATH = 
+            "${pkgs.lib.makeLibraryPath config.environment.systemPackages}:\
+            ${pkgs.stdenv.cc.cc.lib.outPath}/lib:$LD_LIBRARY_PATH";
+        };

-        services.xrdp.enable = true;
-        services.xrdp.defaultWindowManager = "startplasma-x11";
-        services.xrdp.openFirewall = true;
+        services.xserver.enable = true;
+
+        networking.firewall.allowedTCPPorts = [ 6080 ];
+        systemd.services.tiger-vnc = {
+          wantedBy = [ "multi-user.target" ];
+          serviceConfig = {
+            ExecStart = ''${pkgs.xorg.xinit}/bin/xinit ${steam-xinit}/bin/steam-xinit -- ${pkgs.tigervnc}/bin/Xvnc :1 SecurityTypes=None'';
+            User = "steam";
+          };
+        };
+ 
+        systemd.services.no-vnc = {
+          wantedBy = [ "multi-user.target" ];
+          path = [ pkgs.ps pkgs.hostname ];
+          serviceConfig = {
+            ExecStart = ''${pkgs.novnc}/bin/novnc --vnc localhost:5901'';
+            User = "steam";
+          };
+        };

        hardware.opengl = {
          enable = true;
@ -71,11 +123,10 @@
          driSupport32Bit = true;
        };

-        services.x2goserver.enable = true;
-        programs.ssh.forwardX11 = true;
+        # programs.ssh.forwardX11 = true;
        services.openssh = {
          enable = true;
-          settings.X11Forwarding = true;
+          # settings.X11Forwarding = true;
        };

        users.users.steam = {
--- a/modules/nixos/server/default.nix
+++ b/modules/nixos/server/default.nix
@ -1,5 +1,7 @@
 { pkgs, lib, ... }: {
  imports = [
    ./containers
+
+    ./media.nix
  ];
 }
--- a/modules/nixos/server/media.nix
+++ b/modules/nixos/server/media.nix
@ -0,0 +1,17 @@
+{ pkgs, lib, config, ... }: {
+  options.mods.server.media = {
+    enable = lib.mkEnableOption {
+      default = false;
+      description = "enables media related servers";
+    };
+  };
+
+
+  config = lib.mkIf config.mods.server.media.enable {
+    services.jellyfin = {
+      enable = true;
+      openFirewall = true;
+      user="${config.mods.user.name}";
+    };
+  };
+}
--- a/modules/nixos/unfree/steam.nix
+++ b/modules/nixos/unfree/steam.nix
@ -20,5 +20,9 @@
      enable = true;
      remotePlay.openFirewall = true;
    };
+
+    services.flatpak.enable = true;
+    xdg.portal.enable = true;
+    xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
  };
 }