me like nix
1{ inputs, ... }: {
2 flake.modules.nixos.mira-extras =
3 { pkgs, config, lib, ... }:
4 let
5 bambu-studio =
6 let
7 pname = "bambu-studio";
8 version = "02.05.00.67";
9 ubuntu_version = "24.04_PR-9540";
10
11 src = pkgs.fetchurl {
12 url = "https://github.com/bambulab/BambuStudio/releases/download/v${version}/Bambu_Studio_ubuntu-${ubuntu_version}.AppImage";
13 hash = "sha256-3ubZblrsOJzz1p34QiiwiagKaB7nI8xDeadFWHBkWfg=";
14 };
15
16 appimage-contents = pkgs.appimageTools.extractType2 {
17 inherit src pname version;
18 };
19
20 wrapped = pkgs.appimageTools.wrapType2 {
21 inherit src pname version;
22
23 profile = ''
24 export SSL_CERT_FILE="${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"
25 export GIO_MODULE_DIR="${pkgs.glib-networking}/lib/gio/modules/"
26 export __GLX_VENDOR_LIBRARY_NAME=nvidia
27 '';
28
29 extraPkgs =
30 p: with p; [
31 cacert
32 glib
33 glib-networking
34 gst_all_1.gst-plugins-bad
35 gst_all_1.gst-plugins-base
36 gst_all_1.gst-plugins-good
37 webkitgtk_4_1
38 ];
39 };
40 in
41 pkgs.runCommand "bambu-studio-${version}" { } ''
42 mkdir -p $out/bin
43 ln -s ${wrapped}/bin/${pname} $out/bin/bambu-studio
44 ln -s ${wrapped}/bin/${pname} $out/bin/BambuStudio
45
46 mkdir -p $out/share/applications
47 substitute ${appimage-contents}/BambuStudio.desktop $out/share/applications/BambuStudio.desktop \
48 --replace-fail "Exec=AppRun" "Exec=$out/bin/BambuStudio"
49
50 if [ -d ${appimage-contents}/usr/share/icons ]; then
51 cp -r ${appimage-contents}/usr/share/icons $out/share/
52 fi
53 '';
54 in
55 {
56 networking.hostName = "mira";
57
58 # Enable QEMU emulation for aarch64 (for building Pi images)
59 boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
60
61 # Prevent NetworkManager from managing USB Ethernet
62 networking.networkmanager.unmanaged = [ "interface-name:enp0s20f0u4u3" ];
63
64 # Avahi (mDNS discovery)
65 services.avahi = {
66 enable = true;
67 nssmdns4 = true;
68 openFirewall = true;
69 };
70
71 services.copyparty.enable = true;
72
73 # SSH
74 services.openssh = {
75 enable = true;
76 settings = {
77 PasswordAuthentication = false;
78 KbdInteractiveAuthentication = false;
79 PermitRootLogin = "no";
80 AllowUsers = [ "sean" ];
81 };
82 };
83
84 # trmnl-rs server
85 systemd.services.trmnl-rs = {
86 description = "TRMNL Server";
87 wantedBy = [ "multi-user.target" ];
88 wants = [ "network-online.target" ];
89 after = [
90 "network-online.target"
91 "nss-lookup.target"
92 ];
93 serviceConfig = {
94 ExecStart = "${inputs.trmnl-rs.packages.x86_64-linux.default}/bin/server";
95 Restart = "on-failure";
96 RestartSec = 5;
97 DynamicUser = true;
98 StateDirectory = "trmnl-rs";
99 WorkingDirectory = "/var/lib/trmnl-rs";
100 };
101 };
102
103 environment.systemPackages = [
104 pkgs.lm_sensors
105 bambu-studio
106 ];
107
108 # Firewall
109 networking.firewall.allowedTCPPorts = [
110 8096 # jellyfin
111 5055 # jellyseer
112 3000 # vite dev port
113 1883 # MQTT for Tasmota devices
114 2300 # trmnl
115 5000 # Frigate web UI
116 8971 # Frigate API
117 config.services.home-assistant.config.http.server_port
118 ];
119 networking.firewall.allowedUDPPorts = [ ];
120
121 system.stateVersion = "25.05";
122 };
123}