{ config, lib, pkgs, ... }: with lib; let primaryIp = pkgs.lib.getHostIpv4 "zbox"; openVinoModel = "ssdlite_mobilenet_v2"; libedgetpu = config.boot.kernelPackages.callPackage ./zbox/pkgs/libedgetpu.nix { }; in { config = { networking = { useDHCP = false; interfaces.intif0 = { ipv4.addresses = [{ address = primaryIp; prefixLength = 22; }]; }; firewall.enable = false; defaultGateway = { address = "10.0.0.1"; interface = "intif0"; }; }; boot = let gasket = config.boot.kernelPackages.callPackage ./zbox/pkgs/gasket.nix { }; in { extraModulePackages = [ gasket ]; kernelModules = [ "gasket" ]; }; users.groups.plugdev = { }; virtualisation = { podman = { enable = true; dockerSocket.enable = true; autoPrune.enable = true; enableNvidia = true; }; arion.backend = "podman-socket"; }; services = { frigateContainer = { state-directory = "/state/services/frigate"; # hwaccel = "preset-vaapi"; devices = [ "/dev/apex_0" "/dev/dri/renderD128" ]; detectors = { coral = { type = "edgetpu"; device = ""; }; }; }; udev = { packages = [ "${libedgetpu}" ]; extraRules = '' SUBSYSTEM=="pci",ATTRS{device}=="089a",GROUP="plugdev" SUBSYSTEM=="apex",ATTRS{device_type}=="apex",GROUP="plugdev" ''; }; xserver = { enable = mkForce true; videoDrivers = [ "nvidia" ]; }; nginx = { enable = true; recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; virtualHosts = { "frigate.sea.fudo.org" = { locations."/" = { proxyPass = "http://localhost:5000"; proxyWebsockets = true; }; }; "cam.sea.fudo.ninja" = { locations."/" = { proxyPass = "http://localhost:5000"; proxyWebsockets = true; }; }; }; }; }; security.sudo.extraConfig = '' # Due to rollback, sudo will lecture after every reboot Defaults lecture = never ''; }; }