From ff43c9d25b9433ba61d3c9fe7f31b31b7a30a880 Mon Sep 17 00:00:00 2001 From: Gregory Bednov Date: Mon, 26 Jan 2026 13:13:47 +0300 Subject: [PATCH] =?UTF-8?q?=09=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B5=D0=BD?= =?UTF-8?q?=D0=BE:=20=20=20=20=20=20configuration.nix?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- configuration.nix | 216 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 173 insertions(+), 43 deletions(-) diff --git a/configuration.nix b/configuration.nix index 8b21040..f9ef9ce 100644 --- a/configuration.nix +++ b/configuration.nix @@ -10,12 +10,24 @@ }: let serverIP = "10.0.174.12"; + buildNodeYggIP = "[200:ccc6:1361:5c84:aba0:1244:35f5:c903]"; hasBootPartition = config.fileSystems ? "/boot"; isNvidia = (builtins.readFile (pkgs.runCommandLocal "isNvidia" {} '' ${pkgs.pciutils}/bin/lspci | ${pkgs.busybox}/bin/grep NVIDIA | ${pkgs.busybox}/bin/grep VGA > $out || true '')) != ""; + starumlDebUrl = "http://${serverIP}/StarUML_6.2.2_amd64.deb"; # подставь точное имя in { + nixpkgs.overlays = [ + (final: prev: { + staruml = prev.staruml.overrideAttrs (old: { + src = final.fetchurl { + url = starumlDebUrl; + hash = "sha256-1zxrT7phXeQYNbWHWMyPuHiUglrPSMPP0bfAcfvt8dM="; + }; + }); + }) + ]; users.users.student = { isNormalUser = true; initialPassword = "student"; # вход беспарольный, но пароль student @@ -44,12 +56,11 @@ in # набор плагинов, я бы сказал, богат до избыточности, но главное есть Python # и Database Nagivator. Остальное - любителям и любознательным. (with inputs.nix-jetbrains-plugins.plugins."${system}"; [ - #idea-community."2024.1"."mobi.hsz.idea.gitignore" - idea-community."2024.1"."org.jetbrains.erlang" + idea-community."2024.1"."mobi.hsz.idea.gitignore" + #idea-community."2024.1"."org.jetbrains.erlang" idea-community."2024.1"."JProfiler" idea-community."2024.1"."DBN" idea-community."2024.1"."MatlabSupport" - #idea-community."2024.1"."com.intellij.notebooks.core" idea-community."2024.1"."PlantUML integration" idea-community."2024.1"."org.intellij.scala" idea-community."2024.1"."PythonCore" @@ -59,9 +70,9 @@ in idea-community."2024.1"."org.mapstruct.intellij" idea-community."2024.1"."ski.chrzanow.foldableprojectview" idea-community."2024.1"."String Manipulation" - idea-community."2024.1"."quokka.js" + #idea-community."2024.1"."quokka.js" idea-community."2024.1"."org.asciidoctor.intellij.asciidoc" - #idea-community."2024.1"."R4Intellij" + idea-community."2024.1"."R4Intellij" idea-community."2024.1"."com.redhat.devtools.lsp4ij" ]) ++ @@ -91,7 +102,7 @@ in # Напоминаю что у нас есть СЕТЕВОЙ ДИСК по адресу 10.0.174.12 # и для студентов пока есть единая учётка student@mirea.ru, - # рассматривается вариант авторизации через login.mirea.ru. + # рассматривается вариант авторизации через sso.mirea.ru. # Преподаватели могут зарегистрироваться ОТДЕЛЬНО seafile-client @@ -151,8 +162,6 @@ in # 1) STM32CubeIDE упаковать не удалось # 2) есть основания полагать, что её функциональность лучше встроить # в IJ IDEA CE, как это сделано в настоящем Clion; - #stm32cubemx.packages.x86_64-linux.stm32cubemx - stm32flash stlink stlink-gui stm32loader @@ -168,6 +177,115 @@ in logisim-evolution unityhub # UnityHub - 3D-моделирование, визуализация, геймдев, AR/VR +(pkgs.stdenv.mkDerivation rec { + pname = "dwsim"; + version = "9.0.5"; + + src = pkgs.fetchurl { + url = "http://${serverIP}/dwsim_9.0.5-amd64.deb"; + sha256 = "sha256:0352mxz9czfh52z4lf7njlyqvikvbh2bgs2h4zi2dsjrssql3h2j"; + }; + + nativeBuildInputs = [ + pkgs.dpkg + pkgs.makeWrapper + pkgs.bubblewrap + ]; + + buildInputs = (with pkgs; [ + dotnet-runtime + gtk3 + glib + pango + cairo + gdk-pixbuf + atk + fontconfig + freetype + ] ++ (with pkgs.xorg; [ + libX11 + libXcursor + libXrandr + libXinerama + libXi + ])); + + unpackPhase = '' + dpkg-deb -x $src . + ''; + + installPhase = '' + mkdir -p $out/lib/dwsim + mkdir -p $out/bin + + cp -r usr/local/lib/dwsim/* $out/lib/dwsim/ + mkdir -p $out/share/icons/hicolor/256x256/apps + cp $out/lib/dwsim/bitmaps/DWSIM_ico.png \ + $out/share/icons/hicolor/256x256/apps/dwsim.png + mkdir -p "$out/lib/dwsim/DWSIM Application Data" + + cat > $out/bin/dwsim << 'EOF' +#!/bin/sh +set -e + + +APPDIR="@out@/lib/dwsim" +APPDATA="$HOME/.local/share/dwsim-appdata" + +mkdir -p "$APPDATA" + +# LD_LIBRARY_PATH для GtkSharp +export LD_LIBRARY_PATH="@gtk3@/lib:@glib@/lib:@pango@/lib:@cairo@/lib:@gdk-pixbuf@/lib:@atk@/lib:@fontconfig@/lib:@freetype@/lib:$LD_LIBRARY_PATH" + +export DISPLAY="$DISPLAY" + +exec @bwrap@ \ + --bind "@out@" "@out@" \ + --bind "$APPDATA" "$APPDIR/DWSIM Application Data" \ + --ro-bind /nix /nix \ + --ro-bind "$XAUTHORITY" "$HOME/.Xauthority" \ + --setenv XAUTHORITY "$HOME/.Xauthority" \ + --dev /dev \ + --proc /proc \ + --bind /tmp/.X11-unix /tmp/.X11-unix \ + --setenv DISPLAY $DISPLAY \ + --chdir "$APPDIR" \ + @dotnet@ "$APPDIR/DWSIM.UI.Desktop.exe" "$@" +EOF + + substituteInPlace $out/bin/dwsim \ + --subst-var out \ + --subst-var-by bwrap ${pkgs.bubblewrap}/bin/bwrap \ + --subst-var-by dotnet ${pkgs.dotnet-runtime}/bin/dotnet \ + --subst-var-by gtk3 ${pkgs.gtk3} \ + --subst-var-by glib ${pkgs.glib} \ + --subst-var-by pango ${pkgs.pango} \ + --subst-var-by cairo ${pkgs.cairo} \ + --subst-var-by gdk-pixbuf ${pkgs.gdk-pixbuf} \ + --subst-var-by atk ${pkgs.atk} \ + --subst-var-by fontconfig ${pkgs.fontconfig} \ + --subst-var-by freetype ${pkgs.freetype} + + chmod +x $out/bin/dwsim + +mkdir -p $out/share/applications + +cat > $out/share/applications/dwsim.desktop << EOF +[Desktop Entry] +Type=Application +Name=DWSIM +GenericName=Process Simulator +Comment=Chemical Process Simulation Environment +Exec=dwsim +Icon=dwsim +Terminal=false +Categories=Development +StartupWMClass=DWSIM +EOF + + + ''; +}) (pkgs.stdenv.mkDerivation rec { pname = "cnc_vmc_sim"; version = "1.0.0-share"; @@ -231,7 +349,7 @@ in pname = "simintech"; version = "2.23.13"; src = builtins.fetchTarball { - url = "http://kafpi.local/simintech_rus_linux.tgz"; + url = "http://${serverIP}/simintech_rus_linux.tgz"; sha256 = "sha256:1i9plx6vx6jm38bx4kbh4piak5jwrpc4hxxjd3b89zyng1g4abvs"; }; dontFixLibtool = true; @@ -249,6 +367,8 @@ in pango.out xorg.libX11.out zlib.out + xorg.libX11.out + zlib.out (pkgs.writeShellScriptBin "firefox" "exec ${pkgs.chromium}/bin/chromium \"$@\"") # похоже, что SimInTech захардкодил Firefox, но не все так юзают Firefox ]; runScript = "${src}/bin/mmain"; @@ -277,11 +397,36 @@ in ''; }) + (pkgs.writeShellScriptBin "gcc" ''${pkgs.clang}/bin/clang "$@"'') + (pkgs.writeShellScriptBin "g++" ''${pkgs.clang}/bin/clang++ "$@"'') + (vscode-with-extensions.override { vscodeExtensions = with vscode-extensions; [ ms-vscode.cpptools-extension-pack zainchen.json ms-dotnettools.csharp + formulahendry.code-runner + tomoki1207.pdf + ms-vscode.hexeditor + jebbs.plantuml + ms-toolsai.jupyter + ms-toolsai.vscode-jupyter-slideshow + ms-toolsai.vscode-jupyter-cell-tags + ms-vscode-remote.remote-ssh + timonwong.shellcheck + ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [ + { + name = "better-cpp-syntax"; + publisher = "jeff-hykin"; + version = "1.27.1"; + sha256 = "sha256-GO/ooq50KLFsiEuimqTbD/mauQYcD/p2keHYo/6L9gw="; + } + { + name = "vscode-cppcheck"; + publisher = "brobeson"; + version = "0.1.0"; + sha256 = "sha256-RDgO8/XenttOcYQSGEu4N2FKg9+FZaQe6HYkVjztH5o="; + } ]; }) @@ -351,6 +496,20 @@ in historyLimit = 5000; clock24 = true; }; + programs.chromium = { + enable = true; + extraOpts = { + "BrowserSignin" = 0; + "SyncDisabled" = true; + "PasswordManagerEnabled" = false; + "SpellcheckEnabled" = true; + "SpellcheckLanguage" = [ + "ru" + "en-US" + "fr" + ]; + }; + }; # если машина установлена на диск с Windows, # то она позволяет "увидеть" и выбрать Windows в течение 30 с @@ -381,10 +540,9 @@ in nvidia.acceptLicense = true; }; nix.settings = { - substituters = [ + substituters = if config.services.harmonia.enable then [ "https://cache.nixos.org" - ]; - trusted-public-keys = ["kafpi.local:PttR9S1eDyint3v0LCp5zfBGG+xfxzQ+cxKAQARNpyw="]; + ] else [ "https://cache.nixos.org" "http://${buildNodeYggIP}:5000" ]; auto-optimise-store = true; }; nix.extraOptions = '' @@ -456,24 +614,7 @@ in services.yggdrasil = { enable = true; persistentKeys = true; - settings = { Peers = [ "tcp://10.0.174.12:12345" ]; }; - }; - services.avahi = { - enable = false; - hostName = "nixos" - + builtins.readFile ((pkgs.runCommandLocal "uuid" {} '' - mkdir $out - cat /proc/sys/kernel/random/uuid > $out/uuid - '')+"/uuid"); - nssmdns4 = true; - openFirewall = true; - publish = { - enable = true; - hinfo = true; - workstation = true; - domain = true; - addresses = true; - }; + settings = { Peers = [ "tcp://${serverIP}:12345" ]; }; }; # каждый компьютер имеет выход в интернет @@ -481,11 +622,9 @@ in networking.hostName = "nixos"; - # каждый компьютер ресолвит DNS-запросы СТРОГО через наш сервер - networking.nameservers = [ serverIP ]; - # каждый компьютер знает, что kafpi.local - это адрес нашего сервера - networking.hosts."${serverIP}" = [ "kafpi.local" "hydra.kafpi.local" ]; + networking.hosts."${serverIP}" = [ "kafpi.local" ]; + networking.hosts."${buildNodeYggIP}" = [ "nixos-builds-node" ]; #security.pki.certificateFiles = [ # (builtins.fetchurl { # url = "http://${serverIP}/server.crt"; @@ -548,15 +687,6 @@ in enable = true; enableSSHSupport = true; }; - chromium = { - enable = true; - extraOpts = { - "SyncDisabled" = true; - "PasswordManagerEnabled" = false; - "SpellcheckEnabled" = false; - "homepageLocation" = "https://ya.ru"; - }; - }; udevil.enable = true; # тоже нужно для флешек };