diff options
| author | Natasha Moongrave <natasha@256phi.eu> | 2026-06-12 13:37:13 +0200 |
|---|---|---|
| committer | Natasha Moongrave <natasha@256phi.eu> | 2026-06-12 13:37:13 +0200 |
| commit | 15d50528cf86e93bad19f65f1e4b47af49e94d71 (patch) | |
| tree | caaa600a8f38df84dc269a3844d276393e90262c /hosts | |
| parent | 72ee2b5a1e65ce804d6e1dcfd11aec06385594cc (diff) | |
Nuked everything
Diffstat (limited to 'hosts')
| -rw-r--r-- | hosts/herra/ai.nix | 175 | ||||
| -rw-r--r-- | hosts/herra/arion-compose.nix | 50 | ||||
| -rw-r--r-- | hosts/herra/audio.nix | 43 | ||||
| -rw-r--r-- | hosts/herra/configuration.nix | 26 | ||||
| -rw-r--r-- | hosts/herra/drivers.nix | 42 | ||||
| -rw-r--r-- | hosts/herra/file-system.nix | 39 | ||||
| -rw-r--r-- | hosts/herra/hardware-configuration.nix | 43 | ||||
| -rw-r--r-- | hosts/herra/network.nix | 6 | ||||
| -rw-r--r-- | hosts/herra/packages.nix | 47 | ||||
| -rw-r--r-- | hosts/herra/steam.nix | 35 | ||||
| -rwxr-xr-x | hosts/kronos/configuration.nix | 17 | ||||
| -rwxr-xr-x | hosts/kronos/hardware-configuration.nix | 31 | ||||
| -rw-r--r-- | hosts/mystra/configuration.nix | 6 | ||||
| -rw-r--r-- | hosts/mystra/hardware-configuration.nix | 25 |
14 files changed, 0 insertions, 585 deletions
diff --git a/hosts/herra/ai.nix b/hosts/herra/ai.nix deleted file mode 100644 index df93a24..0000000 --- a/hosts/herra/ai.nix +++ /dev/null @@ -1,175 +0,0 @@ -{ - pkgs, - lib, - ... -}: let - puid = "1000"; - pgid = "100"; - odysseusRepo = "https://github.com/pewdiepie-archdaemon/odysseus.git"; - odysseusDir = "/var/lib/odysseus/src"; -in { - # ---------------------------- - # Ollama (native) - # ---------------------------- - services.ollama = { - enable = true; - host = "0.0.0.0"; - port = 11434; - }; - - # ---------------------------- - # Docker - # ---------------------------- - virtualisation.docker.enable = true; - virtualisation.oci-containers.backend = "docker"; - - # ---------------------------- - # Persistent storage - # ---------------------------- - systemd.tmpfiles.rules = [ - "d /var/lib/odysseus/data 0755 root root -" - "d /var/lib/odysseus/logs 0755 root root -" - "d /var/lib/odysseus/ssh 0755 root root -" - "d /var/lib/odysseus/huggingface 0755 root root -" - "d /var/lib/odysseus/chromadb 0755 root root -" - "d /var/lib/odysseus/ntfy 0755 root root -" - "d /var/lib/odysseus/searxng 0777 root root -" - "d /var/lib/odysseus/src 0755 root root -" - ]; - - # ---------------------------- - # SearXNG config - # ---------------------------- - environment.etc."odysseus/searxng/settings.yml".text = '' - use_default_settings: true - server: - secret_key: "change-me-openssl-rand-hex-32" - limiter: false - image_proxy: true - search: - safe_search: 0 - formats: - - html - - json - ''; - - # ---------------------------- - # Build Odysseus from source via systemd oneshot - # ---------------------------- - systemd.services.odysseus-build = { - description = "Build Odysseus Docker image from source"; - wantedBy = ["docker-odysseus.service"]; - before = ["docker-odysseus.service"]; - after = ["docker.service" "network-online.target"]; - wants = ["network-online.target"]; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - path = [pkgs.git pkgs.docker]; - script = '' - if [ ! -d "${odysseusDir}/.git" ]; then - git clone ${odysseusRepo} ${odysseusDir} - else - git -C ${odysseusDir} pull --ff-only - fi - - NEW_HASH=$(git -C ${odysseusDir} rev-parse HEAD) - OLD_HASH=$(cat /var/lib/odysseus/.last-built-commit 2>/dev/null || echo "") - - if [ "$NEW_HASH" != "$OLD_HASH" ] || ! docker image inspect odysseus:local &>/dev/null; then - echo "Building odysseus image at commit $NEW_HASH..." - docker build -t odysseus:local ${odysseusDir} - echo "$NEW_HASH" > /var/lib/odysseus/.last-built-commit - else - echo "Image up to date at $OLD_HASH, skipping build." - fi - ''; - }; - - # ---------------------------- - # Containers - # ---------------------------- - virtualisation.oci-containers.containers = { - odysseus-chromadb = { - image = "chromadb/chroma:latest"; - ports = ["127.0.0.1:8100:8000"]; - volumes = ["/var/lib/odysseus/chromadb:/chroma/chroma"]; - environment.ANONYMIZED_TELEMETRY = "FALSE"; - }; - - odysseus-searxng = { - image = "searxng/searxng:latest"; - ports = ["127.0.0.1:8080:8080"]; - volumes = [ - "/var/lib/odysseus/searxng:/etc/searxng" - "/etc/odysseus/searxng/settings.yml:/etc/searxng/settings.yml:ro" - ]; - environment.SEARXNG_BASE_URL = "http://localhost:8080/"; - }; - - odysseus-ntfy = { - image = "binwiederhier/ntfy"; - cmd = ["serve"]; - ports = ["127.0.0.1:8091:80"]; - volumes = ["/var/lib/odysseus/ntfy:/var/cache/ntfy"]; - environment.NTFY_BASE_URL = "http://localhost:8091"; - }; - - odysseus = { - image = "odysseus:local"; - ports = ["127.0.0.1:7000:7000"]; - volumes = [ - "/var/lib/odysseus/data:/app/data" - "/var/lib/odysseus/logs:/app/logs" - "/var/lib/odysseus/ssh:/app/.ssh" - "/var/lib/odysseus/huggingface:/app/.cache/huggingface" - ]; - environment = { - APP_BIND = "0.0.0.0"; - APP_PORT = "7000"; - AUTH_ENABLED = "true"; - PUID = puid; - PGID = pgid; - SEARXNG_INSTANCE = "http://host.docker.internal:8080"; - CHROMADB_HOST = "host.docker.internal"; - CHROMADB_PORT = "8000"; - OLLAMA_BASE_URL = "http://host.docker.internal:11434/v1"; - }; - extraOptions = [ - "--add-host=host.docker.internal:host-gateway" - "--pull=never" - ]; - dependsOn = ["odysseus-chromadb" "odysseus-searxng" "odysseus-ntfy"]; - }; - }; - - # Restart policy (mkForce overrides oci-containers' default "always") - systemd.services = { - docker-odysseus-chromadb.serviceConfig.Restart = lib.mkForce "on-failure"; - docker-odysseus-searxng.serviceConfig.Restart = lib.mkForce "on-failure"; - docker-odysseus-ntfy.serviceConfig.Restart = lib.mkForce "on-failure"; - docker-odysseus.serviceConfig.Restart = lib.mkForce "on-failure"; - }; - - # ---------------------------- - # Nginx + local DNS - # ---------------------------- - services.nginx = { - enable = true; - virtualHosts."ai.local" = { - locations."/" = { - proxyPass = "http://127.0.0.1:7000"; - proxyWebsockets = true; - extraConfig = '' - proxy_read_timeout 300s; - proxy_connect_timeout 75s; - ''; - }; - }; - }; - - networking.hosts."127.0.0.1" = ["ai.local"]; - networking.firewall.allowedTCPPorts = [80]; - networking.firewall.interfaces.docker0.allowedTCPPorts = [11434]; -} diff --git a/hosts/herra/arion-compose.nix b/hosts/herra/arion-compose.nix deleted file mode 100644 index daa4077..0000000 --- a/hosts/herra/arion-compose.nix +++ /dev/null @@ -1,50 +0,0 @@ -{pkgs, ...}: { - project.name = "odysseus"; - - services.odysseus.service = { - image = "ghcr.io/pewdiepie-archdaemon/odysseus:latest"; - - ports = [ - "7000:7000" - ]; - - volumes = [ - "/srv/odysseus/data:/app/data" - ]; - - environment = { - AUTH_ENABLED = "true"; - - LLM_HOST = "host.docker.internal:11434"; - - CHROMADB_HOST = "chromadb"; - - SEARXNG_INSTANCE = "http://searxng:8080"; - }; - - extra_hosts = [ - "host.docker.internal:host-gateway" - ]; - - depends_on = [ - "chromadb" - "searxng" - ]; - }; - - services.chromadb.service = { - image = "chromadb/chroma:latest"; - - volumes = [ - "/srv/odysseus/chroma:/chroma/chroma" - ]; - }; - - services.searxng.service = { - image = "searxng/searxng:latest"; - }; - - services.ntfy.service = { - image = "binwiederhier/ntfy:latest"; - }; -} diff --git a/hosts/herra/audio.nix b/hosts/herra/audio.nix deleted file mode 100644 index 2805547..0000000 --- a/hosts/herra/audio.nix +++ /dev/null @@ -1,43 +0,0 @@ -{...}: { - # rtkit is optional but recommended - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = true; - - # Lower audio latency - # TODO: Every setup is different, and a lot of factors determine your final latency, like CPU speed, RT/PREEMPTIVE kernels and soundcards supporting different audio formats. That's why 32/48000 isn't always a value that's going to work for everyone. The best way to get everything working is to keep increasing the quant value until you get no crackles (underruns) or until you get audio again (in case there wasn't any). This won't guarantee the lowest possible latency, but will provide a decent one paired with stable audio. - # extraConfig = { - # pipewire."92-low-latency" = { - # "context.properties" = { - # "default.clock.rate" = 48000; - # "default.clock.quantum" = 128; - # "default.clock.min-quantum" = 32; - # "default.clock.max-quantum" = 256; # Maybe set this to a max of 128 or 256 (as advised by Jade) - # }; - # }; - # - # pipewire-pulse."92-low-latency" = { - # context.modules = [ - # { - # name = "libpipewire-module-protocol-pulse"; - # args = { - # pulse.min.req = "32/48000"; - # pulse.default.req = "32/48000"; - # pulse.max.req = "32/48000"; - # pulse.min.quantum = "32/48000"; - # pulse.max.quantum = "256/48000"; # Maybe set this to a max of 128 or 256 (as advised by Jade) - # }; - # } - # ]; - # stream.properties = { - # node.latency = "32/48000"; - # resample.quality = 1; - # }; - # }; - # }; - }; -} diff --git a/hosts/herra/configuration.nix b/hosts/herra/configuration.nix deleted file mode 100644 index 4403d12..0000000 --- a/hosts/herra/configuration.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ./hardware-configuration.nix - ./file-system.nix - ./packages.nix - ./audio.nix - ./drivers.nix - ./steam.nix - ./network.nix - ./ai.nix - ]; - - networking.hostName = "herra"; - - # Dual-boot with Windows 11 - boot.loader.grub.useOSProber = true; - - # Gaming-optimized Zen kernel (overrides system/boot.nix) - # Includes: low-latency patches, BFQ scheduler, gaming optimizations - # Similar performance benefits to Bazzite kernel - boot.kernelPackages = lib.mkForce pkgs.linuxPackages_zen; -} diff --git a/hosts/herra/drivers.nix b/hosts/herra/drivers.nix deleted file mode 100644 index f169970..0000000 --- a/hosts/herra/drivers.nix +++ /dev/null @@ -1,42 +0,0 @@ -{pkgs, ...}: { - services.xserver.videoDrivers = ["amdgpu"]; # AMD GPU drivers - boot.kernel.sysctl."kernel.sched_rt_runtime_us" = -1; # Realtime audio - - hardware = { - graphics = { - enable = true; - enable32Bit = true; # CRITICAL for Steam/Proton - extraPackages = with pkgs; [ - rocmPackages.clr.icd # OpenCL - ]; - extraPackages32 = with pkgs; [ - ]; - }; - - cpu.intel.updateMicrocode = true; - - enableRedistributableFirmware = true; - }; - #TODO: FIX - #boot.extraModulePackages = with boot.kernelPackages; [ - # v4l2loopback - #]; - boot.kernelModules = ["v4l2loopback"]; - boot.extraModprobeConfig = '' - options v4l2loopback devices=1 video_nr=1 card_label="OBS Virtual Camera" exclusive_caps=1 - ''; - - systemd.tmpfiles.rules = [ - "w /sys/class/drm/card1/device/power_dpm_force_performance_level - - - - manual" - "w /sys/class/drm/card1/device/pp_dpm_sclk - - - - 7" - "w /sys/class/drm/card1/device/pp_dpm_mclk - - - - 1" - ]; - - services.udev.extraRules = '' - SUBSYSTEM=="hwmon", ATTRS{name}=="amdgpu", ATTR{power1_cap}="75000000" - ''; - - virtualisation.docker.storageDriver = "btrfs"; - - programs.gamemode.enable = true; -} diff --git a/hosts/herra/file-system.nix b/hosts/herra/file-system.nix deleted file mode 100644 index 07ba0fa..0000000 --- a/hosts/herra/file-system.nix +++ /dev/null @@ -1,39 +0,0 @@ -{...}: { - fileSystems."/nix" = { - options = ["compress=zstd:3" "noatime"]; - neededForBoot = true; - }; - - # fileSystems."/run/media/mun/GAMES" = { - # device = "/dev/disk/by-uuid/7D1A6ABE139A4C2C"; - # fsType = "ntfs3"; - # - # options = [ - # "nofail" - # "rw" - # "uid=1000" - # "gid=100" - # "big_writes" - # "noatime" - # ]; - # neededForBoot = false; - # }; - - # TODO: FIX ^ - # For now use the patch below (ik this is stupid) - - # NOTE: it was indeed stupid - # systemd.mounts = [ - # { - # what = "/dev/disk/by-label/GAMES"; - # where = "/run/media/mun/GAMES"; - # type = "ntfs3"; - # options = "nofail,rw,uid=1000,gid=100,noatime"; - # wantedBy = ["multi-user.target"]; - # } - # ]; - # - # systemd.tmpfiles.rules = [ - # "d /run/media/mun/GAMES 0755 mun users -" - # ]; -} diff --git a/hosts/herra/hardware-configuration.nix b/hosts/herra/hardware-configuration.nix deleted file mode 100644 index 578ae01..0000000 --- a/hosts/herra/hardware-configuration.nix +++ /dev/null @@ -1,43 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "thunderbolt" "usbhid" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/229a13d8-159e-40b6-915a-606c32e3ca79"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; - - fileSystems."/home" = - { device = "/dev/disk/by-uuid/229a13d8-159e-40b6-915a-606c32e3ca79"; - fsType = "btrfs"; - options = [ "subvol=@home" ]; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/03F6-F782"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/28fb6b6d-fb64-4a42-80af-88ce7b081258"; - fsType = "btrfs"; - }; - - swapDevices = [ ]; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/herra/network.nix b/hosts/herra/network.nix deleted file mode 100644 index eba91ed..0000000 --- a/hosts/herra/network.nix +++ /dev/null @@ -1,6 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - libimobiledevice - ]; - services.usbmuxd.enable = true; -} diff --git a/hosts/herra/packages.nix b/hosts/herra/packages.nix deleted file mode 100644 index e822493..0000000 --- a/hosts/herra/packages.nix +++ /dev/null @@ -1,47 +0,0 @@ -{pkgs, ...}: { - environment.systemPackages = with pkgs; [ - # System - btop - radeontop - alsa-utils # provides alsamixer - - # Streaming / Recording - obs-studio - easyeffects - - # OBS plugins - #obs-studio-plugins.distroav # Stale upstream hash - obs-studio-plugins.obs-vkcapture - obs-studio-plugins.obs-pipewire-audio-capture - # obs-studio-plugins.obs-source-switcher - obs-studio-plugins.obs-source-record - obs-studio-plugins.obs-source-clone - # obs-studio-plugins.obs-media-control - # obs-studio-plugins.obs-scene-as-transition - # obs-studio-plugins.advanced-scene-switcher - obs-studio-plugins.obs-retro-effects - obs-studio-plugins.obs-dvd-screensaver - obs-studio-plugins.obs-composite-blur - - # Audio - pavucontrol - jack2 - - # Video - ffmpeg - v4l-utils - cheese - - # Gayming - mangohud # In-game overlay (FPS, GPU/CPU usage) - corectrl # AMD GPU fan/power control (WX 5100 has no software controls otherwise) - vulkan-tools # vulkaninfo for debugging - mesa-demos # glxinfo, glxgears - ]; - - programs.corectrl = { - enable = true; - gpuOverclock.enable = true; # optional - }; - -} diff --git a/hosts/herra/steam.nix b/hosts/herra/steam.nix deleted file mode 100644 index 9bbe499..0000000 --- a/hosts/herra/steam.nix +++ /dev/null @@ -1,35 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - programs.steam = { - enable = true; - package = pkgs.steam.override { - extraEnv = { - LD_PRELOAD = "${pkgs.gamemode.lib}/lib/libgamemodeauto.so"; - }; - extraLibraries = pkgs: - with pkgs; [ - gamemode - ]; - }; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - localNetworkGameTransfers.openFirewall = true; - gamescopeSession.enable = false; - extraCompatPackages = [pkgs.proton-ge-bin]; - }; - - nixpkgs.config.allowUnfreePredicate = pkg: - builtins.elem (lib.getName pkg) [ - "steam" - "steam-original" - "steam-unwrapped" - "steam-run" - ]; - - programs.appimage.enable = true; - programs.appimage.binfmt = true; -} - diff --git a/hosts/kronos/configuration.nix b/hosts/kronos/configuration.nix deleted file mode 100755 index a02a768..0000000 --- a/hosts/kronos/configuration.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ./hardware-configuration.nix - ]; - - networking.hostName = "kronos"; - boot.kernelPackages = pkgs.linuxPackages; - - services.illum.enable = false; # Disable illum because I've never noticed it working and it crashes on hardened kernel - - # TODO: Harden the kernel even further (https://wiki.nixos.org/wiki/NixOS_Hardening) - # security.lockKernelModules = true; -} diff --git a/hosts/kronos/hardware-configuration.nix b/hosts/kronos/hardware-configuration.nix deleted file mode 100755 index 0dc8341..0000000 --- a/hosts/kronos/hardware-configuration.nix +++ /dev/null @@ -1,31 +0,0 @@ -# Do not modify this file! It was generated by 'nixos-generate-config' -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/f62daee8-ba51-478c-97db-c8b96c12043e"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/22BE-C329"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = [ ]; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/mystra/configuration.nix b/hosts/mystra/configuration.nix deleted file mode 100644 index 24d906c..0000000 --- a/hosts/mystra/configuration.nix +++ /dev/null @@ -1,6 +0,0 @@ -{...}: { - imports = [ - ./hardware-configuration.nix - ]; - networking.hostName = "mystra"; -} diff --git a/hosts/mystra/hardware-configuration.nix b/hosts/mystra/hardware-configuration.nix deleted file mode 100644 index 50f0325..0000000 --- a/hosts/mystra/hardware-configuration.nix +++ /dev/null @@ -1,25 +0,0 @@ -# PLACEHOLDER - Generate on actual ThinkPad X220 hardware with: -# sudo nixos-generate-config --show-hardware-config > hosts/mystra/hardware-configuration.nix -# -# ThinkPad X220 Expected Hardware: -# - Intel Core i5-2520M (2nd gen Sandy Bridge) -# - Intel HD Graphics 3000 (i915 driver) -# - 4-8GB DDR3 RAM -# - SATA SSD/HDD storage - -{ config, lib, pkgs, modulesPath, ... }: -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - # Placeholder - replace with actual hardware scan results - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "sd_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/PLACEHOLDER"; - fsType = "ext4"; - }; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} |