From 30411c74ab97cbcddd76c503679996f2ba5a9d4d Mon Sep 17 00:00:00 2001 From: chaos Date: Tue, 3 Sep 2024 19:22:10 +0100 Subject: [PATCH] add pi & move mc server to it, fix dead by daylight easyanticheat --- data/serverIPs.nix | 8 ++ flake.lock | 18 ++-- hosts/hetzner-arm/hetzner-arm.nix | 1 - hosts/lappy-t495/lappy-t495.nix | 2 - hosts/lappy-t495/profiles/kodi.nix | 84 ------------------- .../containers/minecraft/minecraft.nix | 0 hosts/raspberry-pi5/hardware.nix | 18 +++- hosts/raspberry-pi5/profiles/kodi.nix | 54 ++++++++++++ hosts/raspberry-pi5/raspberry-pi5.nix | 36 +++++++- profiles/home-manager/base/ssh-aliases.nix | 2 +- profiles/nixos/gui/environments/gnome.nix | 4 +- profiles/nixos/remoteBuilders.nix | 20 ++++- profiles/nixos/wifiHardware.nix | 2 +- 13 files changed, 140 insertions(+), 109 deletions(-) delete mode 100644 hosts/lappy-t495/profiles/kodi.nix rename hosts/{hetzner-arm => raspberry-pi5}/containers/minecraft/minecraft.nix (100%) create mode 100644 hosts/raspberry-pi5/profiles/kodi.nix diff --git a/data/serverIPs.nix b/data/serverIPs.nix index d86c5bb..8c3b4b0 100644 --- a/data/serverIPs.nix +++ b/data/serverIPs.nix @@ -3,4 +3,12 @@ rec { ipv4 = "65.21.145.62"; ipv6 = "2a01:4f9:c012:9dbf::1"; }; + + "raspberry" = { + ipv4 = "77.104.180.70"; + ipv6 = [ + "fd00::2ecf:67ff:fe74:940d" + "2a02:8012:7883:0:2ecf:67ff:fe74:940d" + ]; + }; } diff --git a/flake.lock b/flake.lock index c2d9eb0..47838f8 100644 --- a/flake.lock +++ b/flake.lock @@ -65,11 +65,11 @@ ] }, "locked": { - "lastModified": 1723986931, - "narHash": "sha256-Fy+KEvDQ+Hc8lJAV3t6leXhZJ2ncU5/esxkgt3b8DEY=", + "lastModified": 1725180166, + "narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=", "owner": "nix-community", "repo": "home-manager", - "rev": "2598861031b78aadb4da7269df7ca9ddfc3e1671", + "rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb", "type": "github" }, "original": { @@ -120,11 +120,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1724224976, - "narHash": "sha256-Z/ELQhrSd7bMzTO8r7NZgi9g5emh+aRKoCdaAv5fiO0=", + "lastModified": 1725103162, + "narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c374d94f1536013ca8e92341b540eba4c22f9c62", + "rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b", "type": "github" }, "original": { @@ -168,11 +168,11 @@ }, "nur": { "locked": { - "lastModified": 1724323712, - "narHash": "sha256-w/x4HmZm6NpZ4xz5c48tIAymZny8/OMQUMR0yEx5s50=", + "lastModified": 1725381339, + "narHash": "sha256-R2QrBQDg3PzZWYfnpu8x+65CpqE/jVxNGYX1C0zSzms=", "owner": "nix-community", "repo": "NUR", - "rev": "e78affd5313eef31717a16f81bc658f5e5be2154", + "rev": "89f1914bb56bc44fdae5ef8fb51a5e1e48223b8e", "type": "github" }, "original": { diff --git a/hosts/hetzner-arm/hetzner-arm.nix b/hosts/hetzner-arm/hetzner-arm.nix index f3082b3..9cbcdf9 100644 --- a/hosts/hetzner-arm/hetzner-arm.nix +++ b/hosts/hetzner-arm/hetzner-arm.nix @@ -19,7 +19,6 @@ in { "storage" "mail" #"jellyfin" - "minecraft" ] (name: ./containers + "/${name}/${name}.nix")) (with hosts.hetzner-arm.profiles; [ diff --git a/hosts/lappy-t495/lappy-t495.nix b/hosts/lappy-t495/lappy-t495.nix index 418b87c..4457025 100644 --- a/hosts/lappy-t495/lappy-t495.nix +++ b/hosts/lappy-t495/lappy-t495.nix @@ -30,8 +30,6 @@ in { chaos.gaming ]) - ./profiles/kodi.nix - ./secrets.nix ./hardware.nix ]); diff --git a/hosts/lappy-t495/profiles/kodi.nix b/hosts/lappy-t495/profiles/kodi.nix deleted file mode 100644 index aac368b..0000000 --- a/hosts/lappy-t495/profiles/kodi.nix +++ /dev/null @@ -1,84 +0,0 @@ -{ - pkgs, - tree, - ... -}: let - kodiPackage = pkgs.kodi-wayland.withPackages (kodiPkgs: - with kodiPkgs; [ - keymap - sendtokodi - sponsorblock - pvr-iptvsimple - inputstreamhelper - inputstream-adaptive - inputstream-rtmp - visualization-projectm - visualization-waveform - visualization-matrix - visualization-starburst - visualization-spectrum - ]); -in { - environment.systemPackages = [ - kodiPackage - ]; - - services.xserver = { - enable = true; - desktopManager.kodi = { - enable = true; - package = kodiPackage; - }; - #autoLogin.enable = true; - #autoLogin.user = "kodi"; - }; - - networking.firewall = { - allowedTCPPorts = [8080]; - allowedUDPPorts = [8080]; - }; - - users.users.kodi = { - uid = 1002; - isNormalUser = true; - extraGroups = [ - "video" - "input" - "uinput" - "audio" - "rtkit" - ]; - }; - - home-manager.users.kodi = { - imports = with tree.profiles.home-manager; [ - base - - gui.base - gui.environments.gnome - - apps.fileRoller - apps.nautilus - apps.pavucontrol - apps.mpv - - apps.firefox - apps.telegram - - apps.aria2 - apps.rclone - ]; - - # only for x86_64 - home.file.widevine-lib = { - source = "${pkgs.widevine-cdm}/share/google/chrome/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so"; - target = ".kodi/cdm/libwidevinecdm.so"; - }; - home.file.widevine-manifest = { - source = "${pkgs.widevine-cdm}/share/google/chrome/WidevineCdm/manifest.json"; - target = ".kodi/cdm/manifest.json"; - }; - - home.stateVersion = "24.05"; - }; -} diff --git a/hosts/hetzner-arm/containers/minecraft/minecraft.nix b/hosts/raspberry-pi5/containers/minecraft/minecraft.nix similarity index 100% rename from hosts/hetzner-arm/containers/minecraft/minecraft.nix rename to hosts/raspberry-pi5/containers/minecraft/minecraft.nix diff --git a/hosts/raspberry-pi5/hardware.nix b/hosts/raspberry-pi5/hardware.nix index c2b14c5..e57d6a7 100644 --- a/hosts/raspberry-pi5/hardware.nix +++ b/hosts/raspberry-pi5/hardware.nix @@ -55,6 +55,9 @@ # Force 32 bpp framebuffer allocation. framebuffer_depth=32 + # Enable 4k60 + hdmi_enable_4kp60=1 + # Disable compensation for displays with overscan. disable_overscan=1 @@ -63,6 +66,7 @@ # Force maximum CPU speed. force_turbo=1 + arm_boost=1 ''; # UEFI Files "RPI_EFI.fd" = "${edk2}/RPI_EFI.fd"; @@ -72,12 +76,22 @@ in { imports = with tree; [ presets.nixos.serverEncryptedDrive + + #inputs.nixos-hardware.nixosModules.raspberry-pi-4 + #inputs.nixos-hardware.nixosModules.raspberry-pi-5 + ]; + + services.xserver.videoDrivers = [ + "modesetting" + "fbdev" ]; boot = { kernelPackages = pkgs.linuxPackages_rpi4; supportedFilesystems = mkForce ["vfat"]; kernelParams = [ + "kunit.enable=0" + "8250.nr_uarts=11" "console=ttyAMA10,115200" "console=tty0" @@ -132,8 +146,8 @@ in { "192.168.178.26/24" # v6 - "fe80::715e:ef0c:5429:e9cc/64" - "2a02:8012:7883:0:1072:c180:2363:1c92/64" + "fd00::2ecf:67ff:fe74:940d/64" + "2a02:8012:7883:0:2ecf:67ff:fe74:940d/64" ]; routes = [ diff --git a/hosts/raspberry-pi5/profiles/kodi.nix b/hosts/raspberry-pi5/profiles/kodi.nix new file mode 100644 index 0000000..384ace7 --- /dev/null +++ b/hosts/raspberry-pi5/profiles/kodi.nix @@ -0,0 +1,54 @@ +{pkgs, ...}: let + kodiPackage = pkgs.kodi-wayland.withPackages (kodiPkgs: + with kodiPkgs; [ + keymap + sendtokodi + sponsorblock + pvr-iptvsimple + inputstreamhelper + inputstream-adaptive + inputstream-rtmp + visualization-projectm + visualization-waveform + visualization-matrix + visualization-starburst + visualization-spectrum + ]); +in { + environment.systemPackages = [ + kodiPackage + ]; + + services.xserver = { + enable = true; + desktopManager.kodi = { + enable = true; + package = kodiPackage; + }; + extraConfig = '' + Section "OutputClass" + Identifier "vc4" + MatchDriver "vc4" + Driver "modesetting" + Option "PrimaryGPU" "true" + EndSection + ''; + }; + + networking.firewall = { + allowedTCPPorts = [8080]; + allowedUDPPorts = [8080]; + }; + + home-manager.users.chaos = { + # only for x86_64 + # home.file.widevine-lib = { + # source = "${pkgs.widevine-cdm}/share/google/chrome/WidevineCdm/_platform_specific/linux_x64/libwidevinecdm.so"; + # target = ".kodi/cdm/libwidevinecdm.so"; + # }; + # home.file.widevine-manifest = { + # source = "${pkgs.widevine-cdm}/share/google/chrome/WidevineCdm/manifest.json"; + # target = ".kodi/cdm/manifest.json"; + # }; + }; +} diff --git a/hosts/raspberry-pi5/raspberry-pi5.nix b/hosts/raspberry-pi5/raspberry-pi5.nix index 033a0ef..6c55a3e 100644 --- a/hosts/raspberry-pi5/raspberry-pi5.nix +++ b/hosts/raspberry-pi5/raspberry-pi5.nix @@ -3,12 +3,13 @@ tree, ... }: let - inherit (lib.lists) flatten; + inherit (lib.lists) flatten forEach; + inherit (lib.modules) mkForce; in { nixpkgs.overlays = [ - (_final: super: { + (_final: prev: { makeModulesClosure = x: - super.makeModulesClosure (x // {allowMissing = true;}); + prev.makeModulesClosure (x // {allowMissing = true;}); }) ]; @@ -39,16 +40,45 @@ in { chaos.guiDesktop ]) + (with tree.hosts.raspberry-pi5.profiles; [ + kodi + ]) + + (forEach [ + "minecraft" + ] (name: ./containers + "/${name}/${name}.nix")) + ./hardware.nix ]); + services.displayManager = { + defaultSession = "kodi"; + autoLogin = { + enable = true; + user = "chaos"; + }; + }; + + services.xserver.displayManager.gdm.autoLogin.delay = 10; + networking.firewall = { enable = true; + allowPing = true; checkReversePath = "loose"; + allowedTCPPorts = [22]; }; + networking.nat = { + enable = true; + internalInterfaces = ["ve-+"]; + externalInterface = "end0"; + }; + + networking.networkmanager.enable = mkForce false; + networking.useDHCP = mkForce false; + networking.hostName = "raspberry-pi5"; time.timeZone = "Europe/London"; diff --git a/profiles/home-manager/base/ssh-aliases.nix b/profiles/home-manager/base/ssh-aliases.nix index 82cc4c3..99f336a 100644 --- a/profiles/home-manager/base/ssh-aliases.nix +++ b/profiles/home-manager/base/ssh-aliases.nix @@ -9,7 +9,7 @@ in { user = "root"; hostname = "${hostname}.servers.genderfucked.monster"; }; - }) ["hetzner-arm" "hetzner-arm-decrypt"])) + }) ["hetzner-arm" "hetzner-arm-decrypt" "raspberry-pi5" "raspberry-pi5-decrypt"])) { "blahaj" = { user = "chaos"; diff --git a/profiles/nixos/gui/environments/gnome.nix b/profiles/nixos/gui/environments/gnome.nix index 9005cbf..3b7cb6f 100644 --- a/profiles/nixos/gui/environments/gnome.nix +++ b/profiles/nixos/gui/environments/gnome.nix @@ -24,8 +24,8 @@ in { else "xcb"; SDL_VIDEODRIVER = if isWayland - then "wayland" - else "x11"; + then "wayland,x11,windows" + else "x11,windows"; _JAVA_AWT_WM_NONREPARENTING = mkIf isWayland "1"; }; diff --git a/profiles/nixos/remoteBuilders.nix b/profiles/nixos/remoteBuilders.nix index 3446a56..ab4ec95 100644 --- a/profiles/nixos/remoteBuilders.nix +++ b/profiles/nixos/remoteBuilders.nix @@ -14,10 +14,11 @@ if builtins.elem currentHostname [ "lappy-t495" - "lappy-surface" ] then usbSSHKeyFile - else if builtins.elem currentHostname [] + else if + builtins.elem currentHostname [ + ] then normalSSHKeyFile else throw "host isn't configured for remote-builders"; @@ -36,8 +37,19 @@ in { systems = ["aarch64-linux"]; supportedFeatures = ["native-arm64"]; publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUk5cGM0REU1UlV4UUp2T1pwenFOQWVac0JlRW1kcmp4OFlnV3orVXBMckcgcm9vdEBoZXR6bmVyLWFybQo="; - maxJobs = 2; - speedFactor = 2; + maxJobs = 3; + speedFactor = 1; + } + ])) + (mkIf (currentHostname != "raspberry-pi5") (mkMerge [ + builderDefaults + { + hostName = "raspberry-pi5.servers.genderfucked.monster"; + systems = ["aarch64-linux"]; + supportedFeatures = ["native-arm64"]; + publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUNZNFpuQ1NVeWpjOHR3UXVpMzhwU21qdHluSVZUVnFiNzB5blNRa0Z3anYgcm9vdEByYXNwYmVycnkK"; + maxJobs = 4; + speedFactor = 4; } ])) ]; diff --git a/profiles/nixos/wifiHardware.nix b/profiles/nixos/wifiHardware.nix index 1a21dd3..2f1d20c 100644 --- a/profiles/nixos/wifiHardware.nix +++ b/profiles/nixos/wifiHardware.nix @@ -9,7 +9,7 @@ in { firmware = with pkgs; [ wireless-regdb - + # Realtek rtl8192su-firmware rt5677-firmware