diff --git a/configuration.nix b/configuration.nix index 841ef65..8377bc1 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,33 +1,58 @@ { + lib, config, pkgs, - simintech, - stm32cubemx, inputs, ... }: let serverIP = "10.0.174.12"; + buildNodeYggIP = "200:ccc6:1361:5c84:aba0:1244:35f5:c903"; hasBootPartition = config.fileSystems ? "/boot"; - isNvidia = (builtins.readFile (pkgs.runCommandLocal "isNvidia" {} '' - ${pkgs.pciutils}/bin/lspci | ${pkgs.busybox}/bin/grep NVIDIA | ${pkgs.busybox}/bin/grep VGA > $out - '')) != ""; + isNvidia = + (builtins.readFile ( + pkgs.runCommandLocal "isNvidia" { } '' + ${pkgs.pciutils}/bin/lspci | ${pkgs.busybox}/bin/grep NVIDIA | ${pkgs.busybox}/bin/grep VGA > $out || true + '' + )) != ""; + isAdata = # ADATA is a famous cheap troubleful NVMe controllers + (builtins.readFile ( + pkgs.runCommandLocal "isAdata" { } '' + ${pkgs.pciutils}/bin/lspci | ${pkgs.busybox}/bin/grep ADATA | ${pkgs.busybox}/bin/grep -i NVMe > $out || true + '' + )) != ""; in { + nixpkgs.overlays = [ + (final: prev: { + staruml = prev.staruml.overrideAttrs (old: { + src = final.fetchurl { + url = "http://${serverIP}/StarUML_6.2.2_amd64.deb"; + hash = "sha256-1zxrT7phXeQYNbWHWMyPuHiUglrPSMPP0bfAcfvt8dM="; + }; + }); + }) + ]; users.users.student = { isNormalUser = true; initialPassword = "student"; # вход беспарольный, но пароль student - extraGroups = [ "video" "sound" "input" "storage" ]; + extraGroups = [ + "video" + "sound" + "input" + "storage" + "dialout" + ]; packages = let # определение как скачивать плагины jetbrains (скачивать с нашего сервера копию) - customJBPlugin = + customJBPlugin = nam: ver: sha: pkgs.stdenv.mkDerivation { name = nam; version = ver; src = pkgs.fetchurl { - url = "http://kafpi.local/custom-jetbrains-plugins/${nam}-${ver}.zip"; + url = "http://${serverIP}/custom-jetbrains-plugins/${nam}-${ver}.zip"; sha256 = sha; }; nativeBuildInputs = with pkgs; [ unzip ]; @@ -43,20 +68,20 @@ in # и Database Nagivator. Остальное - любителям и любознательным. (with inputs.nix-jetbrains-plugins.plugins."${system}"; [ idea-community."2024.1"."mobi.hsz.idea.gitignore" - idea-community."2024.1"."org.jetbrains.erlang" + #idea-community."2024.1"."org.jetbrains.erlang" idea-community."2024.1"."JProfiler" idea-community."2024.1"."DBN" idea-community."2024.1"."MatlabSupport" idea-community."2024.1"."PlantUML integration" idea-community."2024.1"."org.intellij.scala" idea-community."2024.1"."PythonCore" - idea-community."2024.1"."net.sjrx.intellij.plugins.systemdunitfiles" + #idea-community."2024.1"."net.sjrx.intellij.plugins.systemdunitfiles" idea-community."2024.1"."com.intellij.jsonpath" idea-community."2024.1"."Lombook Plugin" idea-community."2024.1"."org.mapstruct.intellij" idea-community."2024.1"."ski.chrzanow.foldableprojectview" idea-community."2024.1"."String Manipulation" - idea-community."2024.1"."quokka.js" + #idea-community."2024.1"."quokka.js" idea-community."2024.1"."org.asciidoctor.intellij.asciidoc" idea-community."2024.1"."R4Intellij" idea-community."2024.1"."com.redhat.devtools.lsp4ij" @@ -73,13 +98,24 @@ in )) chromium # браузер - pinta # графический редактор - sakura # терминал + pinta # графический редактор + sakura # терминал unzipNLS # поддержка zip - unrar # поддержка rar - gtk3 whitesur-icon-theme # необходимо для иконок - (pkgs.writeShellScriptBin "powermenu" (builtins.readFile inputs.mireadesktop.packages.x86_64-linux.powermenu)) - (pkgs.writeShellScriptBin "resethome" (builtins.readFile inputs.mireadesktop.packages.x86_64-linux.resethome)) + unrar # поддержка rar + mate.engrampa + gtk3 + whitesur-icon-theme # необходимо для иконок + (pkgs.writeShellScriptBin "powermenu" ( + builtins.readFile inputs.mireadesktop.packages.x86_64-linux.powermenu + )) + (pkgs.writeShellScriptBin "resethome" ( + builtins.readFile inputs.mireadesktop.packages.x86_64-linux.resethome + )) + + inputs.kompas3d.packages.${pkgs.system}.default # KOMPAS-3D + freecad elmerfem gmsh # FEM calculation + + inputs.stm32cubemx.packages.x86_64-linux.stm32cubemx pandoc #onlyoffice-desktopeditors # к сожалению, пока у OnlyOffice баг со шрифтами. Ждём фикс @@ -87,7 +123,7 @@ in # Напоминаю что у нас есть СЕТЕВОЙ ДИСК по адресу 10.0.174.12 # и для студентов пока есть единая учётка student@mirea.ru, - # рассматривается вариант авторизации через login.mirea.ru. + # рассматривается вариант авторизации через sso.mirea.ru. # Преподаватели могут зарегистрироваться ОТДЕЛЬНО seafile-client @@ -100,16 +136,17 @@ in # поставка Python, полный список возможностей # см. на github.com/gregorybednov/mireapython - inputs.mireapython.packages.x86_64-linux.mireapython + inputs.mireapython.packages.x86_64-linux.mireapython # базовая поддержка C/C++ и дебага clang clang-tools lldb + valgrind cpplint cppcheck gcc-arm-embedded # компиляция С/C++ под STM32 и прочие arm - + octaveFull # GNU Octave shellcheck # проверка шелл-кода (bash, POSIX sh, ...) @@ -117,9 +154,10 @@ in # Другие возможные языки и инструменты, например: # rustc # - Rust # go gopls delve golint go-tools # - Go - jdk kotlin # - Java, Kotlin (идут вместе с IJ IDEA) + jdk + kotlin # - Java, Kotlin (идут вместе с IJ IDEA) # ghc haskell-language-server # - Haskell - # nodePackages.intelephense # - PHP + # nodePackages.intelephense # - PHP # dotnet-sdk # - C# ####### Проектирование и разработка баз данных, ИУС, ... ####### @@ -127,47 +165,454 @@ in # Workbench для управления и ER-моделирования БД на mysql # у КАЖДОГО nixos есть свой локальный сервер mysql, см. ниже по файлу mysql-workbench - + # аналог Bizagi Modeler, расширенный вариант bpmn.io camunda-modeler # графическое моделирование UML-диаграмм - # также доступно моделирование BPMN и ER - staruml + # также доступно моделирование BPMN и ER + (staruml.overrideAttrs (oldAttrs: { + nativeBuildInputs = (oldAttrs.nativeBuildInputs or [ ]) ++ [ pkgs.makeWrapper ]; + + postFixup = + (oldAttrs.postFixup or "") + + '' + # Rename the original binary + mv $out/bin/staruml $out/bin/.staruml-org + + # Create the wrapper script + makeWrapper ${pkgs.bash}/bin/bash $out/bin/staruml \ + --add-flags "-c 'rm -rf \$HOME/.config/StarUML && exec $out/bin/.staruml-org \"\$@\"'" + ''; + })) # Язык текстового описания UML-диаграмм # актуально для разработчиков ПО (встраивание диаграмм в код) # поддерживается нашей поставкой IJ IDEA CE plantuml - - archi # поддержка archimate + archi # поддержка archimate ##### Утилиты и программы для STM32 ##### # 1) STM32CubeIDE упаковать не удалось # 2) есть основания полагать, что её функциональность лучше встроить # в IJ IDEA CE, как это сделано в настоящем Clion; - stm32cubemx.packages.x86_64-linux.stm32cubemx - stm32flash stlink stlink-gui stm32loader - ##### СЕТЕВЫЕ УТИЛИТЫ ####### + ##### СЕТЕВЫЕ УТИЛИТЫ ###### + # установлен Cisco Packet Tracer, обернут в firejail чтобы не стучался на Netacad.com nodePackages.node-red # - лоукод-платформа программирования устройств, в частности интернета вещей - httpie httpie-desktop # - передовой клиент HTTP-запросов - netcat socat # - низкоуровневые простейшие утилиты установления TCP или UDP между компьютерами или с ПЛК - opcua-client-gui # - простой графический клиент OPC UA + httpie + httpie-desktop # - передовой клиент HTTP-запросов + netcat + socat # - низкоуровневые простейшие утилиты установления TCP или UDP между компьютерами или с ПЛК + opcua-client-gui # - простой графический клиент OPC UA ###### Другой софт ####### logisim-evolution unityhub # UnityHub - 3D-моделирование, визуализация, геймдев, AR/VR + (pkgs.stdenv.mkDerivation rec { + pname = "dwsim"; + version = "9.0.5"; + + src = pkgs.fetchurl { + url = "http://${serverIP}/dwsim_9.0.5-amd64.deb"; + sha256 = "sha256:0352mxz9czfh52z4lf7njlyqvikvbh2bgs2h4zi2dsjrssql3h2j"; + }; + + nativeBuildInputs = [ + pkgs.dpkg + pkgs.makeWrapper + pkgs.bubblewrap + ]; + + buildInputs = ( + with pkgs; + [ + dotnet-runtime + gtk3 + glib + pango + cairo + gdk-pixbuf + atk + fontconfig + freetype + ] + ++ (with pkgs.xorg; [ + libX11 + libXcursor + libXrandr + libXinerama + libXi + ]) + ); + + unpackPhase = '' + dpkg-deb -x $src . + ''; + + installPhase = '' + mkdir -p $out/lib/dwsim + mkdir -p $out/bin + + cp -r usr/local/lib/dwsim/* $out/lib/dwsim/ + mkdir -p $out/share/icons/hicolor/256x256/apps + cp $out/lib/dwsim/bitmaps/DWSIM_ico.png \ + $out/share/icons/hicolor/256x256/apps/dwsim.png + mkdir -p "$out/lib/dwsim/DWSIM Application Data" + + cat > $out/bin/dwsim << 'EOF' + #!/bin/sh + set -e + + + APPDIR="@out@/lib/dwsim" + APPDATA="$HOME/.local/share/dwsim-appdata" + + mkdir -p "$APPDATA" + + # LD_LIBRARY_PATH для GtkSharp + export LD_LIBRARY_PATH="@gtk3@/lib:@glib@/lib:@pango@/lib:@cairo@/lib:@gdk-pixbuf@/lib:@atk@/lib:@fontconfig@/lib:@freetype@/lib:$LD_LIBRARY_PATH" + + export DISPLAY="$DISPLAY" + + exec @bwrap@ \ + --bind "@out@" "@out@" \ + --bind "$APPDATA" "$APPDIR/DWSIM Application Data" \ + --ro-bind /nix /nix \ + --ro-bind "$XAUTHORITY" "$HOME/.Xauthority" \ + --setenv XAUTHORITY "$HOME/.Xauthority" \ + --dev /dev \ + --proc /proc \ + --bind /tmp/.X11-unix /tmp/.X11-unix \ + --setenv DISPLAY $DISPLAY \ + --chdir "$APPDIR" \ + @dotnet@ "$APPDIR/DWSIM.UI.Desktop.exe" "$@" + EOF + + substituteInPlace $out/bin/dwsim \ + --subst-var out \ + --subst-var-by bwrap ${pkgs.bubblewrap}/bin/bwrap \ + --subst-var-by dotnet ${pkgs.dotnet-runtime}/bin/dotnet \ + --subst-var-by gtk3 ${pkgs.gtk3} \ + --subst-var-by glib ${pkgs.glib} \ + --subst-var-by pango ${pkgs.pango} \ + --subst-var-by cairo ${pkgs.cairo} \ + --subst-var-by gdk-pixbuf ${pkgs.gdk-pixbuf} \ + --subst-var-by atk ${pkgs.atk} \ + --subst-var-by fontconfig ${pkgs.fontconfig} \ + --subst-var-by freetype ${pkgs.freetype} + + chmod +x $out/bin/dwsim + + mkdir -p $out/share/applications + + cat > $out/share/applications/dwsim.desktop << EOF + [Desktop Entry] + Type=Application + Name=DWSIM + GenericName=Process Simulator + Comment=Chemical Process Simulation Environment + Exec=dwsim + Icon=dwsim + Terminal=false + Categories=Development + StartupWMClass=DWSIM + EOF + + + ''; + }) + (pkgs.stdenv.mkDerivation rec { + pname = "cnc_vmc_sim"; + version = "1.0.0-share"; + src = builtins.fetchTarball { + url = "http://${serverIP}/linux_cnc_vmc_share.tar.xz"; + sha256 = "sha256:1hjkm2wq6dfmddb2van1q8hdvf41bp4snslcbkj0b1myi3zpi1md"; + }; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin + mkdir -p $out/share/applications + mkdir -p $out/share/icons + cp ${src}/icon.png $out/share/icons/${pname}.png + cp ${fhsEnv}/bin/${pname}-fhs $out/bin/${pname} + cp ${desktopItem}/share/applications/*.desktop $out/share/applications + ''; + + fhsEnv = pkgs.buildFHSEnv { + name = "${pname}-fhs"; + targetPkgs = + p: with p; [ + eudev.out + libGL.out + openal.out + xorg.libX11.out + ]; + runScript = "${src}/${pname}"; + }; + + desktopItem = pkgs.makeDesktopItem { + name = "CNC VMC (free)"; + exec = "${pname}"; + desktopName = "CNC VMC (free)"; + categories = [ "Development" ]; + icon = "${pname}"; + terminal = false; + startupNotify = false; + }; + }) + (pkgs.stdenv.mkDerivation rec { + pname = "ramus"; + version = "0.1.3"; + src = builtins.fetchTarball { + url = "http://${serverIP}/ramus.tar.xz"; + sha256 = "sha256:1a9fha7zwyyag0q4glk58pzigqdczshxpnax7cdzg1bry4aw6f9d"; + }; + installPhase = '' + sed -e "s~ramus.ico~$out/share/icons/ramus.ico~; s~Other~Database~" -i share/applications/ramus.desktop + mkdir $out + cp -r share bin lib $out + echo "JDK_JAVA_OPTIONS='-Dawt.useSystemAAFontSettings=on -Dswing.aatext=true -Dswing.defaultlaf=com.sun.java.swing.plaf.gtk.GTKLookAndFeel' ${pkgs.jre8}/bin/java -jar $out/bin/ramus-startup.jar" > $out/bin/ramus + chmod +x $out/bin/ramus + ''; + }) # поставка SimInTech. Кодогенерация библиотек для ПК работает, # но несовместима с .dll из windows! - simintech.packages.x86_64-linux.simintech - + #simintech.packages.x86_64-linux.simintech + (pkgs.stdenv.mkDerivation rec { + pname = "simintech"; + version = "2.23.13"; + src = builtins.fetchTarball { + url = "http://${serverIP}/simintech_rus_linux.tgz"; + sha256 = "sha256:1i9plx6vx6jm38bx4kbh4piak5jwrpc4hxxjd3b89zyng1g4abvs"; + }; + dontFixLibtool = true; + + fhsEnv = pkgs.buildFHSEnv { + name = "${pname}-fhs-env"; + targetPkgs = + p: with p; [ + at-spi2-atk.out + gdk-pixbuf.out + glamoroustoolkit.out + glib.out + gtk2.out + libGL.out + libGLU.out + pango.out + xorg.libX11.out + zlib.out + xorg.libX11.out + zlib.out + (pkgs.writeShellScriptBin "firefox" "exec ${pkgs.chromium}/bin/chromium \"$@\"") # похоже, что SimInTech захардкодил Firefox, но не все так юзают Firefox + ]; + runScript = "${src}/bin/mmain"; + }; + + desktopItem = pkgs.makeDesktopItem { + name = "SimInTech"; + exec = "simintech"; + desktopName = "SimInTech"; + categories = [ "Development" ]; + icon = "simintech"; + terminal = false; + startupNotify = false; + mimeTypes = [ "x-scheme-handler/prt" ]; + }; + + installPhase = '' + runHook preInstall + mkdir -p $out/bin + mkdir -p $out/share/applications + mkdir -p $out/share/icons + #cp ${src}/share/icon.svg $out/share/icons/simintech.svg + cp ${fhsEnv}/bin/${pname}-fhs-env $out/bin/simintech + cp ${desktopItem}/share/applications/*.desktop $out/share/applications + runHook postInstall + ''; + }) + + (stdenv.mkDerivation { + pname = "erlu-idef0-editor"; + version = "1.0.1"; + + src = builtins.fetchGit { + url = "http://45.87.246.92/forgejo/gregorbednov/erlu.git"; + ref = "master"; + rev = "58198c6ecd8572f1c7db42b90c8189954c9a32fc"; + }; + nativeBuildInputs = with pkgs; [ + cmake + pkg-config + qt6.wrapQtAppsHook + qt6.qttools + ]; + + buildInputs = with pkgs; [ + qt6.qtbase + qt6.qtsvg + ]; + + configurePhase = '' + cmake -S . -B build -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_INSTALL_PREFIX=$out \ + -DBUILD_COLORS_PLUGIN=ON + ''; + + buildPhase = '' + cmake --build build + find . -path "*/translations/*.ts" -print0 | while IFS= read -r -d "" f; do + out_path=$(printf '%s\n' "$f" | sed 's/\.ts$/.qm/') + lrelease "$f" -qm "$out_path" + done + ''; + + installPhase = '' + runHook preInstall + cmake --install build --prefix $out + # app translations + if [ -d translations ]; then + mkdir -p $out/share/idef0/translations + find translations -maxdepth 1 -type f -name '*.qm' -print0 | xargs -0 -r cp -t $out/share/idef0/translations + fi + # plugin translations + find src/plugins -path "*/translations/*.qm" -print0 | while IFS= read -r -d "" f; do + rel="''${f#src/plugins/}" # e.g., color/translations/colors_en.qm + plugdir="''${rel%%/translations/*}" # e.g., color + dest="$out/plugins/$plugdir/translations" + mkdir -p "$dest" + cp "$f" "$dest/" + done + runHook postInstall + ''; + + qtWrapperArgs = [ "--set" "QT_LOGGING_RULES" "qt.qpa.wayland.textinput=false" ]; + meta = with lib; { + description = "IDEF0 diagram editor built with Qt 6 Widgets"; + license = licenses.lgpl3Plus; + mainProgram = "erlu_idef0_editor"; + platforms = platforms.linux; + }; + }) + + (pkgs.writeShellScriptBin "gcc" ''${pkgs.clang}/bin/clang "$@"'') + (pkgs.writeShellScriptBin "g++" ''${pkgs.clang}/bin/clang++ "$@"'') + + (vscode-with-extensions.override { + vscodeExtensions = + with vscode-extensions; + [ + ms-vscode.cpptools-extension-pack + zainchen.json + ms-dotnettools.csharp + formulahendry.code-runner + tomoki1207.pdf + ms-vscode.hexeditor + ms-vscode.makefile-tools + ms-ceintl.vscode-language-pack-ru + ms-python.python + ms-python.pylint + ms-python.isort + ms-python.black-formatter + jebbs.plantuml + ms-toolsai.jupyter + ms-toolsai.vscode-jupyter-slideshow + ms-toolsai.vscode-jupyter-cell-tags + ms-vscode-remote.remote-ssh + timonwong.shellcheck + ] + ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [ + { + name = "better-cpp-syntax"; + publisher = "jeff-hykin"; + version = "1.27.1"; + sha256 = "sha256-GO/ooq50KLFsiEuimqTbD/mauQYcD/p2keHYo/6L9gw="; + } + { + name = "vscode-cppcheck"; + publisher = "brobeson"; + version = "0.1.0"; + sha256 = "sha256-RDgO8/XenttOcYQSGEu4N2FKg9+FZaQe6HYkVjztH5o="; + } + { + name = "cortex-debug"; + publisher = "marus25"; + version = "1.12.1"; + sha256 = "sha256-ioK6gwtkaAcfxn11lqpwhrpILSfft/byeEqoEtJIfM0="; + } + { + name = "vscode-serial-monitor"; + publisher = "ms-vscode"; + version = "0.13.251128001"; + sha256 = "sha256-eTQcLyF6DMvzDByKLw2KR8PrjVwejsOU60Hew7IOmY8="; + } + { + name = "linux-arm-none-eabi"; + publisher = "metalcode-eu"; + version = "0.1.2"; + sha256 = "sha256-MCpBsd491pCO1K9tgL5KBJQbtr4IuVEuTPQzQHeQSWQ="; + } + { + name = "arm-assembly-syntax"; + publisher = "ciprianelies"; + version = "1.7.6"; + sha256 = "sha256-4vWw0ogtZ3mOw0lT95k/5I/7GMvU5kfaaztwc+eI/do="; + } + { + name = "stm32-for-vscode"; + publisher = "bmd"; + version = "3.2.13"; + sha256 = "sha256-Dzj++F0xTDOaL9VA3X/bVtAhkxd8kPPl3Oz8LWrXpAA="; + } + { + name = "qt-cpp-pack"; + publisher = "TheQtCompany"; + version = "1.0.2"; + sha256 = "sha256-Kd2/kk3qJUOahz71Uh3mUI1wDuwS8/t84tgdWorRPG4"; + } + { + name = "debug-tracker-vscode"; + publisher = "mcu-debug"; + version = "0.0.15"; + sha256 = "sha256-2u4Moixrf94vDLBQzz57dToLbqzz7OenQL6G9BMCn3I="; + } + { + name = "memory-view"; + publisher = "mcu-debug"; + version = "0.0.28"; + sha256 = "sha256-mQr/uLulKoPVXz0GaMMEHZ/ZSmSAEfO9UpFzy4MfcW4="; + } + { + name = "rtos-views"; + publisher = "mcu-debug"; + version = "0.0.13"; + sha256 = "sha256-eTEdZkHbAGSDXP9A06YL6jDBfO8rU1kC9RysxOUxI1U="; + } + { + name = "peripheral-viewer"; + publisher = "mcu-debug"; + version = "1.6.0"; + sha256 = "sha256-nKK8HRzeqDixpdKmgacjhNzanJaTsAnYLC6nCbmWXuU="; + } + ]; + + }) + + qtcreator + qt6.full + qt6.qtbase + gdb + + isort black + + # POSIX утилиты для совместимости om4 pax @@ -180,15 +625,15 @@ in uucp util-linux cflow - ncompress + ncompress ]; }; # вставленные флешки автоматически монтируются - services.devmon.enable = true; + services.devmon.enable = true; # необходимо для совместимости с POSIX по команде at, при отсутствии необходимости можно удалить - services.atd = { + services.atd = { enable = true; allowEveryone = true; }; @@ -201,11 +646,11 @@ in services.postgresql = { enable = true; authentication = pkgs.lib.mkOverride 10 '' - #type database DBuser auth-method - local all all trust - ''; + #type database DBuser auth-method + local all all trust + ''; }; - + # и оба поддерживают вход без пароля в "руты" system.userActivationScripts.mycnf = { text = '' @@ -226,35 +671,76 @@ in PGUSER = "postgres"; }; }; + services.grdcontrol.enable = true; - imports = [ ./hardware-configuration.nix ]; + imports = [ + inputs.guardant.nixosModules.grdcontrol + ./hardware-configuration.nix + ]; + programs.tmux = { + enable = true; + withUtempter = true; + historyLimit = 5000; + clock24 = true; + }; + programs.chromium = { + enable = true; + extraOpts = { + "BrowserSignin" = 0; + "SyncDisabled" = true; + "PasswordManagerEnabled" = false; + "SpellcheckEnabled" = true; + "SpellcheckLanguage" = [ + "ru" + "en-US" + "fr" + ]; + }; + }; # если машина установлена на диск с Windows, # то она позволяет "увидеть" и выбрать Windows в течение 30 с # иначе - 5 c таймаута (для виртуалок) - boot.loader = if hasBootPartition then { - efi.canTouchEfiVariables = true; - timeout = 30; - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - useOSProber = true; - theme = "${pkgs.sleek-grub-theme.override{ withStyle = "orange"; withBanner = "Выберите ОС"; }}"; - }; - } else { - timeout = 5; - grub = { - enable = true; - device = "/dev/sda"; - theme = "${pkgs.sleek-grub-theme.override{ withStyle = "orange"; withBanner = "Загрузчик Linux"; }}"; - }; - }; + boot.loader = + if hasBootPartition then + { + efi.canTouchEfiVariables = true; + timeout = 30; + grub = { + enable = true; + efiSupport = true; + device = "nodev"; + useOSProber = true; + theme = "${pkgs.sleek-grub-theme.override { + withStyle = "orange"; + withBanner = "Выберите ОС"; + }}"; + }; + } + else + { + timeout = 5; + grub = { + enable = true; + device = "/dev/sda"; + theme = "${pkgs.sleek-grub-theme.override { + withStyle = "orange"; + withBanner = "Загрузчик Linux"; + }}"; + }; + }; time.hardwareClockInLocalTime = hasBootPartition; # настройки Nix - nixpkgs.config.allowUnfree = true; - nix.settings.auto-optimise-store = true; + nixpkgs.config = { + allowUnfree = true; + nvidia.acceptLicense = true; + }; + nix.settings = { + extra-substituters = [ "http://nixos.builds.node" ]; + trusted-public-keys = [ "nixos.builds.node:E/XNkcdzB0EyTyEJuOTXJH8qynxgCfQ87JHkbD88uF8=" ]; + auto-optimise-store = true; + }; nix.extraOptions = '' experimental-features = nix-command flakes ''; @@ -262,16 +748,60 @@ in ##### НАСТРОЙКИ ГРАФИКИ И РАБОЧЕГО СТОЛА ###### hardware.graphics = { enable = true; - enable32Bit = true; + #enable32Bit = true; + extraPackages = + if isNvidia then + with pkgs; + [ + nvidia-vaapi-driver + vaapiVdpau + libvdpau-va-gl + ] + else + [ ]; }; services.xserver = { enable = true; + videoDrivers = + if isNvidia then + [ "nvidia" ] + else + [ + "modesetting" + "fbdev" + ]; xkb.layout = "us,ru"; xkb.options = "grp:alt_shift_toggle"; }; + hardware.enableAllFirmware = true; + hardware.nvidia = { + package = config.boot.kernelPackages.nvidiaPackages.stable; + modesetting.enable = true; + powerManagement.enable = true; + open = false; + nvidiaSettings = false; + }; + services.udev.extraRules = if isAdata then '' + ACTION=="add|change",KERNEL=="nvme[0-9]", ATTR{queue/scheduler}="none" + '' else ""; + boot.kernelParams = lib.optionals isNvidia [ "nvidia-drm.modeset=1" ] + ++ lib.optionals isAdata [ "nvme_core.default_ps_max_latency_us=0" "nvme_core.io_timeout=4294967295" ]; + boot.blacklistedKernelModules = lib.optionals isNvidia [ "nouveau" ]; + boot.extraModprobeConfig = + if isNvidia then + "options nvidia " + + lib.concatStringsSep " " [ + "NVreg_UsePageAttributeTable=1" + "NVreg_EnablePCIeGen3=1" + "NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" + ] + else + ""; + services.displayManager.autoLogin.user = "student"; services.getty.autologinUser = "student"; services.xserver.displayManager.lightdm.enable = true; + services.xserver.displayManager.startx.enable = true; services.displayManager.defaultSession = "MIREA-WindowsLike+Metacity"; services.xserver.displayManager.session = [ { @@ -281,6 +811,8 @@ in start = '' ${inputs.mireadesktop.packages.x86_64-linux.tint2} & ${inputs.mireadesktop.packages.x86_64-linux.pcmanfm} & + ${inputs.mireadesktop.packages.x86_64-linux.sxhkd} & + #${inputs.mireadesktop.packages.x86_64-linux.xcape} & waitPID=$! ''; } @@ -295,33 +827,24 @@ in ]; ##### СЕТЕВЫЕ НАСТРОЙКИ ####### - # каждый компьютер виден под уникальным именем через Avahi - services.avahi = { - hostName = "nixos" - + builtins.readFile ((pkgs.runCommandLocal "uuid" {} '' - mkdir $out - cat /proc/sys/kernel/random/uuid > $out/uuid - '')+"/uuid"); + services.yggdrasil = { enable = true; - nssmdns4 = true; - publish = { - enable = true; - hinfo = true; - addresses = true; + persistentKeys = true; + settings = { + Peers = [ "tcp://${serverIP}:12345" ]; }; }; # каждый компьютер имеет выход в интернет networking.networkmanager.enable = true; - networking.hostName = "nixos"; - - # каждый компьютер ресолвит DNS-запросы СТРОГО через наш сервер - networking.nameservers = [ serverIP ]; - + networking.firewall.allowedTCPPorts = [ 22 ] ++ lib.optionals config.services.harmonia.enable [ 80 ]; + + # каждый компьютер знает, что kafpi.local - это адрес нашего сервера networking.hosts."${serverIP}" = [ "kafpi.local" ]; - + networking.hosts."${buildNodeYggIP}" = [ "nixos.builds.node" ]; + #### ЛОКАЛИЗАЦИЯ ##### time.timeZone = "Europe/Moscow"; @@ -342,7 +865,6 @@ in liberation_ttf ]; - ####### ПРОЧИЕ НАСТРОЙКИ ####### environment.systemPackages = with pkgs; [ vim @@ -356,23 +878,27 @@ in enable = true; settings.PermitRootLogin = "yes"; }; + users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyBYo/E/FkFZVABzMixLS2TWaipfN5T24y8f+E6Px1t+IG8PLnQ38dLJiCR8k971DOycLuJUfKWsC06BK3XLWTO0+PmpfGKNT4NI6dwP2REl/umaignP/QQSs2w9Ff49WqPjIYTSmATTsCNZSVB0VtM0eJ+Y9Ff4CXb1frtt4GYztk6XB3jc3TxV72qzB0g6DqrHkf6pT5YAq2UeuFGZYSZCqBvVXCGcvKHkO1KBubuo95itVA5XbzK3INQTZpQowbtK4ULhUYlaGBcX5tYq1bdiTCDlTcLt6MfxYfFHSFiHbJOzdGPd+mXM7urOQhq49uQOf07dHt9qAzQHajItQb+X3FOgyFt4n6Y9Q37gn/6KC3PH1zClldq9DtgttuG/Xk15q+uvCldji9YIgb80aRHBIp6DY8PlYodmGGesBLiBMGQ7hgKupfkqszjfMkxnMYIkZodUCQVgaqsxsEQ7lD84JJMgBY8HkNLxKhy+6dP6kTc4vTtrpjezq/Ph95PFE= bednov@kafpi-108-1-mainserver2" ]; services.gnome.gnome-keyring.enable = true; programs = { + firejail = { + enable = true; + wrappedBinaries = { + packettracer7 = { + executable = "${inputs.packettracer7.packages.x86_64-linux.default}/bin/packettracer7"; + extraArgs = [ + "--net=none" + "--noprofile" + ]; + }; + }; + }; java.enable = true; gnupg.agent = { enable = true; enableSSHSupport = true; }; - chromium = { - enable = true; - extraOpts = { - "SyncDisabled" = true; - "PasswordManagerEnabled" = false; - "SpellcheckEnabled" = false; - "homepageLocation" = "https://ya.ru"; - }; - }; udevil.enable = true; # тоже нужно для флешек }; diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..de7f08e --- /dev/null +++ b/flake.lock @@ -0,0 +1,287 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": [ + "nix-jetbrains-plugins", + "systems" + ] + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "gostfont": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1736170321, + "narHash": "sha256-/dY+z0JBdFvyJy4fuIidNpEGKQPR+JB1Lc6PbNoyvvs=", + "ref": "refs/heads/main", + "rev": "4f11a7fdd2b0a390f98c8764e8f6830f75201096", + "revCount": 6, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/gostfont.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/gostfont.git" + } + }, + "guardant": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1771271444, + "narHash": "sha256-tN8hBh6zr7xT0lYWLiJLLDXVNAjdjxoklStbJbJoZl4=", + "ref": "refs/heads/master", + "rev": "e20554b30029b6d84f04cdf7fb226aff3be7e5d5", + "revCount": 1, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/guardant.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/guardant.git" + } + }, + "kompas3d": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1771306148, + "narHash": "sha256-6waxhcHMzmReOp5KUCAkycTR4YHgPCKF/C+3r5lCGkQ=", + "ref": "refs/heads/master", + "rev": "6e1860b78382cbd42f43663b459487e457abd251", + "revCount": 13, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/kompas3d.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/kompas3d.git" + } + }, + "mireadesktop": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1772927247, + "narHash": "sha256-qU9kHhp99W2ymeoZsC7L29BKUAonxw8ckFa0ratpx1s=", + "ref": "refs/heads/main", + "rev": "a19e2f8ac520ef2be55d0c0472aab125a4d3a357", + "revCount": 45, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/mireadesktop.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/mireadesktop.git" + } + }, + "mireapython": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1737741645, + "narHash": "sha256-MaT05qTfUSHsoWgWJqv33LRie7spTz0b6FReJWDV4yk=", + "ref": "refs/heads/main", + "rev": "b7172d602ff62aa02d68bd9852168bd3c32aa726", + "revCount": 12, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/mireapython.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/mireapython.git" + } + }, + "nix-jetbrains-plugins": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1740136774, + "narHash": "sha256-LJ6bXznu20nuRHe1D0sPmKozuS1wXeJvrDscCHRU85w=", + "ref": "refs/heads/main", + "rev": "c1b6f1b23bd29d520ac3f46fd596564ac6e84e2a", + "revCount": 44, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/nix-jetbrains-plugins.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/nix-jetbrains-plugins.git" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1745742390, + "narHash": "sha256-1rqa/XPSJqJg21BKWjzJZC7yU0l/YTVtjRi0RJmipus=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "26245db0cb552047418cfcef9a25da91b222d6c7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "packettracer7": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1740143112, + "narHash": "sha256-sawn/IVgT++IzbCsy/EhJ+w3+s2bxUF9jZ0kIPIXmcE=", + "ref": "refs/heads/main", + "rev": "eb673a5d201d9c32e8fc642e47b9c66ed6130379", + "revCount": 2, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/packettracer7.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/packettracer7.git" + } + }, + "root": { + "inputs": { + "gostfont": "gostfont", + "guardant": "guardant", + "kompas3d": "kompas3d", + "mireadesktop": "mireadesktop", + "mireapython": "mireapython", + "nix-jetbrains-plugins": "nix-jetbrains-plugins", + "nixpkgs": "nixpkgs", + "packettracer7": "packettracer7", + "simintech": "simintech", + "stm32cubemx": "stm32cubemx" + } + }, + "simintech": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1736199151, + "narHash": "sha256-maK9G10f/AD/BS3kZP3h3ADhLzYh5qXBUj2HXEr7t4s=", + "ref": "refs/heads/main", + "rev": "3ce193218e3f5b8cc5b5a212be550785d8e64e86", + "revCount": 10, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/simintech_nix.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/simintech_nix.git" + } + }, + "stm32cubemx": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1735908219, + "narHash": "sha256-5VRV0ThLNWpCet8+Zpk9LqJnjJXQKI2pfak/I0Cxhvs=", + "ref": "refs/heads/main", + "rev": "d1ebff9193ed7be660e14167f8fb1625be8df4f0", + "revCount": 31, + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/stm32cubemx.git" + }, + "original": { + "type": "git", + "url": "https://gregorbednov.ru/forgejo/gregorbednov/stm32cubemx.git" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 5c9ccf8..b784237 100644 --- a/flake.nix +++ b/flake.nix @@ -1,11 +1,49 @@ { inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; - inputs.simintech.url = "github:gregorybednov/simintech_nix"; # /94cb0192edb8f42e21362dae2c3712a4cfa7d71e; - inputs.mireadesktop.url = "github:gregorybednov/mireadesktop"; - inputs.stm32cubemx.url = "github:gregorybednov/stm32cubemx"; - inputs.gostfont.url = "github:gregorybednov/gostfont"; - inputs.nix-jetbrains-plugins.url = "github:gregorybednov/nix-jetbrains-plugins"; - inputs.mireapython.url = "github:gregorybednov/mireapython"; + inputs.simintech = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/simintech_nix.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.mireadesktop = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/mireadesktop.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.stm32cubemx = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/stm32cubemx.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.packettracer7 = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/packettracer7.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.gostfont = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/gostfont.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.nix-jetbrains-plugins = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/nix-jetbrains-plugins.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.mireapython = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/mireapython.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.kompas3d = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/kompas3d.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; + +inputs.guardant = { + url = "git+https://gregorbednov.ru/forgejo/gregorbednov/guardant.git"; + inputs.nixpkgs.follows = "nixpkgs"; +}; outputs = { @@ -13,15 +51,14 @@ nixpkgs, simintech, stm32cubemx, + packettracer7, + guardant, + kompas3d, ... }@inputs: { nixosConfigurations.nixos = nixpkgs.lib.nixosSystem { - specialArgs = { - inherit simintech; - inherit stm32cubemx; - inherit inputs; - }; + specialArgs = { inherit inputs; }; modules = [ ./configuration.nix ];