7 files changed, 44 insertions, 37 deletions

diff --git a/hosts/arrakis/default.nix b/hosts/arrakis/default.nix
index 5c19fe3..eae67ee 100644
--- a/hosts/arrakis/default.nix
+++ b/hosts/arrakis/default.nix
@@ -93,9 +93,12 @@
     '';
   };
 
+  environment.sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; };
+
   environment.systemPackages = [
     #pkgs.bitcoind
     pkgs.igir
+    pkgs.intel-gpu-tools
     pkgs.lidarr
     pkgs.mailutils
     pkgs.megacmd
@@ -108,6 +111,20 @@
     pkgs.wpa_supplicant
   ];
 
+  hardware = {
+    #bluetooth.enable = true;
+
+    graphics = {
+      enable = true;
+      extraPackages = [
+        pkgs.intel-compute-runtime
+        pkgs.intel-media-driver
+        pkgs.intel-ocl pkgs.vpl-gpu-rt
+      ];
+      #extraPackages32 = [ pkgs.pkgsi686Linux.nvidia-vaapi-driver ];
+    };
+  };
+
   imports = [
     ./disks.nix
     ./hardware-configuration.nix
@@ -123,6 +140,7 @@
     #../common/optional/pipewire.nix
     #../common/optional/sdr.nix
     ../common/optional/services/chrony.nix
+    ../common/optional/services/fwupd.nix
     ../common/optional/services/openssh.nix
     #../common/optional/services/xorg.nix
     #../common/optional/sound.nix
@@ -226,7 +244,7 @@
     };
     hostPlatform = "x86_64-linux";
     overlays = [
-      inputs.nvidia-patch.overlays.default
+      #inputs.nvidia-patch.overlays.default
       outputs.overlays.additions
       outputs.overlays.modifications
       outputs.overlays.master-packages
@@ -240,7 +258,10 @@
     defaultSopsFile = ../secrets/arrakis.yaml;
 
     secrets = {
-      "htpasswd" = {};
+      "htpasswd" = {
+        owner = config.users.users.nginx.name;
+        group = config.users.users.nginx.group;
+      };
       "nftables/ssh" = {};
       "nix-access-token-github" = {};
       "ssh_config".path = "/root/.ssh/config";
@@ -268,6 +289,7 @@
   system.stateVersion = "23.11";
 
   systemd.services = {
+    jellyfin.environment.LIBVA_DRIVER_NAME = "iHD";
 
     "lidarr" = {
       after = [ "network.target" ];
@@ -425,7 +447,6 @@
       };
       wantedBy = [ "multi-user.target" ];
     };
-
   };
 
   systemd.paths."nftables-extra" = {
diff --git a/hosts/arrakis/hardware-configuration.nix b/hosts/arrakis/hardware-configuration.nix
index 0d24c12..21bd5a1 100644
--- a/hosts/arrakis/hardware-configuration.nix
+++ b/hosts/arrakis/hardware-configuration.nix
@@ -5,7 +5,7 @@
 
 {
   imports =
-    [ #(modulesPath + "/installer/scan/not-detected.nix")
+    [ (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
   boot = {
@@ -16,11 +16,6 @@
     zfs.extraPools = [ "data" ];
   };
 
-  environment.sessionVariables = {
-    LIBVA_DRIVER_NAME = "nvidia";
-    MOZ_DISABLE_RDD_SANDBOX = "1";
-  };
-
   fileSystems."/srv/caladan/downloads" = {
     device = "/data/home/nipsy/downloads";
     fsType = "none";
@@ -65,24 +60,4 @@
       "noauto"
     ];
   };
-
-  hardware = {
-    bluetooth.enable = true;
-
-    graphics = {
-      enable = true;
-      extraPackages = [ pkgs.nvidia-vaapi-driver ];
-      extraPackages32 = [ pkgs.pkgsi686Linux.nvidia-vaapi-driver ];
-    };
-
-    nvidia = let
-      betaPkg = config.boot.kernelPackages.nvidiaPackages.beta;
-      pkgAfterFbc = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.fbc then pkgs.nvidia-patch.patch-fbc betaPkg else betaPkg;
-      finalPkg = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.nvenc then pkgs.nvidia-patch.patch-nvenc pkgAfterFbc else pkgAfterFbc;
-    in {
-      modesetting.enable = true;
-      open = true;
-      package = if finalPkg == betaPkg then betaPkg else finalPkg;
-    };
-  };
 }
diff --git a/hosts/arrakis/services.nix b/hosts/arrakis/services.nix
index 51f9e59..697c25b 100644
--- a/hosts/arrakis/services.nix
+++ b/hosts/arrakis/services.nix
@@ -365,7 +365,7 @@
       pkgs.vial
     ];
 
-    xserver.videoDrivers = [ "nvidia" ];
+    #xserver.videoDrivers = [ "nvidia" ];
 
   };
 
diff --git a/hosts/caladan/default.nix b/hosts/caladan/default.nix
index b42dd03..47bf878 100644
--- a/hosts/caladan/default.nix
+++ b/hosts/caladan/default.nix
@@ -68,7 +68,7 @@
     pkgs.umoria
     pkgs.unshield
     pkgs.vial
-    pkgs.vice
+    #pkgs.vice
     #pkgs.warzone2100
     pkgs.wayback-x11
     pkgs.wpa_supplicant
@@ -93,6 +93,7 @@
     ../common/optional/printer.nix
     ../common/optional/sdr.nix
     ../common/optional/services/chrony.nix
+    ../common/optional/services/fwupd.nix
     ../common/optional/services/openssh.nix
     #../common/optional/services/wayland.nix
     ../common/optional/services/xorg.nix
diff --git a/hosts/common/core/default.nix b/hosts/common/core/default.nix
index f332f07..c2a9c85 100644
--- a/hosts/common/core/default.nix
+++ b/hosts/common/core/default.nix
@@ -112,7 +112,17 @@
   hardware.enableRedistributableFirmware = true;
 
   programs.atop.enable = true;
-  programs.gnupg.agent.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableExtraSocket = true;
+    enableSSHSupport = true;
+    settings = {
+      default-cache-ttl = 43200;
+      default-cache-ttl-ssh = 43200;
+      max-cache-ttl = 86400;
+      max-cache-ttl-ssh = 86400;
+    };
+  };
   programs.iftop.enable = true;
   programs.mtr.enable = true;
   programs.tmux.enable = true;
diff --git a/hosts/common/optional/misc.nix b/hosts/common/optional/misc.nix
index a784324..6c78ab5 100644
--- a/hosts/common/optional/misc.nix
+++ b/hosts/common/optional/misc.nix
@@ -8,7 +8,7 @@
     pkgs.aspellDicts.en-computers
     pkgs.aspellDicts.en-science
     pkgs.dict
-    pkgs.encfs
+    #pkgs.encfs
     pkgs.enscript
     pkgs.expect
     pkgs.fio
diff --git a/hosts/common/optional/services/nsd/bitgnome.net.zone b/hosts/common/optional/services/nsd/bitgnome.net.zone
index 76e1df5..6554d68 100644
--- a/hosts/common/optional/services/nsd/bitgnome.net.zone
+++ b/hosts/common/optional/services/nsd/bitgnome.net.zone
@@ -3,7 +3,7 @@ $ORIGIN bitgnome.net.
 $TTL 1h
 
 @			in	soa	ns.bitgnome.net. nipsy.bitgnome.net. (
-	2026051501	; serial
+	2026060901	; serial
 	1d		; refresh
 	2h		; retry
 	4w		; expire
@@ -29,7 +29,7 @@ $TTL 1h
 ; name servers
 ns			in	a	5.161.149.85
 ns			in	aaaa	2a01:4ff:f0:e164::1
-ns2			in	a	67.5.101.3
+ns2			in	a	174.31.31.186
 
 ; srv records
 _xmpp-client._tcp	5m	in	srv	0 0 5222 bitgnome.net.
@@ -67,10 +67,10 @@ mta-sts		5m	in	cname	@
 ;royder			in	cname	@
 
 ; external machines
-arrakis		1m	in	a	67.5.101.3
+arrakis		1m	in	a	174.31.31.186
 ;darkstar	1m	in	a	66.69.213.114
 ;nb		1m	in	a	67.10.209.108
 ;terraria	1m	in	a	128.83.27.4
 ;caladan		1m	in	a	104.130.129.241
 ;caladan		1m	in	aaaa	2001:4800:7818:101:be76:4eff:fe03:db44
-darkstar	1m	in	a	67.5.101.3
+darkstar	1m	in	a	174.31.31.186