Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restructure

Browse Source
This commit is contained in:
Nathan
2026-04-22 12:30:34 -05:00
parent 03bec1dcaf
commit 06385f94f6
51 changed files with 698 additions and 1552 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/features/authentik.nix
View File

@@ -10,12 +10,7 @@
in {
options.sysconfig.docker.authentik.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.authentik.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.interfaces = {
"ve-traefik" = {

9
modules/features/avahi.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.avahi = { config, lib, ... }: {
options = {
sysconfig.services.avahi.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.avahi.enable {
config = {
services.avahi = {

7
modules/features/code-server.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.code-server = { config, lib, ... }: {
options.sysconfig.containers.code-server.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.code-server.enable {
config = {
containers.code-server = {

52
modules/features/default.nix
View File

@@ -2,48 +2,26 @@
flake.nixosModules.default = { config, lib, pkgs, ... }: {
options.sysconfig = with lib; {
host = mkOption {
type = with types; nullOr str;
default = null;
};
graphical = mkOption {
type = with types; bool;
default = config.hardware.graphics.enable;
};
remoteBuildHost = mkOption {
type = with types; bool;
default = false;
};
remoteBuildClient = mkOption {
type = with types; bool;
default = false;
};
};
imports = [
inputs.sops-nix.nixosModules.sops
];
config = {
networking.hostName = lib.mkDefault config.sysconfig.host;
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
channel.enable = false;
settings = {
experimental-features = [ "nix-command" "flakes" ];
builders-use-substitutes = lib.mkIf config.sysconfig.remoteBuildClient true;
trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ "remote-builder" ];
builders-use-substitutes = lib.mkIf true;
substituters = lib.mkIf config.sysconfig.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-substituters = lib.mkIf config.sysconfig.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-public-keys = lib.mkIf config.sysconfig.programs.hyprland.enable ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
substituters = lib.mkIf config.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-substituters = lib.mkIf config.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-public-keys = lib.mkIf config.programs.hyprland.enable ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
};
distributedBuilds = config.sysconfig.remoteBuildClient;
buildMachines = lib.mkIf config.sysconfig.remoteBuildClient [
distributedBuilds = lib.mkDefault (config.sops.secrets ? "remoteBuildKey");
buildMachines = lib.mkIf (config.sops.secrets ? "remoteBuildKey") [
{
hostName = "esotericbytes.com";
sshUser = "remote-builder";
@@ -59,12 +37,18 @@
];
};
users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
users.users."remote-builder" = lib.mkIf (builtins.any
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
) {
isNormalUser = true;
createHome = false;
};
sops.templates."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
sops.templates."remote-builder" = lib.mkIf (builtins.any
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
) {
content = builtins.concatStringsSep ''''\n'' (builtins.map
(y: config.sops.placeholder.${y})
(builtins.filter
@@ -81,6 +65,14 @@
defaultSopsFormat = "yaml";
};
programs.fuse.userAllowOther = true;
home-manager = {
backupFileExtension = "backup";
useUserPackages = true;
sharedModules = [];
};
time.timeZone = lib.mkDefault "America/Chicago";
i18n = lib.mkDefault {

19
modules/features/docker.nix
View File

@@ -2,19 +2,7 @@
flake.nixosModules.docker = { config, lib, pkgs, ... }: {
options.sysconfig.docker = {
enable = with lib; mkOption {
type = with types; bool;
default = false;
};
nvidia = with lib; mkOption {
type = with types; bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.docker.enable {
config = {
networking.nat.internalInterfaces = [ "docker0" "docker-main" ];
@@ -29,7 +17,10 @@
};
};
hardware.nvidia-container-toolkit.enable = config.sysconfig.docker.nvidia;
hardware.nvidia-container-toolkit.enable = lib.mkDefault (builtins.any
(x: x == "nvidia")
config.services.xserver.videoDrivers
);
systemd.services."docker-network-setup" = {
path = [ pkgs.docker ];

8
modules/features/dynamicDNS.nix
View File

@@ -2,13 +2,7 @@
flake.nixosModules.dynamicDNS = { config, lib, pkgs, ... }: {
options.sysconfig.services.dynamicDNS.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.dynamicDNS.enable {
config = {
systemd.timers.dynamicDNS = {

14
modules/features/gitea.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.gitea = { config, lib, ... }: {
options.sysconfig.containers.gitea.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.gitea.enable {
config = {
networking = {
nat.internalInterfaces = [ "ve-gitea" ];
@@ -121,12 +116,7 @@
in {
options.sysconfig.docker."${name}".enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers."${name}" = {

16
modules/features/home-assistant/home-assistant.nix
View File

@@ -8,12 +8,7 @@
in {
options.sysconfig.docker.home-assistant.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.home-assistant.enable && config.sysconfig.docker.enable) {
config = {
environment.etc."home-assistant/configuration.yaml".source = ./configuration.yaml;
@@ -61,14 +56,7 @@
flake.nixosModules.home-assistant-vm = { config, lib, ... }: {
options.sysconfig.virtual-machines.home-assistant = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.virtual-machines.home-assistant.enable {
config = {
};
};

9
modules/features/hyprland.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.hyprland = { config, lib, pkgs, ... }: {
options.sysconfig.programs.hyprland.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.programs.hyprland.enable {
sysconfig.services.sddm.enable = lib.mkDefault true;
config = {
environment.sessionVariables.NIXOS_OZONE_WL = "1";

15
modules/features/jellyfin.nix
View File

@@ -8,12 +8,7 @@
in {
options.sysconfig.docker.jellyfin.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.jellyfin.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.allowedUDPPorts = [ 7359 ];
@@ -50,9 +45,11 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "8096";
};
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
"--device=nvidia.com/gpu=all"
"--ip=192.168.101.21"
extraOptions = lib.mkMerge [
(lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all"
])
[ "--ip=192.168.101.21" ]
];
environment = {

9
modules/features/kdePlasma6.nix
View File

@@ -2,17 +2,10 @@
flake.nixosModules.kdePlasma6 = { config, lib, pkgs, ... }: {
options.sysconfig.services.kdePlasma6.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.kdePlasma6.enable {
config = {
services.desktopManager.plasma6.enable = true;
sysconfig.services.sddm.enable = lib.mkDefault true;
environment.systemPackages = with pkgs; [
kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice
kdePackages.kcalc # Calculator

7
modules/features/n8n.nix
View File

@@ -8,12 +8,7 @@
in {
options.sysconfig.docker."${name}".enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers."${name}" = {

21
modules/features/netbird/netbird.nix
View File

@@ -3,22 +3,14 @@
flake.nixosModules.netbird = { config, lib, pkgs, ... }: {
options.sysconfig = {
services.netbird.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = let
pkgs-us = import inputs.nixpkgs-us {
system = "x86_64-linux";
};
in lib.mkIf config.sysconfig.services.netbird.enable {
in {
services.netbird = {
enable = lib.mkDefault config.sysconfig.services.netbird.enable;
enable = lib.mkDefault true;
clients.default = {
port = 51820;
@@ -27,7 +19,7 @@
hardened = false;
ui = {
enable = lib.mkDefault config.sysconfig.graphical;
enable = lib.mkDefault config.hardware.graphics.enable;
#package = pkgs-us.netbird-ui;
#package = pkgs.netbird-ui;
};
@@ -41,12 +33,7 @@
flake.nixosModules.netbird-docker = { config, lib, pkgs, ... }: {
options.sysconfig.docker.netbird.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.netbird.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.allowedUDPPorts = [ 3478 ];

7
modules/features/nextcloud.nix
View File

@@ -8,12 +8,7 @@
in {
options.sysconfig.docker.nextcloud.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.nextcloud.enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers."nextcloud-aio-mastercontainer" = {
image = "ghcr.io/nextcloud-releases/all-in-one:20260122_105751";

7
modules/features/nginx.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.nginx = { config, lib, ... }: {
options.sysconfig.containers."esotericbytes.com".enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers."esotericbytes.com".enable {
config = {
containers.esotericbytes-com = {

14
modules/features/novnc.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.novnc = { config, lib, pkgs, ... }: {
options.sysconfig.services.novnc.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.novnc.enable {
config = {
systemd.services.novnc = {
enable = true;
@@ -33,12 +28,7 @@
flake.nixosModules.novnc-container = { config, lib, pkgs, ... }: {
options.sysconfig.containers.novnc.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.novnc.enable {
config = {
networking = {
firewall.interfaces."ve-novnc" = {

7
modules/features/ntfy.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.ntfy = { config, lib, ... }: {
options.sysconfig.containers.ntfy.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.ntfy.enable {
config = {
containers.ntfy = {

18
modules/features/ollama.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.ollama = { config, lib, ... }: {
options = {
sysconfig.services.ollama.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.ollama.enable {
config = {
services.ollama = {
enable = true;
acceleration = "cuda";
@@ -36,12 +29,7 @@
in {
options.sysconfig.docker.ollama.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.ollama.enable && config.sysconfig.docker.enable) {
config = {
environment.systemPackages = with pkgs; [
ollama
@@ -88,7 +76,7 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "11434";
};
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
extraOptions = lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all"
"--ip=192.168.101.22"
];

9
modules/features/openssh.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.openssh = { config, lib, ... }: {
options = {
sysconfig.services.openssh.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf (config.sysconfig.services.openssh.enable || config.sysconfig.remoteBuildHost) {
config = {
services.openssh = {
enable = true;

9
modules/features/openwebui.nix
View File

@@ -8,12 +8,7 @@
in {
options.sysconfig.docker.openwebui.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.openwebui.enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers.openwebui = {
image = "ghcr.io/open-webui/open-webui:v0.7.2";
@@ -45,7 +40,7 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "8080";
};
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
extraOptions = lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all"
"--ip=192.168.101.8"
];

7
modules/features/pihole.nix
View File

@@ -10,12 +10,7 @@
in {
options.sysconfig.docker.pihole.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.pihole.enable && config.sysconfig.docker.enable) {
config = {
virtualisation.docker.daemon.settings.dns = [ "192.168.101.12" ];

9
modules/features/pipewire.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.pipewire = { config, lib, pkgs, ... }: {
options = {
sysconfig.services.pipewire.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.pipewire.enable {
config = {
# Enable sound with pipewire.
#sound.enable = true;

7
modules/features/portainer.nix
View File

@@ -10,12 +10,7 @@
in {
options.sysconfig.docker.portainer.enable = with lib; mkOption {
type = with types; bool;
default = true;
};
config = lib.mkIf (config.sysconfig.docker.portainer.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.interfaces = {
"ve-traefik" = {

7
modules/features/sandbox.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.sandbox = { config, lib, self, ... }: {
options.sysconfig.containers.sandbox.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.sandbox.enable {
config = {
networking = {

7
modules/features/sddm.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.sddm = { config, lib, pkgs, ... }: {
options.sysconfig.services.sddm.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.sddm.enable {
config = {
qt.enable = true;

7
modules/features/searxng/searxng.nix
View File

@@ -8,12 +8,7 @@
in {
options.sysconfig.docker.searxng.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.searxng.enable && config.sysconfig.docker.enable) {
config = {
environment.etc."searxng/settings.yml".source = ./settings.yml;

7
modules/features/steam.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.steam = { config, lib, ... }: {
options.sysconfig.programs.steam.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.programs.steam.enable {
config = {
programs.steam = {
enable = true;

7
modules/features/traefik/traefik.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.traefik = { config, lib, ... }: {
options.sysconfig.docker.traefik.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.traefik.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.allowedTCPPorts = [ 80 81 443 444 2222 ];

138
modules/features/users.nix
View File

@@ -1,138 +0,0 @@
{ self, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
options.sysconfig = with lib; {
sshHostKeys = lib.mkOption {
type = with lib.types; attrsOf str;
default = {};
};
users = let
userType = types.submodule ({ name, ... }: {
options = with lib; {
name = mkOption {
type = with types; passwdEntry str;
default = name;
};
home-manager = {
enable = mkOption {
type = with types; bool;
default = false;
};
standalone = mkOption {
type = with types; bool;
default = true;
description = "is this home-manager standalone?";
};
extraModules = mkOption {
type = with types; listOf raw;
default = [];
};
};
isSuperuser = mkOption {
type = with types; bool;
default = false;
description = "sudo?";
};
usePresets = mkOption {
type = with types; bool;
default = true;
description = "search for predefined settings?";
};
ssh = {
keys = mkOption {
type = with types; listOf str;
default = [];
description = "public keys used to login as this user";
};
hosts = mkOption {
type = with types; listOf str;
default = [];
description = "user@host's used to login as this user";
};
};
uid = mkOption {
type = with types; nullOr int;
default = null;
};
hashedPasswordFile = mkOption {
type = with types; nullOr str;
default = null;
};
extraGroups = mkOption {
type = with types; listOf str;
default = [];
};
shell = mkOption {
type = with types; package;
default = pkgs.shadow;
};
};
});
in lib.mkOption {
type = with lib.types; attrsOf userType;
default = {};
};
};
config = {
users.users = builtins.mapAttrs (x: y: let
cfg = config.sysconfig.users.${x};
in {
name = cfg.name;
isNormalUser = true;
uid = cfg.uid;
hashedPasswordFile = lib.mkIf (cfg.hashedPasswordFile != null) cfg.hashedPasswordFile;
shell = cfg.shell;
extraGroups = cfg.extraGroups ++ (if cfg.isSuperuser then [ "wheel" ] else []);
openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable (cfg.ssh.keys ++ (map (z: config.sysconfig.sshHostKeys.${z}) cfg.ssh.hosts));
packages = with pkgs; lib.mkIf (cfg.home-manager.enable && cfg.home-manager.standalone) [ home-manager ];
}) config.sysconfig.users;
programs.fuse.userAllowOther = true;
home-manager = {
backupFileExtension = "backup";
useUserPackages = true;
sharedModules = [];
users = builtins.listToAttrs (builtins.map
(x: {
name = x;
value = (lib.mkMerge ([
(lib.mkIf (self.homeModules ? ${x}) self.homeModules.${x})
] ++ config.sysconfig.users.${x}.home-manager.extraModules));
})
(builtins.filter
(y: (config.sysconfig.users.${y}.home-manager.enable && !config.sysconfig.users.${y}.home-manager.standalone))
(builtins.attrNames config.sysconfig.users)
)
);
};
nix.settings.trusted-users = (builtins.filter
(y: config.sysconfig.users.${y}.isSuperuser)
(builtins.attrNames config.sysconfig.users)
);
};
};
}

9
modules/features/virtual-machines.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.virtual-machines = { config, lib, pkgs, ... }: {
options.sysconfig.virtual-machines.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf config.sysconfig.virtual-machines.enable {
config = {
programs.virt-manager.enable = true;
virtualisation = {
@@ -19,7 +14,7 @@
spiceUSBRedirection.enable = true;
};
environment.systemPackages = with pkgs; lib.mkIf config.sysconfig.graphical [
environment.systemPackages = with pkgs; lib.mkIf config.hardware.graphics.enable [
virt-viewer
];
};

174
modules/features/wyoming.nix
View File

@@ -2,44 +2,21 @@
flake.nixosModules.wyoming = { config, lib, ... }: {
options.sysconfig.services.wyoming = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
piper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
openwakeword = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
faster-whisper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
satellite = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.wyoming.enable {
config = {
services.wyoming = {
piper = lib.mkIf config.sysconfig.services.wyoming.piper {
piper = {
servers.piper = {
enable = true;
enable = lib.mkDefault true;
voice = "en-us-ryan-medium";
uri = "tcp://0.0.0.0:11435";
};
};
openwakeword = lib.mkIf config.sysconfig.services.wyoming.openwakeword {
enable = true;
openwakeword = {
enable = lib.mkDefault true;
uri = "tcp://0.0.0.0:11432";
threshold = 0.5;
@@ -48,9 +25,9 @@
];
};
faster-whisper = lib.mkIf config.sysconfig.services.wyoming.faster-whisper {
faster-whisper = {
servers.whisper = {
enable = true;
enable = lib.mkDefault true;
device = "auto";
language = "en";
model = "medium.en";
@@ -58,145 +35,12 @@
};
};
satellite = lib.mkIf config.sysconfig.services.wyoming.satellite {
enable = true;
satellite = {
enable = lib.mkDefault true;
uri = "tcp://0.0.0.0:11431";
};
};
};
};
flake.nixosModules.wyoming-container = { config, lib, ... }: {
options.sysconfig.containers.wyoming = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
piper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
openwakeword = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
faster-whisper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
satellite = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.containers.wyoming.enable {
containers.wyoming = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.26";
bindMounts = lib.mkIf config.sysconfig.containers.wyoming.faster-whisper {
"/dev/nvidia0" = {
hostPath = "/dev/nvidia0";
isReadOnly = false;
};
"/dev/nvidiactl" = {
hostPath = "/dev/nvidiactl";
isReadOnly = false;
};
"/dev/nvidia-uvm" = {
hostPath = "/dev/nvidia-uvm";
isReadOnly = false;
};
"/dev/nvidia-modeset" = {
hostPath = "/dev/nvidia-modeset";
isReadOnly = false;
};
"/dev/nvidia-uvm-tools" = {
hostPath = "/dev/nvidia-uvm-tools";
isReadOnly = false;
};
};
allowedDevices = lib.mkIf config.sysconfig.containers.wyoming.faster-whisper [
{
node = "/dev/nvidia0";
modifier = "rw";
}
{
node = "/dev/nvidiactl";
modifier = "rw";
}
{
node = "/dev/nvidia-uvm";
modifier = "rw";
}
{
node = "/dev/nvidia-modeset";
modifier = "rw";
}
{
node = "/dev/nvidia-uvm-tools";
modifier = "rw";
}
];
config = {
networking.firewall = {
allowedTCPPorts = [ 11431 11432 11433 11435 ];
};
services.wyoming = {
piper = lib.mkIf config.sysconfig.containers.wyoming.piper {
servers.piper = {
enable = true;
voice = "en-us-ryan-medium";
uri = "tcp://0.0.0.0:11435";
};
};
openwakeword = lib.mkIf config.sysconfig.containers.wyoming.openwakeword {
enable = true;
uri = "tcp://0.0.0.0:11432";
threshold = 0.5;
customModelsDirectories = [
#./wake_words
];
};
faster-whisper = lib.mkIf config.sysconfig.containers.wyoming.faster-whisper {
servers.whisper = {
enable = true;
device = "auto";
language = "en";
model = "medium.en";
uri = "tcp://0.0.0.0:11433";
};
};
satellite = lib.mkIf config.sysconfig.containers.wyoming.satellite {
enable = true;
uri = "tcp://0.0.0.0:11431";
#user = "nathan";
vad.enable = false;
};
};
system.stateVersion = "25.05";
};
};
};
};
}