diff --git a/.sops.yaml b/.sops.yaml index b93a6e2..d72a625 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -4,6 +4,7 @@ keys: - &monolith-ssh age1ecyynwv93lfu7crjjp8l47defv07quzfzaktwurpep7jc9eha5pscg7lrw - &double-rainbow-ssh age1026d4c8nqyapcsy4jz57szt6zw3ejcgv3ecyvz0s89t7w7z964fqdqv52h - &phantom-ssh age1m4mqcd2kmuhfr8a22rvh02c68jkakhdfmuqgtusuv0czk4jvna7sz79p3y + - &stonehenge-ssh age13y65zemwlfnf5pszspeh87utv5jrfm35varxjdsh78xhfhs7la3scm9l9g creation_rules: - path_regex: secrets/[^/]+\.(yaml|json|env|ini|gpg)$ @@ -35,3 +36,10 @@ creation_rules: age: - *lelgenio-ssh - *phantom-ssh + - path_regex: secrets/stonehenge/[^/]+\.(yaml|json|env|ini|gpg)$ + key_groups: + - pgp: + - *lelgenio-gpg + age: + - *lelgenio-ssh + - *stonehenge-ssh diff --git a/flake.nix b/flake.nix index 8fc0636..250b02b 100644 --- a/flake.nix +++ b/flake.nix @@ -187,6 +187,14 @@ ./hosts/phantom ]; }; + stonehenge = lib.nixosSystem { + inherit system specialArgs; + modules = [ + { nixpkgs.pkgs = pkgs; } + ./hosts/stonehenge + inputs.sops-nix.nixosModules.default + ]; + }; }; homeConfigurations.lelgenio = inputs.home-manager.lib.homeManagerConfiguration { diff --git a/hosts/stonehenge/default.nix b/hosts/stonehenge/default.nix new file mode 100644 index 0000000..4f0ff32 --- /dev/null +++ b/hosts/stonehenge/default.nix @@ -0,0 +1,145 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, ... }: + +{ + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ./gitlab-runner.nix + ./nebula-vpn.nix + ./vagrant.nix + + ../../system/sops.nix + ../../system/nix.nix + ]; + + # Bootloader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "stonehenge"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Enable networking + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "America/Sao_Paulo"; + + # Select internationalisation properties. + i18n.defaultLocale = "pt_BR.UTF-8"; + + i18n.extraLocaleSettings = { + LC_ADDRESS = "pt_BR.UTF-8"; + LC_IDENTIFICATION = "pt_BR.UTF-8"; + LC_MEASUREMENT = "pt_BR.UTF-8"; + LC_MONETARY = "pt_BR.UTF-8"; + LC_NAME = "pt_BR.UTF-8"; + LC_NUMERIC = "pt_BR.UTF-8"; + LC_PAPER = "pt_BR.UTF-8"; + LC_TELEPHONE = "pt_BR.UTF-8"; + LC_TIME = "pt_BR.UTF-8"; + }; + + # Enable the X11 windowing system. + # You can disable this if you're only using the Wayland session. + # services.xserver.enable = true; + + # Enable the KDE Plasma Desktop Environment. + services.displayManager.sddm.enable = true; + services.desktopManager.plasma6.enable = true; + + # Configure keymap in X11 + services.xserver.xkb = { + layout = "us"; + variant = "colemak"; + }; + + # Enable CUPS to print documents. + services.printing.enable = true; + + # Enable sound with pipewire. + services.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.user = { + isNormalUser = true; + description = "user"; + extraGroups = [ + "networkmanager" + "wheel" + ]; + packages = with pkgs; [ + # kdePackages.kate + # thunderbird + ]; + }; + + security.sudo.wheelNeedsPassword = false; + + virtualisation.virtualbox.host.enable = true; + + # Install firefox. + programs.firefox.enable = true; + + # # Allow unfree packages + # nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "25.11"; # Did you read the comment? + +} diff --git a/hosts/stonehenge/gitlab-runner.nix b/hosts/stonehenge/gitlab-runner.nix new file mode 100644 index 0000000..65498fc --- /dev/null +++ b/hosts/stonehenge/gitlab-runner.nix @@ -0,0 +1,36 @@ +{ + config, + pkgs, + ... +}: +let + inherit (pkgs.callPackage ../../system/gitlab-runner.nix { }) mkNixRunnerFull; +in +{ + boot.kernel.sysctl."net.ipv4.ip_forward" = true; + virtualisation.docker.enable = true; + services.gitlab-runner = { + enable = true; + settings.concurrent = 4; + services = { + wopus-gitlab-nix = mkNixRunnerFull { + authenticationTokenConfigFile = config.sops.secrets."gitlab-runners/wopus-gitlab-nix".path; + # nixCacheSshPrivateKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pk".path; + # nixCacheSshPublicKeyPath = config.sops.secrets."gitlab-runners/wopus-ssh-nix-cache-pub".path; + }; + }; + }; + systemd.services.gitlab-runner.serviceConfig.Nice = 10; + + sops.secrets = { + "gitlab-runners/wopus-gitlab-nix" = { + sopsFile = ../../secrets/stonehenge/default.yaml; + }; + "gitlab-runners/wopus-ssh-nix-cache-pk" = { + sopsFile = ../../secrets/stonehenge/default.yaml; + }; + "gitlab-runners/wopus-ssh-nix-cache-pub" = { + sopsFile = ../../secrets/stonehenge/default.yaml; + }; + }; +} diff --git a/hosts/stonehenge/hardware-configuration.nix b/hosts/stonehenge/hardware-configuration.nix new file mode 100644 index 0000000..192dd20 --- /dev/null +++ b/hosts/stonehenge/hardware-configuration.nix @@ -0,0 +1,48 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/d22f00a1-af56-4468-a041-96523befe151"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/FE31-5AA5"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/533ceee7-721c-4bdc-9212-6043bf05b205"; } + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/stonehenge/nebula-vpn.nix b/hosts/stonehenge/nebula-vpn.nix new file mode 100644 index 0000000..6666fc4 --- /dev/null +++ b/hosts/stonehenge/nebula-vpn.nix @@ -0,0 +1,61 @@ +{ pkgs, config, ... }: +let + s = config.sops.secrets; + + secretConfig = { + owner = "nebula-wopus"; + group = "nebula-wopus"; + restartUnits = [ "nebula@wopus.service" ]; + sopsFile = ../../secrets/stonehenge/default.yaml; + }; +in +{ + environment.systemPackages = with pkgs; [ nebula ]; + + services.nebula.networks.wopus = { + enable = true; + isLighthouse = false; + lighthouses = [ + "192.168.88.1" + "192.168.88.2" + "192.168.88.3" + ]; + settings = { + cipher = "aes"; + }; + cert = s."nebula-wopus-vpn/stonehenge-crt".path; + key = s."nebula-wopus-vpn/stonehenge-key".path; + ca = s."nebula-wopus-vpn/ca-crt".path; + staticHostMap = { + "192.168.88.1" = [ + "neubla-vpn.wopus.dev:4242" + ]; + "192.168.88.2" = [ + "82.25.77.78:4242" + ]; + "192.168.88.3" = [ + "72.60.60.221:4242" + ]; + }; + firewall.outbound = [ + { + host = "any"; + port = "any"; + proto = "any"; + } + ]; + firewall.inbound = [ + { + host = "any"; + port = "any"; + proto = "any"; + } + ]; + }; + + sops.secrets = { + "nebula-wopus-vpn/ca-crt" = secretConfig; + "nebula-wopus-vpn/stonehenge-crt" = secretConfig; + "nebula-wopus-vpn/stonehenge-key" = secretConfig; + }; +} diff --git a/hosts/stonehenge/vagrant.nix b/hosts/stonehenge/vagrant.nix new file mode 100644 index 0000000..33ac64b --- /dev/null +++ b/hosts/stonehenge/vagrant.nix @@ -0,0 +1,57 @@ +{ pkgs, ... }: +let + vagrantScript = pkgs.writeScriptBin "vagrant-vnode-05" '' + #!${pkgs.bash}/bin/bash + set -euo pipefail + + export PATH="${ + pkgs.lib.makeBinPath ( + with pkgs; + [ + vagrant + curl + openssh + virtualbox + ] + ) + }:$PATH" + export VNODE_NAME=vnode-05 + + cd /home/user/kubernetes-cluster/vnodes + exec ${pkgs.vagrant}/bin/vagrant up + ''; +in +{ + environment.systemPackages = with pkgs; [ + vagrant + curl + openssh + ]; + + users.users.user.extraGroups = [ "vboxusers" ]; + + systemd.services.vagrant-vnode-05 = { + description = "Vagrant vnode-05 service"; + after = [ "network-online.target" ]; + wants = [ "network-online.target" ]; + serviceConfig = { + Type = "oneshot"; + RemainAfterExit = true; + ExecStart = "${vagrantScript}/bin/vagrant-vnode-05"; + User = "user"; + WorkingDirectory = "/home/user/kubernetes-cluster/vnodes"; + Environment = "PATH=${ + pkgs.lib.makeBinPath ( + with pkgs; + [ + vagrant + curl + openssh + virtualbox + ] + ) + }:$PATH"; + }; + wantedBy = [ "multi-user.target" ]; + }; +} diff --git a/secrets/stonehenge/default.yaml b/secrets/stonehenge/default.yaml new file mode 100644 index 0000000..2db1ef6 --- /dev/null +++ b/secrets/stonehenge/default.yaml @@ -0,0 +1,48 @@ +gitlab-runners: + wopus-gitlab-nix: ENC[AES256_GCM,data:u+FYWx3yluA+zFk8VV7RB4TW1AP81K8Ntgd7QDHwb2w0bzQH7URmfF1PrQgZGu/r5Q4zOFgmyUkL6EML9KFFu+3QpilIOTXitiEoi/McOn0DnAOTLhW1Fbg42jKd3gTU9OyLDijlQs3ktyRRSg+1TIEsYNc=,iv:LjRyav0YVKtG79roC8KRS99cVVfu8IJRpAQ9w79PFa0=,tag:K2rjIn823sER+zHezFyAZw==,type:str] + wopus-ssh-nix-cache-pk: ENC[AES256_GCM,data:hAAMdGvTduLQe+e6g0BVrvDATsVuRX5LxLQA2LqFPrdeNVPNzlWt5dNY4PjDuGKKeOyIjfTP2a4R2tLhjzQzSmoUZZVCEijohIsoDLbTfXgDDSOwXiTTr2nj3Hw4+TiuMH/VRgpIzZVjJSweuDK2UmwhbJ3wtahE7iNYD0gZet9Ibnu3iHVW4NdZs0K9joVxJoAaY8ZQi95QC0NYV/8RZ3GQFm2sQK/I1XKEAZGZ9GK5TbRUxGh3HihX68xsxBv5avpXwURp4K/CXW6VCyhAiU21+kpTPxV1x6ZiUfmPqDUmqqV57HL6+z1g6bLb+XGBNU15L0xqItmGpc3ENV2MpTP79MXA8C2eXgkBr0ylnsoFjlrkff+oJbDtHUkWaRHEQvkQtD3JKPgi97PtuBt0qWlpXRsCXnKwH565pfgKu6SGZHZ+VHpAGI3fjtroLhnoCeV6tBpibHk/ADr826IicVJWAVzxTSRfiMA7o4wji7MJxLYf2p3PRixSpQ9oXCsUPykQ1a2jfDs+J0ov+p0u,iv:AXNYaZS6fGz/Jr2zNhvmKOYKj010wtwcatItB8hRs+c=,tag:DixvP6ZaqX9l8Z8KegkvUw==,type:str] + wopus-ssh-nix-cache-pub: ENC[AES256_GCM,data:5G+qIs/J8mwZxGyWkK0nts9E+iqbCe8Or4C4+HHuSr3dyJTmKxmA3a+DpxmbyQ0IKjKQgiz+uJbbRGR7ptzmJr7JvpNhaJO2/CR3MKvsoCpmgynenO2QIqsEidU1h1gqMV6OEDI3pDY3OE6K2M8D2jdYLqMXo5RRa7emEQhXhdQZ98OFgVrLFtrB72Fi/rTJE/tP,iv:JAopM5dwItYl68GDAQublg+C1S0Md3S3G/7GJ11azxQ=,tag:WAqEju2azXgerpIBrk+krw==,type:str] +nebula-wopus-vpn: + ca-crt: ENC[AES256_GCM,data:hV4V9wqOVUhkx6EtNOz1Dd+JzOuWFwwVwFAqkZIOdF4zIAOUvJHN2iUq1bMVLJOWpMcaxTTuXKXTKPbujs8K8TDzpRQzM22SD5o8aZAyPfif/GDUFFaLBygZropM7lUD9WDbjOucCRBKoj9cbazLsabixF1gVR/lZxyPBaquoIlBWvUiFbF5P3CLQGZ5ENprHvHRuFPciiw0JqJJNme/gaz2CBXRbEYxjVFCjwFEYQrxcMxhRw+p/eHCVzUmnOBo+09HFYpBZvIY5Q8F+MPxstWIaeEzn3Spfiw9lRGw7/r6V+Vd8ppKcKWQfgVYynY=,iv:CQjMsZc4oFP4ZDifvynVrh0w1zvXX+g93HOOsdEV2WE=,tag:gRSKJbgkzyLJyHhRqVBL9A==,type:str] + stonehenge-crt: ENC[AES256_GCM,data:y1FQvKI3AOvp8K04qghseuhvaL/yYfjl1lTX2z0f1u61VfLMOPj7R0jR48D5bHXfrTD6exxny6wEy3wuWP105rkLD8oxehzNuT2jgUu85OB3w3yZHdPmW+8lftZcd21BwO0uPTab8EOB19wOCMYuGnO7JL/IRwPTFXVOmKx99+jD5mh5370yB05VVMflSlmA4iCbCvvhTmB1eHFc9a5g687Rwi5PlPEhaaEUDnjyZByO7Uu1nrBBtd5koQIDshIhuQKsVeB4AIOF6EER8dYlLSu9G6GS1cVKuaNoMiUfXLn0Y9kdDDRqetuCteGEd8euwUWGq5XVFIhlOfU6cZOR/wUskrUYWQ+3MApk6TJQQd9HBSU9SoARJZXPXX/RgCIFczeW/dIc1oPRfagnKECS4g==,iv:HSIcmYJib6SsuTbDV4zFePBryCIy0nzV8O5NSAjwuQs=,tag:bonhzMDsyvC/Gn5HLHrJkQ==,type:str] + stonehenge-key: ENC[AES256_GCM,data:HstlV1VXX6edP5XrPUanUfO8yK20imHXwYsV/q/W4IyA+yEH9inYt4oiw3cIvGawx7gfvOpsqU4IUxLsNr4EE83qg3YqkMrnGjYuHTe1LfGsktGhibbCqw4+kcqb12bywuXmPLb9EI4KBCzUi7EQTh4sLEGsqiujS0aUC4qutQ==,iv:RKT2ZM1NeA4MmfbyVvIQ96lNvErSydF8668oHyo4LHg=,tag:EhZlHF7PdAQ0whu/JxIbWw==,type:str] +sops: + age: + - recipient: age1zrgu7w8059xydagm60phnffghvfe9h2ca58cx8qwagqpyfuvs9fqw79c8h + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXWXZkSWUwZ0t0ekhBckxS + M0lIQ1FpWkY2dXhTVmZuYjJxeXhQSW85Ulg0Cm9GV1BqS29wU2FkaEVzazcwbCs1 + Zy9tV0ZxcFBwbFFaMzRwUWFHWUZadDAKLS0tIFdoMkVkZitjNmJhTUVMUjBQdjdi + TjFMZnZDelY2NWtwd1dETFUrUE44eGsKdRVF1QWlhO3obls8Fm+PSs/yzJOUbQ80 + GoWMqeD8qPVhO99Cy9DT0GWOk3DJQNQ55I7w6ctrhJ3XuZHzTyAqlg== + -----END AGE ENCRYPTED FILE----- + - recipient: age13y65zemwlfnf5pszspeh87utv5jrfm35varxjdsh78xhfhs7la3scm9l9g + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5TEIyU1dtK0ZWQmJLY0Z0 + cThwbTdmUkF5ZGgraFBSMjZRUmpiSkxZUFdJCnhBTDd2THlmczk1SE1qZ2VnRk5a + ejZGY2U1L1IxZ3BrdURNTURwRUJCaWsKLS0tIFdEUW5Kcmw5eGE5cFJYejRXTDYr + dC9MaDUvcG96djVFU1Fpb1NKZThNaUEKkxPikf5+veTmrXHU4sxtJO/LsQ3YB4j+ + vkIWWw4qV8zRrh+XxFXrFUURhDp11m/nlpzPERxjNzRs13VS2tXTrw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2026-01-01T22:54:16Z" + mac: ENC[AES256_GCM,data:OF2RLQTbuiW3ba9VBhmJCq3UUlVACe/lxhY9RAjctaZBXTutjH84JuYG9idXiJkZkkG5l9OIez3WueLsU44RG1UgkbHAM5d6RrXsvsleVux0hViH0CIAB4K7NaeA+urgM3TQbXlBVgY2w18bA/BpcbxH3HiMC+9/iOWWJMBZ0RM=,iv:MtRBqhc71fzjLXE8S54woNnCL+0iqFhQ28N+Zz9RSyM=,tag:Aa+wJcyaTjamZ0fA2P9oQg==,type:str] + pgp: + - created_at: "2026-01-01T21:36:47Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + hQEMAzy6JxafzLr5AQf+I8mDQ00zcPxP4GJh5ldaVJSZ95OF7Pk0TmNmtQLaBHqE + Gj8MPa3CE8MyZBtFrWjt52yKcg0wIznd1Uo0HGteW2cMxGezCqioTIqNgXSQ+h/V + T751kH0MBOVscJUoEx3D7sdCsvk70WwnN2FdkFpA1NIDqsoHCT4MXGzcAMVTv/+K + Y630VFguV0Fcmy16Kry1EFVDSorio6BxwBnK2PG/uAQOEjTA8fLTVutc+h7glqjU + iiNPsv6MtB5gTp/Q+IPHgGmPpyCP2vN7i0ArVNFRQ2tf9tIeo/5FfgmWCH8CTcr5 + deK/UPwJ3u2o4OsVLQryx9TBVnBcFG31f+/kwIG4CNJcAZxl1w0DbS+zHtIu1Bo5 + oRAxj00EeM8Vp7FFA70Z38HSzFyvawomSrtzRNhRPoLOPemG59WH4621BL1HC9Rz + 8lhSEVRdw/BjmtNRRcLsw9NrAjGsHkkhkEluY1U= + =bhCO + -----END PGP MESSAGE----- + fp: 0FECE8316E74BA6F44EFC21A2F8F21CE8721456B + unencrypted_suffix: _unencrypted + version: 3.11.0 diff --git a/switch-stonehenge b/switch-stonehenge new file mode 100755 index 0000000..066d2a7 --- /dev/null +++ b/switch-stonehenge @@ -0,0 +1 @@ +nixos-rebuild switch --flake .#stonehenge -L --target-host stonehenge-lan --build-host stonehenge-lan --sudo diff --git a/system/greetd.nix b/system/greetd.nix index 73ea5c3..94d20e1 100644 --- a/system/greetd.nix +++ b/system/greetd.nix @@ -42,9 +42,13 @@ in }; services.greetd = let + start-sway = pkgs.writeShellScriptBin "start-sway" '' + mkdir -p ~/.local/share/sway + exec sway 2>&1 | tee -a ~/.local/share/sway/sway.log + ''; greetd_main_script = pkgs.writeShellScriptBin "main" '' export XDG_CURRENT_DESKTOP=sway GTK_THEME="${theme.gtk_theme}" XCURSOR_THEME="${theme.cursor_theme}" - ${pkgs.greetd.gtkgreet}/bin/gtkgreet -l -c ${desktop} + ${pkgs.greetd.gtkgreet}/bin/gtkgreet -l -c ${lib.getExe start-sway} swaymsg exit ''; swayConfig = pkgs.writeText "greetd-sway-config" '' @@ -68,7 +72,7 @@ in enable = true; settings = { initial_session = { - command = desktop; + command = lib.getExe start-sway; user = "lelgenio"; }; default_session = { diff --git a/system/mouse.nix b/system/mouse.nix index b5d5b16..efec37f 100644 --- a/system/mouse.nix +++ b/system/mouse.nix @@ -10,6 +10,6 @@ MatchBus=usb MatchVendor=0x046D MatchProduct=0x4099 - AttrEventCode=-REL_WHEEL_HI_RES + AttrEventCode=-REL_WHEEL_HI_RES;-REL_HWHEEL_HI_RES; ''; } diff --git a/user/mangohud.nix b/user/mangohud.nix index 639314a..6994bcb 100644 --- a/user/mangohud.nix +++ b/user/mangohud.nix @@ -1,71 +1,97 @@ -{ config, lib, ... }: +{ + config, + lib, + pkgs, + ... +}: let cfg = config.my.mangohud; + + settings = { + # Display + no_display = true; # Hidden by default + toggle_hud = "Shift_R+F12"; + font_size = "20"; + + # GPU + pci_dev = "0:03:00.0"; + gpu_text = "RX 7800 XT"; + gpu_stats = true; + gpu_load_change = true; + gpu_load_value = "50,90"; + gpu_load_color = "FFFFFF,FFAA7F,CC0000"; + gpu_voltage = true; + throttling_status = true; + gpu_core_clock = true; + gpu_mem_clock = true; + gpu_temp = true; + gpu_mem_temp = true; + gpu_junction_temp = true; + gpu_fan = true; + gpu_power = true; + + # CPU + cpu_text = "R7 8700G"; + cpu_stats = true; + core_load = true; + core_bars = true; + cpu_load_change = true; + cpu_load_value = "50,90"; + cpu_load_color = "FFFFFF,FFAA7F,CC0000"; + cpu_mhz = true; + cpu_temp = true; + cpu_power = true; + io_read = true; + io_write = true; + + # RAM + swap = true; + vram = true; + vram_color = "AD64C1"; + ram = true; + ram_color = "C26693"; + procmem = true; + + # FPS + fps = true; + fps_metrics = "avg,0.01"; + frame_timing = true; + frametime_color = "FFFFFF"; + throttling_status_graph = true; + show_fps_limit = true; + fps_limit = "240,144,120,90,60,30,0"; + + # Extra + resolution = true; + fsr = true; + winesync = true; + present_mode = true; + fps_color_change = true; + fps_color = "B22222,FDFD09,39F900"; + fps_value = "60,144"; + }; + in { options.my.mangohud.enable = lib.mkEnableOption { }; - config.programs.mangohud = lib.mkIf cfg.enable { - enable = true; - enableSessionWide = true; - settings = { - full = true; - # histogram = true; - no_display = true; - fps_limit = "0,30,60,72,90,120,144,240,288,320"; - toggle_fps_limit = "Shift_R+F10"; - toggle_preset = "Control_R+F9"; - fps_metrics = "Control_R+F8"; + config = lib.mkIf cfg.enable { + programs.mangohud = { + enable = true; + enableSessionWide = true; + inherit settings; + }; - media_player = false; - battery = false; - - # legacy_layout = "false"; - # gpu_stats = true; - # gpu_temp = true; - # gpu_core_clock = true; - # gpu_mem_clock = true; - # gpu_power = true; - # gpu_load_change = true; - # gpu_load_value = "50,90"; - gpu_load_color = "FFFFFF,FFAA7F,CC0000"; - # gpu_text = "GPU"; - # cpu_stats = true; - # cpu_temp = true; - # cpu_power = true; - # cpu_mhz = true; - # cpu_load_change = true; - # core_load_change = true; - # cpu_load_value = "50,90"; - cpu_load_color = "FFFFFF,FFAA7F,CC0000"; - cpu_color = "2e97cb"; - # cpu_text = "CPU"; - # io_stats = true; - # io_read = true; - # io_write = true; - io_color = "a491d3"; - # swap = true; - # vram = true; - vram_color = "ad64c1"; - # ram = true; - ram_color = "c26693"; - # fps = true; - engine_color = "eb5b5b"; - gpu_color = "2e9762"; - wine_color = "eb5b5b"; - # frame_timing = "1"; - frametime_color = "00ff00"; - media_player_color = "ffffff"; - background_alpha = "0.8"; - font_size = "24"; - - background_color = "020202"; - position = "top-left"; - # text_color = "ffffff"; - round_corners = "10"; - toggle_hud = "Shift_R+F12"; - # toggle_logging = "Shift_L+F12"; - # output_folder = "/home/lelgenio"; + # Have the config file be a regular file and not a symlink, so it's easy to tinker with it + xdg.configFile."MangoHud/MangoHud.conf" = { + target = "MangoHud/MangoHud.conf.tmp"; + onChange = '' + mkdir -p "${config.xdg.configHome}/MangoHud" + if [ -L "${config.xdg.configHome}/MangoHud/MangoHud.conf" ]; then + rm "${config.xdg.configHome}/MangoHud/MangoHud.conf" + fi + ${pkgs.coreutils}/bin/cp --dereference "${config.xdg.configHome}/MangoHud/MangoHud.conf.tmp" "${config.xdg.configHome}/MangoHud/MangoHud.conf" + ''; }; }; }