Review/revert later

modules/nixos/core/network.nix

@@ -14,8 +14,13 @@
   config = {
     networking.networkmanager.enable = true;
     services.tailscale.enable = true;
-    # services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
-    #   remote.config = ''config ${config.mods.openvpn.config}'';
-    # };
+
+    environment.systemPackages = with pkgs; [
+      openvpn
+    ];
+
+    services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
+      remote.config = ''config ${config.mods.openvpn.config}'';
+    };
   };
 }

modules/nixos/core/user.nix

@@ -7,7 +7,7 @@
   config = {
     users.users.${config.mods.user.name} = {
       isNormalUser = true;
-      extraGroups = [ "wheel" ];
+      extraGroups = [ "wheel" "docker" ];
       initialPassword = "changeme";
       shell = if config.programs.zsh.enable
         then pkgs.zsh

modules/nixos/server/containers/default.nix

@@ -8,9 +8,15 @@
 
   imports = [
     ./steam.nix
+    ./steam-test.nix
   ];
 
   config = lib.mkIf config.mods.containers.enable {
+    virtualisation.docker.enable = true;
+    virtualisation.docker.rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
     networking.nat = {
       enable = true;
       internalInterfaces = ["ve-+"];
@@ -18,6 +24,14 @@
     };
     networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
 
+    # networking.firewall.allowedTCPPorts = [ 4713 6000 ];
+    # hardware.pulseaudio = {
+    #   enable = true;
+    #   systemWide = true;
+    #   support32Bit = true;
+    #   tcp = { enable = true; anonymousClients = { allowedIpRanges = ["127.0.0.1" "192.168.100.0/24"]; }; };
+    # };
+
     environment.systemPackages = with pkgs; [
       xorg.xhost
     ];

modules/nixos/server/containers/smoop.nix

@@ -0,0 +1,40 @@
+{ lib, python3Packages, pkgs, config }:
+with pkgs;
+python3Packages.buildPythonApplication {
+  pname = "smoop";
+  version = "1.0";
+
+  propagatedBuildInputs = [ 
+    python3
+    python3Packages.pip
+    python3Packages.virtualenv
+    python3Packages.tkinter
+    python3Packages.xlib
+    python3Packages.pillow
+    python3Packages.python-dotenv
+    python3Packages.pyautogui
+    python3Packages.aiohttp
+    python3Packages.discordpy
+    python3Packages.opencv4
+    stdenv.cc.cc.lib
+    glib
+    libglvnd
+  ];
+
+  nativeCheckInputs = [
+    xvfb-run
+    scrot
+  ];
+  checkPhase = ''
+    xvfb-run python -c 'import smoop'
+    # The tests depend on some specific things that xvfb cant provide, like keyboard and mouse
+    # xvfb-run python -m unittest tests.test_pyautogui
+  '';
+  installCheckPhase = ''
+    xvfb-run python -c 'import smoop'
+    # The tests depend on some specific things that xvfb cant provide, like keyboard and mouse
+    # xvfb-run python -m unittest tests.test_pyautogui
+  '';
+
+  src = /home/muon/projects/smoop;
+}

modules/nixos/server/containers/steam-test.nix

@@ -0,0 +1,112 @@
+{ pkgs, lib, config, ... }: let 
+  # steam-xinit = pkgs.writeShellScriptBin "steam-xinit" ''
+  #   ${lib.getExe pkgs.steam}
+  #   # exec ${lib.getExe pkgs.xterm}
+  # '';
+  stest = pkgs.writeShellScriptBin "stest" ''
+    socat -d TCP-LISTEN:6000,fork,bind=192.168.100.10 UNIX-CONNECT:/tmp/.X11-unix/X0 &
+    xhost +
+    ssh -X steam@192.168.100.12 steam-test-serve
+  '';
+  steam-test-serve = pkgs.writeShellScriptBin "steam-test-serve" ''
+    PULSE_SERVER=tcp:192.168.100.10:4713 XAUTHORITY="/home/steam/.Xauthority" DBUS_SESSION_BUS_ADDRESS="" DISPLAY=192.168.100.10:0.0 apulse steam $@
+  '';
+in {
+  options.mods.containers.steam-test = {
+    enable = lib.mkEnableOption {
+      default = false;
+      description = "enables steam container";
+    };
+  };
+
+
+  config = lib.mkIf config.mods.containers.steam-test.enable {
+    mods.containers.enable = true;
+    # services.xserver.displayManager.xpra.enable = true;
+    environment.systemPackages = with pkgs; [
+      socat
+      stest
+    ];
+
+    containers.stest = {
+      privateNetwork = true;
+      hostAddress = "192.168.100.10";
+      localAddress = "192.168.100.12";
+
+      bindMounts = {
+        # "/home/steam/.steam/steam/steamapps/common/SMITE" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/common/SMITE";
+        #   isReadOnly = true;
+        # };
+        # "/home/steam/.steam/steam/steamapps/shadercache/386360" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/shadercache/386360";
+        #   isReadOnly = true;
+        # };
+        # "/home/steam/.steam/steam/steamapps/appmanifest_386360.acf" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/appmanifest_386360.acf";
+        #   isReadOnly = true;
+        # };
+        # "/home/steam/.steam/steam/steamapps/compatdata/386360/pfx/drive_c/users/steamuser/My Documents/My Games" = {
+        #   hostPath = "/home/muon/documents/My Games";
+        #   isReadOnly = false;
+        # };
+        # "/home/steam/.steam/steam/steamapps/appmanifest_386360.acf" = {
+        #   hostPath = "/mnt/bulk/SteamLibrary/steamapps/appmanifest_386360.acf";
+        #   isReadOnly = true;
+        # };
+      };
+
+      config = { config, pkgs, lib, ... }: {
+        nixpkgs.config.allowUnfreePredicate = pkg:
+          builtins.elem (lib.getName pkg) [
+            "steam"
+            "steam-original"
+            "steam-run"
+          ];
+
+
+        programs.steam = {
+          enable = true;
+          remotePlay.openFirewall = true;
+        };
+
+        environment.systemPackages = with pkgs; [
+          xterm
+          glxinfo
+          wget
+          bottles
+          apulse
+
+          steam-test-serve
+
+          # xpra
+          # steam-xinit
+          # xorg.xinit
+        ];
+
+        # services.xserver.enable = true;
+
+        hardware.opengl = {
+          enable = true;
+          driSupport = true;
+          driSupport32Bit = true;
+        };
+
+        # programs.ssh.forwardX11 = true;
+        services.openssh = {
+          enable = true;
+          # settings.X11Forwarding = true;
+        };
+
+        users.users.steam = {
+          isNormalUser = true;
+          extraGroups = [ "wheel" "audio" "video" ];
+          openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKEio+Y5wBVD1wILaH2R3wV10FvVjiqy/4gGBWHOITTB muon@muon" ];
+          initialPassword = "changeme";
+        };
+
+        system.stateVersion = "23.11";
+      };
+    };
+  };
+}

modules/nixos/server/containers/steam.nix

@@ -1,4 +1,13 @@
-{ pkgs, lib, config, ... }: {
+{ pkgs, lib, config, ... }: let 
+  # smoop = pkgs.callPackage ./smoop.nix {};
+
+  steam-xinit = pkgs.writeShellScriptBin "steam-xinit" ''
+    ${lib.getExe pkgs.steam} &       
+    exec ${lib.getExe pkgs.openbox} &
+    exec ${lib.getExe pkgs.xterm}
+  '';
+
+in {
   options.mods.containers.steam = {
     enable = lib.mkEnableOption {
       default = false;
@@ -9,12 +18,6 @@
   config = lib.mkIf config.mods.containers.steam.enable {
     mods.containers.enable = true;
 
-    environment.systemPackages = with pkgs; [
-      x2goclient
-      guacamole-client
-      remmina
-    ];
-
     containers.steam = {
       privateNetwork = true;
       hostAddress = "192.168.100.10";
@@ -33,6 +36,10 @@
           hostPath = "/mnt/bulk/SteamLibrary/steamapps/appmanifest_386360.acf";
           isReadOnly = true;
         };
+        "/home/steam/smoop" = {
+          hostPath = "/home/muon/projects/smoop";
+          isReadOnly = true;
+        };
       };
 
       config = { config, pkgs, lib, ... }: {
@@ -49,21 +56,66 @@
           remotePlay.openFirewall = true;
         };
 
+        programs.direnv = {
+          enable = true;
+          nix-direnv.enable = true;
+        };
+
         environment.systemPackages = with pkgs; [
           xterm
           glxinfo
-          guacamole-server
           wget
           bottles
+
+          openbox
+          steam-xinit
+          # smoop
+          novnc
+          tigervnc
+          xorg.xinit
+
+          
+          python3
+          python3Packages.pip
+          python3Packages.virtualenv
+          python3Packages.tkinter
+          python3Packages.xlib
+          python3Packages.pillow
+          python3Packages.python-dotenv
+          python3Packages.pyautogui
+          python3Packages.aiohttp
+          python3Packages.discordpy
+          python3Packages.opencv4
+          stdenv.cc.cc.lib
+          glib
+          libglvnd
         ];
 
-        services.xserver.enable = true;
-        services.xserver.displayManager.sddm.enable = true;
-        services.xserver.desktopManager.plasma5.enable = true;
+        environment.sessionVariables = rec {
+          LD_LIBRARY_PATH = 
+            "${pkgs.lib.makeLibraryPath config.environment.systemPackages}:\
+            ${pkgs.stdenv.cc.cc.lib.outPath}/lib:$LD_LIBRARY_PATH";
+        };
 
-        services.xrdp.enable = true;
-        services.xrdp.defaultWindowManager = "startplasma-x11";
-        services.xrdp.openFirewall = true;
+        services.xserver.enable = true;
+
+        networking.firewall.allowedTCPPorts = [ 6080 ];
+        systemd.services.tiger-vnc = {
+          wantedBy = [ "multi-user.target" ];
+          serviceConfig = {
+            ExecStart = ''${pkgs.xorg.xinit}/bin/xinit ${steam-xinit}/bin/steam-xinit -- ${pkgs.tigervnc}/bin/Xvnc :1 SecurityTypes=None'';
+            User = "steam";
+          };
+        };
+ 
+        systemd.services.no-vnc = {
+          wantedBy = [ "multi-user.target" ];
+          path = [ pkgs.ps pkgs.hostname ];
+          serviceConfig = {
+            ExecStart = ''${pkgs.novnc}/bin/novnc --vnc localhost:5901'';
+            User = "steam";
+          };
+        };
 
         hardware.opengl = {
           enable = true;
@@ -71,11 +123,10 @@
           driSupport32Bit = true;
         };
 
-        services.x2goserver.enable = true;
-        programs.ssh.forwardX11 = true;
+        # programs.ssh.forwardX11 = true;
         services.openssh = {
           enable = true;
-          settings.X11Forwarding = true;
+          # settings.X11Forwarding = true;
         };
 
         users.users.steam = {

modules/nixos/server/default.nix

@@ -1,5 +1,7 @@
 { pkgs, lib, ... }: {
   imports = [
     ./containers
+
+    ./media.nix
   ];
 }

modules/nixos/server/media.nix

@@ -0,0 +1,17 @@
+{ pkgs, lib, config, ... }: {
+  options.mods.server.media = {
+    enable = lib.mkEnableOption {
+      default = false;
+      description = "enables media related servers";
+    };
+  };
+
+
+  config = lib.mkIf config.mods.server.media.enable {
+    services.jellyfin = {
+      enable = true;
+      openFirewall = true;
+      user="${config.mods.user.name}";
+    };
+  };
+}

modules/nixos/unfree/steam.nix

@@ -20,5 +20,9 @@
       enable = true;
       remotePlay.openFirewall = true;
     };
+
+    services.flatpak.enable = true;
+    xdg.portal.enable = true;
+    xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
   };
 }