slopfarms

2026-05-11 01:22:48 +03:00 · 2026-05-11 01:22:48 +03:00 · 5acdaed42a
commit 5acdaed42a
parent fafb1bb009
6 changed files with 162 additions and 5 deletions
--- a/hosts/kittykat/configuration.nix
+++ b/hosts/kittykat/configuration.nix
@ -10,7 +10,7 @@
    ../../modules/nixos/networking/ssh.nix
    ../../modules/nixos/users/tulg.nix
    ./traefik.nix
-    #../../modules/home-manager/cli/default.nix
+    ./home.nix
    ../../modules/servers/per-host/kittykat/vaultwarden.nix

    ../../modules/servers/per-host/kittykat/xray.nix
--- a/hosts/kittykat/home.nix
+++ b/hosts/kittykat/home.nix
@ -0,0 +1,25 @@
+{
+  inputs,
+  config,
+  ...
+}: {
+  home-manager = {
+    useGlobalPkgs = true;
+    useUserPackages = true;
+    extraSpecialArgs = {
+      inherit inputs;
+    };
+    backupFileExtension = "backup";
+
+    users.tulg = {
+      home.username = "tulg";
+      home.homeDirectory = "/home/tulg";
+      home.stateVersion = "25.05";
+
+      imports = [
+        ../../modules/home-manager/pkgs.nix
+        ../../modules/home-manager/cli/default.nix
+      ];
+    };
+  };
+}
--- a/hosts/kittykat/traefik.nix
+++ b/hosts/kittykat/traefik.nix
@ -2,10 +2,20 @@
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [80 443 25565 25567];
+    extraInputRules = ''
+      tcp dport 2053 drop
+    '';
  };
-  networking.firewall.extraInputRules = ''
-    tcp dport 2053 drop
-  ''; #fuck off
+
+  services.static-web-server = {
+    enable = true;
+    listen = "127.0.0.1:8080";
+    root = "/var/www/kittykat";
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /var/www/kittykat 0755 root root -"
+  ];

  services.traefik = {
    enable = true;
@ -14,7 +24,7 @@
      entryPoints = {
        web = {
          address = ":80";
-          http.redirections.entrypoint = {
+          http.redirections.entryPoint = {
            to = "websecure";
            scheme = "https";
          };
@ -40,5 +50,18 @@

      api.dashboard = true;
    };
+
+    dynamicConfigOptions.http = {
+      routers.plain-html = {
+        rule = "Host(`poggerer.xyz`)";
+        entryPoints = ["websecure"];
+        service = "plain-html";
+        tls.certResolver = "letsencrypt";
+      };
+
+      services.plain-html.loadBalancer.servers = [
+        {url = "http://127.0.0.1:8080";}
+      ];
+    };
  };
 }
--- a/hosts/overlord/configuration.nix
+++ b/hosts/overlord/configuration.nix
@ -13,6 +13,7 @@
    ../../modules/servers/common.nix
    ../../modules/servers/per-host/overlord/nixarr.nix
    ../../modules/servers/per-host/overlord/share.nix
+    ./slopfarms.nix
  ];
  programs.tmux = {
    enable = true;
--- a/hosts/overlord/hardware-configuration.nix
+++ b/hosts/overlord/hardware-configuration.nix
@ -16,7 +16,23 @@
  boot.initrd.kernelModules = ["dm-snapshot"];
  boot.kernelModules = ["kvm-amd"];
  boot.extraModulePackages = [];
+  services.xserver.videoDrivers = ["nvidia"];

+  hardware.graphics = {
+    enable = true;
+  };
+
+  hardware.nvidia = {
+    modesetting.enable = true;
+
+    powerManagement.enable = false;
+
+    open = false;
+
+    nvidiaSettings = true;
+
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
--- a/hosts/overlord/slopfarms.nix
+++ b/hosts/overlord/slopfarms.nix
@ -0,0 +1,92 @@
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  services.n8n = {
+    enable = true;
+    openFirewall = true;
+
+    environment = {
+      host = "0.0.0.0";
+      port = 5678;
+      protocol = "http";
+    };
+
+    environment = {
+      N8N_SECURE_COOKIE = "false";
+
+      N8N_EXECUTE_COMMAND_ENABLED = "true";
+      N8N_ENABLE_EXECUTE_COMMAND = "true";
+      NODES_EXCLUDE = "[]";
+      N8N_NODES_INCLUDE = "n8n-nodes-base.executeCommand";
+
+      N8N_BINARY_DATA_STORAGE_PATH = "/srv/slopfarm";
+    };
+  };
+
+  systemd.services.n8n.serviceConfig = {
+    ReadWritePaths = ["/srv/slopfarm"];
+
+    SupplementaryGroups = ["video" "render"];
+
+    PrivateDevices = lib.mkForce false;
+    DevicePolicy = lib.mkForce "auto";
+    DeviceAllow = [
+      "/dev/nvidiactl rw"
+      "/dev/nvidia0 rw"
+      "/dev/nvidia-uvm rw"
+      "/dev/nvidia-uvm-tools rw"
+      "/dev/nvidia-modeset rw"
+    ];
+  };
+
+  environment.systemPackages = with pkgs; [
+    ffmpeg
+    piper-tts
+    git
+    yt-dlp
+    cudaPackages.cudatoolkit
+
+    (python3.withPackages (ps:
+      with ps; [
+        requests
+        aiohttp
+        praw
+
+        torch
+        torchvision
+        transformers
+        accelerate
+        sentencepiece
+        safetensors
+
+        soundfile
+        librosa
+        pydub
+        scipy
+
+        pillow
+        moviepy
+        imageio
+        imageio-ffmpeg
+        opencv4
+
+        numpy
+        tqdm
+        regex
+        python-dotenv
+        pysrt
+        flask
+      ]))
+  ];
+
+  systemd.tmpfiles.rules = [
+    "d /srv/slopfarm 0755 n8n n8n -"
+    "d /srv/slopfarm/input 0755 n8n n8n -"
+    "d /srv/slopfarm/output 0755 n8n n8n -"
+    "d /srv/slopfarm/scripts 0755 n8n n8n -"
+    "d /srv/slopfarm/backgrounds 0755 n8n n8n -"
+    "d /srv/slopfarm/voices 0755 n8n n8n -"
+  ];
+}