From 5acdaed42a09cd32cf2b5fed7befa8b49c3a78e1 Mon Sep 17 00:00:00 2001 From: tulg Date: Mon, 11 May 2026 01:22:48 +0300 Subject: [PATCH] slopfarms --- hosts/kittykat/configuration.nix | 2 +- hosts/kittykat/home.nix | 25 ++++++ hosts/kittykat/traefik.nix | 31 +++++++- hosts/overlord/configuration.nix | 1 + hosts/overlord/hardware-configuration.nix | 16 ++++ hosts/overlord/slopfarms.nix | 92 +++++++++++++++++++++++ 6 files changed, 162 insertions(+), 5 deletions(-) create mode 100644 hosts/kittykat/home.nix create mode 100644 hosts/overlord/slopfarms.nix diff --git a/hosts/kittykat/configuration.nix b/hosts/kittykat/configuration.nix index 7c25679..dc2519f 100644 --- a/hosts/kittykat/configuration.nix +++ b/hosts/kittykat/configuration.nix @@ -10,7 +10,7 @@ ../../modules/nixos/networking/ssh.nix ../../modules/nixos/users/tulg.nix ./traefik.nix - #../../modules/home-manager/cli/default.nix + ./home.nix ../../modules/servers/per-host/kittykat/vaultwarden.nix ../../modules/servers/per-host/kittykat/xray.nix diff --git a/hosts/kittykat/home.nix b/hosts/kittykat/home.nix new file mode 100644 index 0000000..578a341 --- /dev/null +++ b/hosts/kittykat/home.nix @@ -0,0 +1,25 @@ +{ + inputs, + config, + ... +}: { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { + inherit inputs; + }; + backupFileExtension = "backup"; + + users.tulg = { + home.username = "tulg"; + home.homeDirectory = "/home/tulg"; + home.stateVersion = "25.05"; + + imports = [ + ../../modules/home-manager/pkgs.nix + ../../modules/home-manager/cli/default.nix + ]; + }; + }; +} diff --git a/hosts/kittykat/traefik.nix b/hosts/kittykat/traefik.nix index 1bd813a..a70b0e4 100644 --- a/hosts/kittykat/traefik.nix +++ b/hosts/kittykat/traefik.nix @@ -2,10 +2,20 @@ networking.firewall = { enable = true; allowedTCPPorts = [80 443 25565 25567]; + extraInputRules = '' + tcp dport 2053 drop + ''; }; - networking.firewall.extraInputRules = '' - tcp dport 2053 drop - ''; #fuck off + + services.static-web-server = { + enable = true; + listen = "127.0.0.1:8080"; + root = "/var/www/kittykat"; + }; + + systemd.tmpfiles.rules = [ + "d /var/www/kittykat 0755 root root -" + ]; services.traefik = { enable = true; @@ -14,7 +24,7 @@ entryPoints = { web = { address = ":80"; - http.redirections.entrypoint = { + http.redirections.entryPoint = { to = "websecure"; scheme = "https"; }; @@ -40,5 +50,18 @@ api.dashboard = true; }; + + dynamicConfigOptions.http = { + routers.plain-html = { + rule = "Host(`poggerer.xyz`)"; + entryPoints = ["websecure"]; + service = "plain-html"; + tls.certResolver = "letsencrypt"; + }; + + services.plain-html.loadBalancer.servers = [ + {url = "http://127.0.0.1:8080";} + ]; + }; }; } diff --git a/hosts/overlord/configuration.nix b/hosts/overlord/configuration.nix index 587b055..e8fd5d0 100644 --- a/hosts/overlord/configuration.nix +++ b/hosts/overlord/configuration.nix @@ -13,6 +13,7 @@ ../../modules/servers/common.nix ../../modules/servers/per-host/overlord/nixarr.nix ../../modules/servers/per-host/overlord/share.nix + ./slopfarms.nix ]; programs.tmux = { enable = true; diff --git a/hosts/overlord/hardware-configuration.nix b/hosts/overlord/hardware-configuration.nix index 3616e4d..2098d55 100644 --- a/hosts/overlord/hardware-configuration.nix +++ b/hosts/overlord/hardware-configuration.nix @@ -16,7 +16,23 @@ boot.initrd.kernelModules = ["dm-snapshot"]; boot.kernelModules = ["kvm-amd"]; boot.extraModulePackages = []; + services.xserver.videoDrivers = ["nvidia"]; + hardware.graphics = { + enable = true; + }; + + hardware.nvidia = { + modesetting.enable = true; + + powerManagement.enable = false; + + open = false; + + nvidiaSettings = true; + + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction diff --git a/hosts/overlord/slopfarms.nix b/hosts/overlord/slopfarms.nix new file mode 100644 index 0000000..400449d --- /dev/null +++ b/hosts/overlord/slopfarms.nix @@ -0,0 +1,92 @@ +{ + pkgs, + lib, + ... +}: { + services.n8n = { + enable = true; + openFirewall = true; + + environment = { + host = "0.0.0.0"; + port = 5678; + protocol = "http"; + }; + + environment = { + N8N_SECURE_COOKIE = "false"; + + N8N_EXECUTE_COMMAND_ENABLED = "true"; + N8N_ENABLE_EXECUTE_COMMAND = "true"; + NODES_EXCLUDE = "[]"; + N8N_NODES_INCLUDE = "n8n-nodes-base.executeCommand"; + + N8N_BINARY_DATA_STORAGE_PATH = "/srv/slopfarm"; + }; + }; + + systemd.services.n8n.serviceConfig = { + ReadWritePaths = ["/srv/slopfarm"]; + + SupplementaryGroups = ["video" "render"]; + + PrivateDevices = lib.mkForce false; + DevicePolicy = lib.mkForce "auto"; + DeviceAllow = [ + "/dev/nvidiactl rw" + "/dev/nvidia0 rw" + "/dev/nvidia-uvm rw" + "/dev/nvidia-uvm-tools rw" + "/dev/nvidia-modeset rw" + ]; + }; + + environment.systemPackages = with pkgs; [ + ffmpeg + piper-tts + git + yt-dlp + cudaPackages.cudatoolkit + + (python3.withPackages (ps: + with ps; [ + requests + aiohttp + praw + + torch + torchvision + transformers + accelerate + sentencepiece + safetensors + + soundfile + librosa + pydub + scipy + + pillow + moviepy + imageio + imageio-ffmpeg + opencv4 + + numpy + tqdm + regex + python-dotenv + pysrt + flask + ])) + ]; + + systemd.tmpfiles.rules = [ + "d /srv/slopfarm 0755 n8n n8n -" + "d /srv/slopfarm/input 0755 n8n n8n -" + "d /srv/slopfarm/output 0755 n8n n8n -" + "d /srv/slopfarm/scripts 0755 n8n n8n -" + "d /srv/slopfarm/backgrounds 0755 n8n n8n -" + "d /srv/slopfarm/voices 0755 n8n n8n -" + ]; +}