Compare commits

..

10 Commits

Author SHA1 Message Date
David Crompton 0f7bb03390 Enable Caddy & Gitea 2023-10-26 13:26:54 -04:00
David Crompton ab368ed303 Gitea Correct Domain 2023-10-26 13:26:54 -04:00
David Crompton e9902fcb5f Add userns keepid to deeplab (perms fix) 2023-10-26 13:26:54 -04:00
David Crompton 47fc65db82 Add Srikar 2023-10-26 13:26:54 -04:00
David Crompton 4680de1f03 Add vim 2023-10-26 13:26:54 -04:00
David Crompton aea175d01a Restructure Groups (and Permissions) 2023-10-26 13:26:54 -04:00
David Crompton 90ab2fd716 Disable Sleep (for SSH) 2023-10-26 13:26:54 -04:00
David Crompton 9dd2a2f26e Add Frances 2023-10-26 13:26:54 -04:00
David Crompton f708baaf85 Matlab server + Octave 2023-10-26 13:26:54 -04:00
David Crompton f5169b2fa2 NTFS Support 2023-10-26 13:26:54 -04:00
19 changed files with 136 additions and 17 deletions

View File

@ -16,8 +16,13 @@
./packages.nix ./packages.nix
# Set of Users on This System # Set of Users on This System
./users.nix ./users.nix
# Disable sleep (so SSH remains accessible)
./nosleep.nix
]; ];
# Support NTFS(3g)
boot.supportedFilesystems = ["ntfs"];
networking.firewall.enable = true; networking.firewall.enable = true;
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.

View File

@ -0,0 +1,6 @@
{ ... }: {
systemd.targets.sleep.enable = false;
systemd.targets.suspend.enable = false;
systemd.targets.hibernate.enable = false;
systemd.targets.hybrid-sleep.enable = false;
}

View File

@ -13,7 +13,8 @@ index c62087c..30b5e51
@@ -144,8 +144,10 @@ gui() { @@ -144,8 +144,10 @@ gui() {
update gui || exit 1 update gui || exit 1
build gui || exit 1 build gui || exit 1
args="$(get_x11_args) $(get_mount_args) ${extra_args}" - args="$(get_x11_args) $(get_mount_args) ${extra_args}"
+ args="$(get_x11_args) $(get_mount_args) ${extra_args} --userns keep-id"
+ xhost +local:dlc + xhost +local:dlc
$DOCKER run -it --rm ${args} $(get_local_container_name gui) \ $DOCKER run -it --rm ${args} $(get_local_container_name gui) \
|| err "Failed to launch the DLC GUI. Used args: \"${args}\"" || err "Failed to launch the DLC GUI. Used args: \"${args}\""

View File

@ -1,8 +1,57 @@
{ config, lib, pkgs, nix-matlab, ... }: { { config, lib, pkgs, nix-matlab, ... }: let
environment.systemPackages = with nix-matlab.packages.x86_64-linux; [ license-manager = pkgs.stdenv.mkDerivation rec {
pname = "matlab-license-server";
version = "R2023b";
src = pkgs.fetchurl {
url = "https://ssd.mathworks.com/supportfiles/downloads/${version}/license_manager/${version}/daemons/glnxa64/mathworks_network_license_manager_glnxa64.zip";
hash = "sha256-Btl3ETzTtAV+cjqwXf4AE4QJCtssN1s6dmmcpR1EQxY=";
};
nativeBuildInputs = [
pkgs.autoPatchelfHook
];
unpackPhase = ''
${pkgs.unzip}/bin/unzip $src
'';
installPhase = ''
mkdir $out
cp -r * $out/
addAutoPatchelfSearchPath $out/*
'';
};
matlab-server = pkgs.buildFHSUserEnv {
name = "matlab-server";
targetPkgs = (ps: nix-matlab.targetPkgs ps ++ [
license-manager
]);
runScript = pkgs.writeScript "matlab-server" (nix-matlab.shellHooksCommon + ''
exec $MATLAB_INSTALL_DIR/bin/matlab "$@"
'');
};
matlab-server-shell = pkgs.buildFHSUserEnv {
name = "matlab-server-shell";
targetPkgs = (ps: nix-matlab.targetPkgs ps ++ [
license-manager
]);
runScript = pkgs.writeScript "matlab-server-shell" (nix-matlab.shellHooksCommon + ''
echo license-server is in:
echo ${license-manager}
echo Make sure it is installed (matlab-server user)
exec bash
'');
};
in {
environment.systemPackages = (with nix-matlab.packages.x86_64-linux; [
matlab matlab
matlab-shell matlab-shell
matlab-server
matlab-server-shell
matlab-mlint matlab-mlint
matlab-mex matlab-mex
]; ]) ++ (with pkgs; [
octaveFull
]);
} }

View File

@ -8,5 +8,6 @@
btop btop
htop htop
tree tree
vim
]; ];
} }

View File

@ -1,5 +1,7 @@
{ ... }: { { ... }: {
imports = [ imports = [
./servers/caddy.nix
./servers/xpra.nix ./servers/xpra.nix
./servers/gitea.nix
]; ];
} }

View File

@ -0,0 +1,21 @@
{ config, pkgs, lib, ... }:
{
services.caddy = {
enable = true;
};
# Need 80 & 443 Enabled so Caddy is externally accessible
networking.firewall = let
ports = [ 80 443 ];
in {
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
services.caddy.virtualHosts = lib.mkAfter {
"*.ws.kcnhub.com" = {
extraConfig = ''
error 404
'';
};
};
}

View File

@ -1,6 +1,6 @@
{ pkgs, config, ...}: let { pkgs, config, ...}: let
# Domain TBD # Domain TBD
domain = "git.kcnhub.syzygial.cc"; domain = "git.ws.kcnhub.com";
in { in {
services.gitea = { services.gitea = {
enable = true; enable = true;
@ -11,7 +11,7 @@ in {
settings = { settings = {
server = { server = {
HTTP_PORT = 5000; HTTP_PORT = 5000;
ROOT_URL = "https://git.${davesDomain}"; ROOT_URL = "https://${domain}";
}; };
actions = { actions = {
ENABLED = true; ENABLED = true;
@ -49,7 +49,7 @@ in {
}; };
services.caddy.virtualHosts = { services.caddy.virtualHosts = {
"${domain}" = { "${domain}" = {
extraConfig = '' extraConfig = ''
reverse_proxy 127.0.0.1:${toString config.services.gitea.settings.server.HTTP_PORT} reverse_proxy 127.0.0.1:${toString config.services.gitea.settings.server.HTTP_PORT}
''; '';
}; };

View File

@ -6,5 +6,11 @@
./users/alan.nix ./users/alan.nix
./users/spandan.nix ./users/spandan.nix
./users/matlab-server.nix ./users/matlab-server.nix
./users/frances.nix
./users/srikar.nix
# Groups
./users/groups/admin.nix
./users/groups/nfrf.nix
]; ];
} }

View File

@ -1,7 +1,6 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.users.alan = { users.users.alan = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ];
homeSize = "50g"; homeSize = "50g";
homeProjectId = 103; homeProjectId = 103;
packages = with pkgs; [ packages = with pkgs; [

View File

@ -1,7 +1,6 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.users.carol = { users.users.carol = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ];
homeSize = "50g"; homeSize = "50g";
homeProjectId = 102; homeProjectId = 102;
packages = with pkgs; [ packages = with pkgs; [

View File

@ -1,7 +1,6 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.users.darian = { users.users.darian = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ];
homeSize = "50g"; homeSize = "50g";
homeProjectId = 101; homeProjectId = 101;
packages = with pkgs; [ packages = with pkgs; [

View File

@ -1,7 +1,6 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.users.david = { users.users.david = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ];
homeSize = "50g"; homeSize = "50g";
homeProjectId = 100; homeProjectId = 100;
packages = with pkgs; [ packages = with pkgs; [

View File

@ -0,0 +1,11 @@
{ pkgs, ... }: {
users.users.frances = {
isNormalUser = true;
homeSize = "50g";
homeProjectId = 106;
packages = with pkgs; [
];
initialHashedPassword = "$y$j9T$I9LtX8Vx/2RKuUT1HjPKN/$TmoQPB/J7y3owZf80oWZjLPv//CVeUd8gVttcFeINQA";
};
}

View File

@ -0,0 +1,8 @@
{ ... }: {
users.groups."wheel" = {
members = [
"root"
"david"
];
};
}

View File

@ -0,0 +1,8 @@
{ ... }: {
users.groups."nfrf" = {
members = [
"spandan"
"frances"
];
};
}

View File

@ -1,7 +1,6 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.users.matlab-server = { users.users.matlab-server = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" ];
homeSize = "15g"; homeSize = "15g";
homeProjectId = 105; homeProjectId = 105;
packages = with pkgs; [ packages = with pkgs; [

View File

@ -1,15 +1,10 @@
{ pkgs, ... }: { { pkgs, ... }: {
users.users.spandan = { users.users.spandan = {
isNormalUser = true; isNormalUser = true;
extraGroups = [
"wheel"
"mousetbi"
];
homeSize = "50g"; homeSize = "50g";
homeProjectId = 104; homeProjectId = 104;
packages = with pkgs; [ packages = with pkgs; [
]; ];
}; };
users.groups."mousetbi" = { };
} }

View File

@ -0,0 +1,11 @@
{ pkgs, ... }: {
users.users.srikar = {
isNormalUser = true;
extraGroups = [ "wheel" ];
homeSize = "50g";
homeProjectId = 107;
packages = with pkgs; [
];
};
}