diff --git a/provision/nixos/hosts/kestrel/configuration.nix b/provision/nixos/hosts/kestrel/configuration.nix index 08a2a3c5..2c9d62ed 100644 --- a/provision/nixos/hosts/kestrel/configuration.nix +++ b/provision/nixos/hosts/kestrel/configuration.nix @@ -106,7 +106,7 @@ imports = [ ../../modules ]; modules = { services = { - samba.enable = true; + samba-client.enable = true; }; devel = { tooling.enable = true; diff --git a/provision/nixos/hosts/torus/configuration.nix b/provision/nixos/hosts/torus/configuration.nix index 1fa7d42b..c716da27 100644 --- a/provision/nixos/hosts/torus/configuration.nix +++ b/provision/nixos/hosts/torus/configuration.nix @@ -19,6 +19,9 @@ # Use normal kernel boot.kernelPackages = pkgs.linuxPackages; + # Set kernel modules + boot.kernelModules = [ "sg" ]; + # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -35,6 +38,15 @@ # Enable virtualisation virtualisation.docker.enable = true; virtualisation.docker.storageDriver = "btrfs"; + virtualisation.docker.enableNvidia = true; + services.xserver.videoDrivers = [ "nvidia" ]; + + hardware.opengl = { + enable = true; + driSupport = true; + driSupport32Bit = true; + setLdLibraryPath = true; + }; # Enable zsh programs.zsh.enable = true; @@ -80,11 +92,9 @@ # Enable modules imports = [ ../../modules ]; modules = { - server = { - jellyfin.enable = true; - }; services = { - samba.enable = true; + samba-server.enable = true; + jellyfin.enable = true; }; devel = { tooling.enable = true; diff --git a/provision/nixos/modules/server/default.nix b/provision/nixos/modules/server/default.nix deleted file mode 100644 index d7a8c6f3..00000000 --- a/provision/nixos/modules/server/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./jellyfin.nix ]; -} diff --git a/provision/nixos/modules/services/default.nix b/provision/nixos/modules/services/default.nix index 82c473da..61f723f0 100644 --- a/provision/nixos/modules/services/default.nix +++ b/provision/nixos/modules/services/default.nix @@ -1,4 +1,4 @@ { ... }: { - imports = [ ./samba.nix ]; + imports = [ ./samba-server.nix ./samba-client.nix ./jellyfin.nix ]; } diff --git a/provision/nixos/modules/server/jellyfin.nix b/provision/nixos/modules/services/jellyfin.nix similarity index 73% rename from provision/nixos/modules/server/jellyfin.nix rename to provision/nixos/modules/services/jellyfin.nix index 1fbb62b0..a8f51403 100644 --- a/provision/nixos/modules/server/jellyfin.nix +++ b/provision/nixos/modules/services/jellyfin.nix @@ -5,6 +5,8 @@ in { options.modules.server.jellyfin.enable = lib.mkEnableOption "jellyfin"; config = lib.mkIf cfg.enable { services.jellyfin.enable = true; + services.jellyfin.openFirewall = true; + services.jellyfin.user = "${user}"; }; } diff --git a/provision/nixos/modules/services/samba-client.nix b/provision/nixos/modules/services/samba-client.nix new file mode 100644 index 00000000..e489e083 --- /dev/null +++ b/provision/nixos/modules/services/samba-client.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: + +let cfg = config.modules.services.samba-client; +in { + options.modules.services.samba-client.enable = lib.mkEnableOption "samba-client"; + config = lib.mkIf cfg.enable { + + # the needed ports in the firewall. + networking.firewall.allowedTCPPorts = [ 445 139 ]; + networking.firewall.allowedUDPPorts = [ 137 138 ]; + + # To make SMB mounting easier on the command line + environment.systemPackages = with pkgs; [ cifs-utils ]; + }; +} diff --git a/provision/nixos/modules/services/samba-server.nix b/provision/nixos/modules/services/samba-server.nix new file mode 100644 index 00000000..b328c842 --- /dev/null +++ b/provision/nixos/modules/services/samba-server.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, ... }: + +let cfg = config.modules.services.samba-server; +in { + options.modules.services.samba-server.enable = lib.mkEnableOption "samba-server"; + config = lib.mkIf cfg.enable { + services.samba = { + enable = true; + extraConfig = '' + workgroup = WORKGROUP + server string = smbnix + netbios name = smbnix + security = user + hosts allow = 192.168.1. 127.0.0.1 localhost + hosts deny = 0.0.0.0/0 + guest account = nobody + map to guest = bad user + ''; + + shares = { + private = { + "path" = "/engi"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + "force user" = "tstarr"; + "force group" = "users"; + }; + public = { + "path" = "/engi"; + browseable = "yes"; + "read only" = "yes"; + "guest ok" = "yes"; + }; + }; + }; + + # Curiously, `services.samba` does not automatically open + # the needed ports in the firewall. + networking.firewall.allowedTCPPorts = [ 445 139 ]; + networking.firewall.allowedUDPPorts = [ 137 138 ]; + + # To make SMB mounting easier on the command line + environment.systemPackages = with pkgs; [ cifs-utils ]; + }; +} diff --git a/provision/nixos/modules/services/samba.nix b/provision/nixos/modules/services/samba.nix deleted file mode 100644 index 2c5d073f..00000000 --- a/provision/nixos/modules/services/samba.nix +++ /dev/null @@ -1,32 +0,0 @@ -# Samba for file sharing! - -{ config, lib, pkgs, ... }: - -let cfg = config.modules.services.samba; -in { - options.modules.services.samba.enable = lib.mkEnableOption "samba"; - config = lib.mkIf cfg.enable { - services.samba = { - enable = true; - extraConfig = '' - browseable = yes - smb encrypt = required - ''; - shares = { - homes = { - browseable = "no"; # note: each home will be browseable; the "homes" share will not. - "read only" = "no"; - "guest ok" = "no"; - }; - }; - }; - - # Curiously, `services.samba` does not automatically open - # the needed ports in the firewall. - networking.firewall.allowedTCPPorts = [ 445 139 ]; - networking.firewall.allowedUDPPorts = [ 137 138 ]; - - # To make SMB mounting easier on the command line - environment.systemPackages = with pkgs; [ cifs-utils ]; - }; -}