Squash merge refactor into main

2025-08-09 22:22:19 +08:00 · 2025-08-09 22:22:19 +08:00 · b82cd59f4f
commit b82cd59f4f
parent 529c9e5fa7
35 changed files with 498 additions and 358 deletions
--- a/system/dev/dn-lap/default.nix
+++ b/system/dev/dn-lap/default.nix
@ -1,7 +1,12 @@
 {
-  settings,
+  username,
  ...
 }:
+let
+  monitors = [
+    ''desc:LG Display 0x0665''
+  ];
+in
 {
  imports = [
    ./hardware-configuration.nix
@ -17,18 +22,54 @@
  ];

  home-manager = {
-    users."${settings.personal.username}" = {
+    users."${username}" = {
      imports = [
        ../../../home/presets/basic.nix
        (import ../../../home/user/bitwarden.nix {
          email = "danny@dn-server.net.dn";
          baseUrl = "https://bitwarden.net.dn";
        })
+
+        # Hyprland
+        (import ../../../home/user/hyprland.nix { inherit monitors; })
+        {
+          wayland.windowManager.hyprland = {
+            settings = {
+              windowrulev2 = [
+                # Meidia control
+                "move 1680 59, class: ^(org.pulseaudio.pavucontrol)$"
+                "size 868 561, class: ^(org.pulseaudio.pavucontrol)$"
+
+                # Local Send (File Sharing)
+                "size 523 1372, class: ^(localsend_app)$"
+                "move 2024 56, class: ^(localsend_app)$"
+
+                # Airplay
+                "size 487 1055, class: ^(GStreamer)$"
+
+                # Bluetooth
+                "move 1943 59, class: ^(blueberry.py)$"
+                "size 605 763, class: ^(blueberry.py)$"
+              ];
+
+              monitors = [
+                ''desc:LG Display 0x0665, preferred, 0x0, 1.25''
+              ];
+            };
+          };
+
+        }
+
+        # Git
+        (import ../../../home/user/git.nix {
+          inherit username;
+          email = "danny10132024@gmail.com";
+        })
      ];
    };
  };

-  users.users."${settings.personal.username}".openssh.authorizedKeys.keys = [
+  users.users."${username}".openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILSHkPa6vmr5WBPXAazY16+Ph1Mqv9E24uLIf32oC2oH danny@phone.dn"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJSAOufpee7f8D8ONIIGU3qsN+8+DGO7BfZnEOTYqtQ5 danny@pre7780.dn"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMj/LeB3i/vca3YwGNpAjf922FgiY2svro48fUSQAjOv Shortcuts on :D"
--- a/system/dev/dn-pre7780/default.nix
+++ b/system/dev/dn-pre7780/default.nix
@ -1,22 +1,42 @@
 {
  pkgs,
-  settings,
+  username,
+  config,
+  lib,
  ...
 }:
+let
+  monitors = [
+    "desc:ASUSTek COMPUTER INC ASUS VG32VQ1B 0x00002271"
+    "desc:Acer Technologies XV272U V3 1322131231233"
+  ];
+in
 {
+  networking.firewall.allowedTCPPortRanges = [
+    {
+      from = 8000;
+      to = 8100;
+    }
+  ];
+
+  hardware.nvidia.package = lib.mkForce config.boot.kernelPackages.nvidiaPackages.stable;
+
  imports = [
-    (import ../../modules/nvidia.nix {
-      nvidia-mode = settings.nvidia.mode;
-      intel-bus-id = settings.nvidia.intel-bus-id;
-      nvidia-bus-id = settings.nvidia.nvidia-bus-id;
-    })
    ./hardware-configuration.nix
-    ./boot.nix
-    ./sops-conf.nix
    ../../modules/presets/basic.nix
+
+    # Nvidia GPU Driver
+    (import ../../modules/nvidia.nix {
+      nvidia-mode = "offload";
+      intel-bus-id = "PCI:0:2:0";
+      nvidia-bus-id = "PCI:1:0:0";
+    })
+
+    ./boot.nix # Extra Boot Options
+    ./sops-conf.nix # Secret
    ../../modules/gaming.nix
    # ../../modules/secure-boot.nix
-    ../../modules/virtualization.nix
+    (import ../../modules/virtualization.nix { inherit username; })
    ../../modules/wine.nix
    ../../modules/wireguard.nix
    ../../modules/localsend.nix
@ -27,16 +47,24 @@
        "192.168.0.0/24"
      ];
    })
+
+    ../../modules/davinci-resolve.nix
+    ../../modules/webcam.nix
+    ./nginx.nix
  ];

  home-manager = {
-    users."${settings.personal.username}" = {
+    users."${username}" = {
      imports = [
        ../../../home/presets/basic.nix
+
+        # Bitwarden client
        (import ../../../home/user/bitwarden.nix {
          email = "danny@net.dn";
          baseUrl = "https://bitwarden.net.dn";
        })
+
+        # Proton GE
        {
          home.file.".steam/root/compatibilitytools.d/GE-Proton10-10" = {
            source = fetchTarball {
@ -45,16 +73,55 @@
            };
          };
        }
+
+        # Hyprland
+        (import ../../../home/user/hyprland.nix { inherit monitors; })
+        {
+          wayland.windowManager.hyprland = {
+            settings = {
+              windowrulev2 = [
+                # Meidia control
+                "move 1680 59, class: ^(org.pulseaudio.pavucontrol)$"
+                "size 868 561, class: ^(org.pulseaudio.pavucontrol)$"
+
+                # Local Send (File Sharing)
+                "size 523 1372, class: ^(localsend_app)$"
+                "move 2024 56, class: ^(localsend_app)$"
+
+                # Airplay
+                "size 487 1055, class: ^(GStreamer)$"
+                "move 2061 203, class: ^(GStreamer)$"
+
+                # Bluetooth
+                "move 1943 59, class: ^(blueberry.py)$"
+                "size 605 763, class: ^(blueberry.py)$"
+              ];
+
+              monitor = [
+                ''desc:ASUSTek COMPUTER INC ASUS VG32VQ1B 0x00002271, 2560x1440@165, 0x0, 1''
+                ''desc:Acer Technologies XV272U V3 1322131231233, 2560x1440@180, -1440x-600, 1, transform, 1''
+              ];
+            };
+          };
+        }
+
+        # Git
+        (import ../../../home/user/git.nix {
+          inherit username;
+          email = "danny10132024@gmail.com";
+        })
+
      ];
    };
  };

  environment.systemPackages = with pkgs; [
    rustdesk
+    blender
  ];

  users.users = {
-    "${settings.personal.username}" = {
+    ${username} = {
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJFQA42R3fZmjb9QnUgzzOTIXQBC+D2ravE/ZLvdjoOQ danny@lap.dn"
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILSHkPa6vmr5WBPXAazY16+Ph1Mqv9E24uLIf32oC2oH danny@phone.dn"
--- a/system/dev/dn-pre7780/nginx.nix
+++ b/system/dev/dn-pre7780/nginx.nix
@ -0,0 +1,24 @@
+{ ... }:
+{
+  security.acme = {
+    acceptTerms = true;
+    defaults = {
+      validMinDays = 2;
+      server = "https://10.0.0.1:${toString 8443}/acme/acme/directory";
+      renewInterval = "daily";
+      email = "danny@net.dn";
+      webroot = "/var/lib/acme/acme-challenge";
+    };
+  };
+
+  users.users.nginx.extraGroups = [ "acme" ];
+
+  services.nginx = {
+    enable = true;
+    enableReload = true;
+    recommendedGzipSettings = true;
+    recommendedOptimisation = true;
+    recommendedTlsSettings = true;
+    recommendedProxySettings = true;
+  };
+}
--- a/system/dev/dn-server/default.nix
+++ b/system/dev/dn-server/default.nix
@ -1,15 +1,15 @@
 {
  pkgs,
  inputs,
-  settings,
+  username,
  ...
 }:
 {
  imports = [
    (import ../../modules/nvidia.nix {
-      nvidia-mode = settings.nvidia.mode;
-      intel-bus-id = settings.nvidia.intel-bus-id;
-      nvidia-bus-id = settings.nvidia.nvidia-bus-id;
+      nvidia-mode = "offload";
+      intel-bus-id = "PCI:0:2:0";
+      nvidia-bus-id = "PCI:1:0:0";
    })
    ./sops-conf.nix
    ./boot.nix
@ -41,7 +41,7 @@
  ];

  home-manager = {
-    users."${settings.personal.username}" = {
+    users."${username}" = {
      imports = [
        ../../../home/user/config.nix
        ../../../home/user/direnv.nix
@ -61,6 +61,12 @@
            ))
          ];
        }
+
+        # Git
+        (import ../../../home/user/git.nix {
+          inherit username;
+          email = "danny10132024@gmail.com";
+        })
      ];
    };
  };
--- a/system/dev/dn-server/services.nix
+++ b/system/dev/dn-server/services.nix
@ -1,13 +1,14 @@
 {
-  settings,
  config,
  pkgs,
  lib,
+  username,
  ...
 }:

 let
-  username = settings.personal.username;
+  inherit username;
+
  ethInterface = "enp0s31f6";
  sshPorts = [ 30072 ];
  sshPortsString = builtins.concatStringsSep ", " (builtins.map (p: builtins.toString p) sshPorts);
--- a/system/modules/airplay.nix
+++ b/system/modules/airplay.nix
@ -29,7 +29,7 @@ in
    after = [ "networking-online.target" ];
    serviceConfig = {
      ExecStart = "${pkgs.uxplay}/bin/uxplay ${
-        optionalString (hostname != null) "-n ${hostname} -nh -hls 3"
+        optionalString (hostname != null) "-n ${hostname} -fs -fps 60 -nh"
      } -p";
    };
  };
--- a/system/modules/davinci-resolve.nix
+++ b/system/modules/davinci-resolve.nix
@ -0,0 +1,31 @@
+{
+  pkgs,
+  username,
+  ...
+}:
+let
+  scriptBin = pkgs.writeShellScriptBin "davinci-resolve" ''
+    ROC_ENABLE_PRE_VEGA=1 RUSTICL_ENABLE=amdgpu,amdgpu-pro,radv,radeon DRI_PRIME=1 QT_QPA_PLATFORM=xcb ${pkgs.davinci-resolve}/bin/davinci-resolve
+  '';
+in
+{
+  environment.systemPackages = [
+    scriptBin
+  ];
+
+  home-manager.users."${username}" = {
+    xdg.desktopEntries."davindi-resolve" = {
+      name = "Davinci Resolve";
+      genericName = "Video Editor";
+      exec = "${scriptBin}/bin/davinci-resolve";
+      icon = "${pkgs.davinci-resolve}/share/icons/hicolor/128x128/apps/davinci-resolve.png";
+      comment = "Professional video editing, color, effects and audio post-processing";
+      categories = [
+        "AudioVideo"
+        "AudioVideoEditing"
+        "Video"
+        "Graphics"
+      ];
+    };
+  };
+}
--- a/system/modules/obs-studio.nix
+++ b/system/modules/obs-studio.nix
@ -3,7 +3,7 @@
  programs = {
    obs-studio = {
      enable = true;
-      enableVirtualCamera = true;
+      enableVirtualCamera = false; # Handled by webcam.nix
      plugins = with pkgs.obs-studio-plugins; [
        wlrobs
        obs-backgroundremoval
--- a/system/modules/presets/minimal.nix
+++ b/system/modules/presets/minimal.nix
@ -17,5 +17,6 @@
    ../tmux.nix
    ../ca.nix
    ../sops-nix.nix
+    ../gc.nix
  ];
 }
--- a/system/modules/services.nix
+++ b/system/modules/services.nix
@ -1,7 +1,7 @@
 {
-  settings,
  lib,
  pkgs,
+  username,
  ...
 }:

@ -19,12 +19,13 @@
      enable = true;
      packages = [ pkgs.gcr ];
    };
+
    openssh = {
      enable = true;
      ports = [ 22 ];
      settings = {
        PasswordAuthentication = lib.mkDefault false;
-        AllowUsers = lib.mkDefault [ settings.personal.username ];
+        AllowUsers = lib.mkDefault [ username ];
        UseDns = lib.mkDefault true;
        PermitRootLogin = lib.mkDefault "no";
      };
--- a/system/modules/users.nix
+++ b/system/modules/users.nix
@ -1,13 +1,12 @@
 {
-  settings,
  pkgs,
-  lib,
  config,
+  username,
  ...
 }:

 {
-  users.users.${settings.personal.username} = {
+  users.users.${username} = {
    isNormalUser = true;
    shell = pkgs.bash; # Actually fish
    extraGroups = (
--- a/system/modules/virtualization.nix
+++ b/system/modules/virtualization.nix
@ -1,5 +1,5 @@
+{ username }:
 {
-  settings,
  pkgs,
  config,
  ...
@ -7,7 +7,7 @@

 {
  programs.virt-manager.enable = true;
-  users.groups.libvirtd.members = [ settings.personal.username ];
+  users.groups.libvirtd.members = [ username ];

  virtualisation = {
    docker.enable = true;
--- a/system/modules/webcam.nix
+++ b/system/modules/webcam.nix
@ -0,0 +1,17 @@
+# Use WebRTC to stream
+{ pkgs, config, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    ffmpeg
+    v4l-utils
+  ];
+
+  boot = {
+    kernelModules = [ "v4l2loopback" ];
+    extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
+  };
+
+  boot.extraModprobeConfig = ''
+    options v4l2loopback devices=2 video_nr=1,2 card_label="OBS Cam","phone webRTC cam" exclusive_caps=1,1
+  '';
+}