KCNHUB
/
WS-KCNHUB
2
1
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity

TODO: cleanup commits

master
Antoine Fauroux 2025-11-10 11:08:09 -05:00
parent 61a74ec25e
commit 30989c77cd
7 changed files with 127 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
machines/kcnhub/configuration.nix
View File

@ -23,6 +23,8 @@
sops.age.keyFile = "/root/.config/sops/age/keys.txt"; sops.age.keyFile = "/root/.config/sops/age/keys.txt";
sops.defaultSopsFile = ./secrets/system.yaml; sops.defaultSopsFile = ./secrets/system.yaml;
networking.networkmanager.enable = true;
# Support NTFS(3g) # Support NTFS(3g)
boot.supportedFilesystems = ["ntfs"]; boot.supportedFilesystems = ["ntfs"];

1
machines/kcnhub/packages.nix
View File

@ -7,5 +7,6 @@
./packages/matlab.nix ./packages/matlab.nix
./packages/containers.nix ./packages/containers.nix
./packages/deeplabcut.nix ./packages/deeplabcut.nix
./packages/vnc.nix
]; ];
} }

9
machines/kcnhub/packages/containers.nix
View File

@ -2,11 +2,18 @@
virtualisation = { virtualisation = {
podman = { podman = {
enable = true; enable = true;
# Enable CDI (Container Device Interface) for GPU support
enableNvidia = true;
}; };
docker.rootless = {
docker = {
rootless = {
enable = true; enable = true;
setSocketVariable = true; setSocketVariable = true;
}; };
# Enable CDI (Container Device Interface) for GPU support
enableNvidia = true;
};
# For compatability, and for some reason this isn't able to be per # For compatability, and for some reason this isn't able to be per
# container? # container?
oci-containers.backend = "docker"; oci-containers.backend = "docker";

39
machines/kcnhub/packages/vnc.nix Executable file
View File

@ -0,0 +1,39 @@
{ pkgs, ... }: {
# TurboVNC and VirtualGL packages with 32-bit support
environment.systemPackages = with pkgs; [
turbovnc
virtualgl
pkgsi686Linux.virtualgl # Essential for 32-bit OpenGL applications
# Additional utilities for VNC sessions
xorg.xhost
xorg.xauth
xorg.xrandr
# Desktop environment components for VNC
plasma-desktop
konsole
dolphin
# Alternative lightweight desktop
xfce.xfce4-session
xfce.xfdesktop
xfce.xfce4-panel
xfce.thunar
];
# Configure library paths for VirtualGL
environment.sessionVariables = {
LD_LIBRARY_PATH = [ "/run/opengl-driver/lib/:/run/opengl-driver-32/lib:${pkgs.virtualgl}/lib:${pkgs.pkgsi686Linux.virtualgl}/lib" ];
};
# Open VNC ports in firewall
networking.firewall.allowedTCPPorts = [ 5901 5902 5903 ];
# Ensure proper OpenGL support
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true; # Critical for VirtualGL 32-bit support
};
}

22
machines/kcnhub/secrets/ngilab_net.yaml Normal file
View File

@ -0,0 +1,22 @@
SSID: ENC[AES256_GCM,data:1yAXMlH4eHseIutf,iv:Jj8ZaPihXlqe7BObLkAIIL1yj4cCmwrbIZY7iEB25LA=,tag:XfNIVpq488lXh3brnVVDBA==,type:str]
psk: ENC[AES256_GCM,data:In4FOsD9tfNVMCTmeyx+XLUqrg==,iv:W/tvKb0O8R0vBQ8+ckLsGVpoONorgfIjyxpt5sz6Io8=,tag:qnRYtjoOp3dOFRSbgwpUKg==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1cvmffz227lhsvy4ufh0gnkfsvs5f27hv5l90m0lf4558uphteefsj2t74j
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHOURUTWQ0VlFMTXBlTTkv
WGlWeW92M3YyaUFZcUN2U1VGOE43Y0pBU0UwCmtQTXBBbVFMeDJIQ0loSW5FbU1L
NmhxbW5GTXlJVjBRRzVLejBwUXpINlkKLS0tIG9MS0cyOEZuVmxaRmRkZUxSalph
b2VWcThCOWNrTXBraDVHc002c0pYVTQKg0EotBCMyF3JMuEQWklY7snO9WkwW/FO
IfoZduqkdaIbn0SybZnCC12TgbVYoKstwANV9HsZREw+2G9wq8vm3Q==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-11-07T17:00:04Z"
mac: ENC[AES256_GCM,data:61+fDKLcYgdHVqvdQIK+6v0BvkoE34PnI/3vQ+5xmqQpGOcgVJbWdL9XCDj29prWgVRpIOOsmXgkXB37pLswd53S5PWKOzxCsyYfanqT/lzjzA8ntU4r9T9jOzz6H/MU7J41rzzKrvH0cyisGw0LkLhbhKXCgMdFF0vz1gynIlA=,iv:TDfRYDCFCIXkKlhWx0c6Qjmg+19cvgoczyuDevNmkG4=,tag:tI0eMREuKip9BTZAAPATsg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

1
machines/kcnhub/services.nix
View File

@ -2,6 +2,7 @@
imports = [ imports = [
./services/ssh.nix ./services/ssh.nix
./services/xrdp.nix ./services/xrdp.nix
./services/vnc-startup.nix
]; ];
services.vscode-server.enable = true; services.vscode-server.enable = true;
} }

52
machines/kcnhub/services/vnc-startup.nix Executable file
View File

@ -0,0 +1,52 @@
{ pkgs, ... }: {
# Create VNC startup scripts for different desktop environments
environment.etc."vnc/xstartup-plasma".source = pkgs.writeScript "xstartup-plasma" ''
#!/usr/bin/env bash
# Set up environment
export XDG_CURRENT_DESKTOP=KDE
export KDE_SESSION_VERSION=5
export QT_QPA_PLATFORM=xcb
# Start D-Bus if not running
if [ -z "$DBUS_SESSION_BUS_ADDRESS" ]; then
eval $(dbus-launch --sh-syntax --exit-with-session)
fi
# Start Plasma desktop session
exec startplasma-x11
'';
environment.etc."vnc/xstartup-xfce".source = pkgs.writeScript "xstartup-xfce" ''
#!/usr/bin/env bash
# Set up environment
export XDG_CURRENT_DESKTOP=XFCE
export XDG_SESSION_DESKTOP=xfce
# Start D-Bus if not running
if [ -z "$DBUS_SESSION_BUS_ADDRESS" ]; then
eval $(dbus-launch --sh-syntax --exit-with-session)
fi
# Start XFCE session
exec startxfce4
'';
environment.etc."vnc/xstartup-minimal".source = pkgs.writeScript "xstartup-minimal" ''
#!/usr/bin/env bash
# Minimal desktop with window manager only
xrdb $HOME/.Xresources
xsetroot -solid grey
# Start a simple window manager and terminal
icewm &
exec konsole
'';
# Make scripts executable
system.activationScripts.vnc-scripts = ''
chmod +x /etc/vnc/xstartup-*
'';
}