flake.lock: Update

Flake lock file updates:

• Updated input 'nix-matlab':
    'gitlab:doronbehar/nix-matlab/a0d67ef885dc5e8dda36a5ba1f8717711d6221fd' (2023-10-26)
  → 'gitlab:doronbehar/nix-matlab/a30efa9471c56148d26bcc48e83fae52e4f68f8e' (2024-01-16)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/60b9db998f71ea49e1a9c41824d09aa274be1344' (2023-10-26)
  → 'github:NixOS/nixpkgs/70bdadeb94ffc8806c0570eb5c2695ad29f0e421' (2024-01-03)
• Updated input 'nixpkgs-unstable':
    'github:NixOS/nixpkgs/8efd5d1e283604f75a808a20e6cde0ef313d07d4' (2023-10-24)
  → 'github:NixOS/nixpkgs/9b19f5e77dd906cb52dade0b7bd280339d2a1f3d' (2024-01-13)
• Updated input 'sops-nix':
    'github:Mic92/sops-nix/014e44d334a39481223a5d163530d4c4ca2e75cb' (2023-10-25)
  → 'github:Mic92/sops-nix/87755331580fdf23df7e39b46d63ac88236bf42c' (2024-01-15)
• Updated input 'sops-nix/nixpkgs-stable':
    'github:NixOS/nixpkgs/fb000224952bf7749a9e8b3779104ef7ea4465c8' (2023-10-21)
  → 'github:NixOS/nixpkgs/a1982c92d8980a0114372973cbdfe0a307f1bdea' (2024-01-12)

flake.lock

@@ -24,11 +24,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1698332476,
-        "narHash": "sha256-hVM6jueBvac6BEkzP2iNH5eweKUDH7fgUV7lluRuSF4=",
+        "lastModified": 1705417306,
+        "narHash": "sha256-Or77tZQg7vA6SO3Y2/I3hldhTQbdAIctNf+te3jM0HQ=",
         "owner": "doronbehar",
         "repo": "nix-matlab",
-        "rev": "a0d67ef885dc5e8dda36a5ba1f8717711d6221fd",
+        "rev": "a30efa9471c56148d26bcc48e83fae52e4f68f8e",
         "type": "gitlab"
       },
       "original": {
@@ -39,11 +39,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1698288402,
-        "narHash": "sha256-jIIjApPdm+4yt8PglX8pUOexAdEiAax/DXW3S/Mb21E=",
+        "lastModified": 1704290814,
+        "narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "60b9db998f71ea49e1a9c41824d09aa274be1344",
+        "rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
         "type": "github"
       },
       "original": {
@@ -55,11 +55,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1697929210,
-        "narHash": "sha256-RkQZif6QhswEwv7484mrKfIU8XmIWm+ED6llbr4IyxM=",
+        "lastModified": 1705033721,
+        "narHash": "sha256-K5eJHmL1/kev6WuqyqqbS1cdNnSidIZ3jeqJ7GbrYnQ=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "fb000224952bf7749a9e8b3779104ef7ea4465c8",
+        "rev": "a1982c92d8980a0114372973cbdfe0a307f1bdea",
         "type": "github"
       },
       "original": {
@@ -71,11 +71,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1698134075,
-        "narHash": "sha256-foCD+nuKzfh49bIoiCBur4+Fx1nozo+4C/6k8BYk4sg=",
+        "lastModified": 1705133751,
+        "narHash": "sha256-rCIsyE80jgiOU78gCWN3A0wE0tR2GI5nH6MlS+HaaSQ=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "8efd5d1e283604f75a808a20e6cde0ef313d07d4",
+        "rev": "9b19f5e77dd906cb52dade0b7bd280339d2a1f3d",
         "type": "github"
       },
       "original": {
@@ -101,11 +101,11 @@
         "nixpkgs-stable": "nixpkgs-stable"
       },
       "locked": {
-        "lastModified": 1698273636,
-        "narHash": "sha256-swsqg/ckSVJnravx7ie9NFQSKIH27owtlk0wh4+xStk=",
+        "lastModified": 1705356877,
+        "narHash": "sha256-274jL1cH64DcXUXebVMZBRUsTs3FvFlPIPkCN/yhSnI=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "014e44d334a39481223a5d163530d4c4ca2e75cb",
+        "rev": "87755331580fdf23df7e39b46d63ac88236bf42c",
         "type": "github"
       },
       "original": {

machines/kcnhub/packages/terminal.nix

@@ -9,5 +9,7 @@
     htop
     tree
     vim
+    tmux
+    screen
   ];
 }

machines/kcnhub/servers.nix

@@ -6,5 +6,9 @@
     ./servers/gitea.nix
     # Online Remote Connectivity
     ./servers/guac.nix
+    # Overleaf (Collaborative LaTeX)
+    ./servers/overleaf.nix
+    # Basic remote editting in jupyer notebooks
+    ./servers/jupyterhub.nix
   ];
 }

machines/kcnhub/servers/gitea.nix

@@ -20,6 +20,9 @@ in {
     };
   };
 
+  # To allow gitea to access /etc/shadow for PAM authentication
+  users.users.gitea.extraGroups = [ "shadow" ];
+
   # Services Runner running in nixos-container w/ host label
   # This allows sharing of nix-store for caching actions builds
   # ... Maybe I'll actually set this up. Some concern for clearing its

machines/kcnhub/servers/jupyterhub.nix

@@ -0,0 +1,61 @@
+{ config, pkgs, lib, ... }: {
+  services.jupyterhub = {
+    enable = true;
+    port = 6501;
+    # https://github.com/jupyterhub/systemdspawner
+    # Configuration options defined ^
+    extraConfig = ''
+      c.SystemdSpawner.mem_limit = '2G'
+      c.SystemdSpawner.cpu_limit = 1.0
+    '';
+    kernels = {
+      python = {
+        python3 = let
+          env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
+            # Necessary for use as a kernel
+            ipykernel
+
+            # Common Python Libraries
+            numpy
+            scipy
+            scikit-learn
+            pandas
+            matplotlib
+            seaborn
+
+            # Neural Data Processing Libraries
+            mne-python
+            nibabel
+            neo
+            
+            # Neurosimulators
+            neuronpy
+            nest
+            brian2
+          ]));
+        in {
+          displayName = "Python 3 for Computational Neuroscience";
+          argv = [
+            "${env.interpreter}"
+            "-m"
+            "ipykernel_launcher"
+            "-f"
+            "{connection_file}"
+          ];
+          language = "python";
+          logo32 = "${env}/${env.sitePackages}/ipykernel/resources/logo-32x32.png";
+          logo64 = "${env}/${env.sitePackages}/ipykernel/resources/logo-64x64.png";
+        };
+      };
+    };
+  };
+
+  services.caddy.virtualHosts = {
+    "jupyter.ws.kcnhub.com" = {
+      extraConfig = ''
+        reverse_proxy 127.0.0.1:${toString config.services.jupyterhub.port}
+      '';           
+    };
+  };
+
+}

machines/kcnhub/servers/overleaf.nix

@@ -0,0 +1,45 @@
+{ config, pkgs, lib, ... }: let
+  stateDir = "/var/lib/overleaf";
+in {
+  users = {
+    users.overleaf = {
+      description = "Overleaf LaTeX Server";
+      useDefaultShell = true;
+      group = "overleaf";
+      # "Normal" User: for Podman Usage
+      isNormalUser = true;
+      home = stateDir;
+    };
+    groups.overleaf = {};
+  };
+  
+  services.caddy.virtualHosts = {
+    "overleaf.ws.kcnhub.com" = {
+      extraConfig = ''
+        reverse_proxy 127.0.0.1:7080
+      '';           
+    };
+  };
+
+  # Overleaf only officially supports container based installation
+  # For ease of use and compatability we shall follow suit (for now)
+  # An imperative installation is described below, to be updated
+  # to a declarative installation at a later date (with no loss of data)
+  #
+  # Imperative Description:
+  #
+  # Overleaf/toolkit installed in $stateDir:
+  # https://github.com/overleaf/toolkit
+  #
+  # This repository contains scripts to configure
+  # and instantiate overleaf in the same directory
+  # (hence making declarative pure description more difficult)
+  #
+  # These scripts configure a set of containers (docker/podman)
+  # overleaf (sharelatex)
+  # MongoDB
+  # Redis
+  #
+  # These are the things that will need to be migrated, come a declarative port
+  # All Relevant files will be stored in the $stateDir.
+}