From fa636e3eafd90aac38e33f14bf965e675fb4b7c9 Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Sun, 1 Jun 2025 12:45:58 -0400 Subject: [PATCH 1/8] Disable VR-related settings --- hosts/default/configuration.nix | 14 +++++------ hosts/default/home.nix | 42 ++++++++++++++++----------------- 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix index c48d659..fcb37a6 100644 --- a/hosts/default/configuration.nix +++ b/hosts/default/configuration.nix @@ -271,8 +271,8 @@ lutris # game launcher (EA/Humble/Ubi++) cruft # python-based template processor nmap # network mapping/scanning tool - basalt-monado # tracking for VR - opencomposite # compatibility layer for VR + # basalt-monado # tracking for VR + # opencomposite # compatibility layer for VR # why did these two disappear??? usbutils # provide lsusb, etc. pciutils # provide lspci, etc. @@ -440,11 +440,11 @@ }; # VR #Commmand: `renice -20 -p $(pgrep monado)` may help w/issues - services.monado = { - enable = true; - defaultRuntime = true; # Register as default OpenXR runtime - forceDefaultRuntime = true; # Register as default OpenXR runtime for each user (remove home-manager file) - }; + # services.monado = { + # enable = true; + # defaultRuntime = true; # Register as default OpenXR runtime + # forceDefaultRuntime = true; # Register as default OpenXR runtime for each user (remove home-manager file) + # }; #systemd.user.services.monado.environment = { # WMR_HANDTRACKING = "0"; # Enable for hand tracking # XRT_PRINT_OPTIONS = "1"; # Enable printing env vars set/available diff --git a/hosts/default/home.nix b/hosts/default/home.nix index 271a2a6..3d0f956 100644 --- a/hosts/default/home.nix +++ b/hosts/default/home.nix @@ -73,30 +73,30 @@ # EDITOR = "emacs"; }; # For Monado: - xdg.configFile."openxr/1/active_runtime.json".source = "${pkgs.monado}/share/openxr/1/openxr_monado.json"; + # xdg.configFile."openxr/1/active_runtime.json".source = "${pkgs.monado}/share/openxr/1/openxr_monado.json"; # For WiVRn: - #xdg.configFile."openxr/1/active_runtime.json".source = "${pkgs.wivrn}/share/openxr/1/openxr_wivrn.json"; + # xdg.configFile."openxr/1/active_runtime.json".source = "${pkgs.wivrn}/share/openxr/1/openxr_wivrn.json"; - xdg.configFile."openvr/openvrpaths.vrpath".text = '' - { - "config" : - [ - "${config.xdg.dataHome}/Steam/config" - ], - "external_drivers" : null, - "jsonid" : "vrpathreg", - "log" : - [ - "${config.xdg.dataHome}/Steam/logs" - ], - "runtime" : - [ - "${pkgs.opencomposite}/lib/opencomposite" - ], - "version" : 1 - } - ''; + # xdg.configFile."openvr/openvrpaths.vrpath".text = '' + # { + # "config" : + # [ + # "${config.xdg.dataHome}/Steam/config" + # ], + # "external_drivers" : null, + # "jsonid" : "vrpathreg", + # "log" : + # [ + # "${config.xdg.dataHome}/Steam/logs" + # ], + # "runtime" : + # [ + # "${pkgs.opencomposite}/lib/opencomposite" + # ], + # "version" : 1 + # } + # ''; # Let Home Manager install and manage itself. programs.home-manager.enable = true; } From 881db84a264cd2423b0aba75f01202dac355371c Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Sun, 1 Jun 2025 12:55:07 -0400 Subject: [PATCH 2/8] Update nix flake.lock --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 18ba42e..d1201d6 100644 --- a/flake.lock +++ b/flake.lock @@ -22,11 +22,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748460289, - "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", + "lastModified": 1748693115, + "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", "owner": "nixos", "repo": "nixpkgs", - "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", + "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", "type": "github" }, "original": { From 6dfade4734cc1f228758a6d88fe0a17a1d925762 Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Mon, 2 Jun 2025 13:35:32 -0400 Subject: [PATCH 3/8] Ensure firewall is active ...it was, but there's still a rule I don't understand, despite nmap results looking good --- hosts/default/configuration.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix index fcb37a6..b0e61c5 100644 --- a/hosts/default/configuration.nix +++ b/hosts/default/configuration.nix @@ -190,6 +190,7 @@ #networking.firewall.allowedTCPPorts = [ 9003 ]; networking.firewall = { + enable = true; allowedTCPPorts = [ 9003 ]; allowedUDPPorts = [ 51820 ]; # if packets are still dropped, they will show up in dmesg From 73146c6a5db9f95ecf00480545e2a700dd3ffbd8 Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Mon, 2 Jun 2025 13:35:59 -0400 Subject: [PATCH 4/8] Clean up comments and yes, it existed --- hosts/default/configuration.nix | 7 ------- 1 file changed, 7 deletions(-) diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix index b0e61c5..9ef43bd 100644 --- a/hosts/default/configuration.nix +++ b/hosts/default/configuration.nix @@ -250,7 +250,6 @@ libreoffice-qt # libreoffice - qt is best for KDE hunspell # spell checking hunspellDicts.en_US # spell check dictionary - #corectl # this doesn't exist???? magic-wormhole # transfer files with ease screen # terminal multiplexer...from GNU gnumake # build automation tool @@ -460,12 +459,6 @@ programs.steam.gamescopeSession.enable = true; - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave From 16b16673731bb5db2d1538403bb10ce5253ab34a Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Sun, 8 Jun 2025 12:15:56 -0400 Subject: [PATCH 5/8] Update flake.lock --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index d1201d6..177b3f9 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1748737919, - "narHash": "sha256-5kvBbLYdp+n7Ftanjcs6Nv+UO6sBhelp6MIGJ9nWmjQ=", + "lastModified": 1749243446, + "narHash": "sha256-P1gumhZN5N9q+39ndePHYrtwOwY1cGx+VoXGl+vTm7A=", "owner": "nix-community", "repo": "home-manager", - "rev": "5675a9686851d9626560052a032c4e14e533c1fa", + "rev": "2d7d65f65b61fdfce23278e59ca266ddd0ef0a36", "type": "github" }, "original": { @@ -22,11 +22,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1749143949, + "narHash": "sha256-QuUtALJpVrPnPeozlUG/y+oIMSLdptHxb3GK6cpSVhA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "d3d2d80a2191a73d1e86456a751b83aa13085d7d", "type": "github" }, "original": { From 5d831405a07aed758e965e9de9713696d1725966 Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Sun, 8 Jun 2025 12:16:37 -0400 Subject: [PATCH 6/8] Add disable panel self-refresh to fix AMDGPU bug/hang and switch back to zen kernel --- hosts/default/configuration.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix index 9ef43bd..3aca732 100644 --- a/hosts/default/configuration.nix +++ b/hosts/default/configuration.nix @@ -55,11 +55,14 @@ # Temporarily pin to 6.12 to fix llvm/rocm build # https://github.com/NixOS/nixpkgs/issues/368672#issuecomment-2608697421 # boot.kernelPackages = pkgs.linuxPackages_6_12; - # boot.kernelPackages = pkgs.linuxPackages_zen; + boot.kernelPackages = pkgs.linuxPackages_zen; # nct6775 - for monitoring functions on ASUS ROG STRIX B550-F GAMING WIFI II # kvm-amd - AMD virtualization support boot.kernelModules = [ "kvm-amd" "nct6775" ]; + # Problems with hangs on RX6700 + boot.kernelParams = [ "amdgpu.dcdebugmask=0x10" ]; + # Direct patching for enabling for async reprojection (for SteamVR) on AMD # boot.kernelPatches = [ # { From 50e1cab1758acb3a85ac32fdef07865b2d1e2086 Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Sun, 8 Jun 2025 12:16:54 -0400 Subject: [PATCH 7/8] Update firewall rules for Ollama server --- hosts/default/configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/default/configuration.nix b/hosts/default/configuration.nix index 3aca732..f9b648e 100644 --- a/hosts/default/configuration.nix +++ b/hosts/default/configuration.nix @@ -201,8 +201,8 @@ checkReversePath = "loose"; extraCommands = '' # Enable connections to Ollama for VPN users: + iptables -t filter -I INPUT --protocol TCP --source 10.40.4.0/24 --destination 10.40.4.2 --dport 8080 -j ACCEPT iptables -t filter -I INPUT --protocol TCP --source 10.40.4.2/32 --destination 10.40.4.2 --dport 11434 -j ACCEPT - iptables -t filter -I INPUT --protocol TCP --source 10.0.7.0/24 --destination 10.40.4.2 --dport 11434 -j ACCEPT ''; # wireguard trips rpfilter up #extraCommands = '' From 430d2fdb1f850e7061238c2c996675e30443a8d3 Mon Sep 17 00:00:00 2001 From: "Chris (wolcen) Thompson" Date: Fri, 27 Jun 2025 20:38:28 -0400 Subject: [PATCH 8/8] Update flake.lock --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 177b3f9..40aeb2b 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1749243446, - "narHash": "sha256-P1gumhZN5N9q+39ndePHYrtwOwY1cGx+VoXGl+vTm7A=", + "lastModified": 1750973805, + "narHash": "sha256-BZXgag7I0rnL/HMHAsBz3tQrfKAibpY2vovexl2lS+Y=", "owner": "nix-community", "repo": "home-manager", - "rev": "2d7d65f65b61fdfce23278e59ca266ddd0ef0a36", + "rev": "080e8b48b0318b38143d5865de9334f46d51fce3", "type": "github" }, "original": { @@ -22,11 +22,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749143949, - "narHash": "sha256-QuUtALJpVrPnPeozlUG/y+oIMSLdptHxb3GK6cpSVhA=", + "lastModified": 1750776420, + "narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d3d2d80a2191a73d1e86456a751b83aa13085d7d", + "rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf", "type": "github" }, "original": {