From 7bb7560f229549b5d411af7d3057d8a3830d049d Mon Sep 17 00:00:00 2001
From: Fuwn <contact@fuwn.me>
Date: Sat, 31 Aug 2024 01:12:40 -0700
Subject: ok

---
 modules/environment/system-packages/default.nix | 10 ++++++++++
 modules/hardware/nvidia.nix                     | 24 +++++++++++++-----------
 modules/nix.nix                                 |  4 +++-
 modules/virtualisation.nix                      | 22 +++++++++++++++++++++-
 4 files changed, 47 insertions(+), 13 deletions(-)

diff --git a/modules/environment/system-packages/default.nix b/modules/environment/system-packages/default.nix
index 228280c..a43d8c3 100644
--- a/modules/environment/system-packages/default.nix
+++ b/modules/environment/system-packages/default.nix
@@ -12,5 +12,15 @@
     git
     mediastreamer-openh264
     pinentry
+    nvidia-container-toolkit
+    nvidia-docker
+    runc
+  ];
+
+  systemd.services.containerd.path = with pkgs; [
+    containerd
+    runc
+    iptables
+    nvidia-docker
   ];
 }
diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix
index d6c16e2..31e2100 100644
--- a/modules/hardware/nvidia.nix
+++ b/modules/hardware/nvidia.nix
@@ -1,17 +1,19 @@
 { config, ... }:
 {
-  hardware.nvidia = {
-    modesetting.enable = true;
-    open = false;
-    nvidiaSettings = true;
-    package = config.boot.kernelPackages.nvidiaPackages.beta;
-    forceFullCompositionPipeline = true;
+  hardware = {
+    nvidia-container-toolkit.enable = true;
 
-    powerManagement = {
-      enable = true;
-      finegrained = false;
-    };
+    nvidia = {
+      modesetting.enable = true;
+      open = false;
+      nvidiaSettings = true;
+      package = config.boot.kernelPackages.nvidiaPackages.production;
+      forceFullCompositionPipeline = true;
 
-    prime.nvidiaBusId = "PCI:43:0:0";
+      powerManagement = {
+        enable = true;
+        finegrained = false;
+      };
+    };
   };
 }
diff --git a/modules/nix.nix b/modules/nix.nix
index c6b227a..943606d 100644
--- a/modules/nix.nix
+++ b/modules/nix.nix
@@ -22,7 +22,8 @@
         "https://nix-community.cachix.org"
         "https://hyprland.cachix.org"
         "https://nyx.chaotic.cx/"
-        "https://nixpkgs-wayland.cachix.org/"
+        "https://nixpkgs-wayland.cachix.org"
+        "https://cuda-maintainers.cachix.org"
       ];
 
       trusted-public-keys = [
@@ -30,6 +31,7 @@
         "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
         "nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
         "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
+        "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
       ];
 
       experimental-features = [
diff --git a/modules/virtualisation.nix b/modules/virtualisation.nix
index 442cbf7..9355893 100644
--- a/modules/virtualisation.nix
+++ b/modules/virtualisation.nix
@@ -1,13 +1,33 @@
+{ pkgs, lib, ... }:
 {
   virtualisation = {
     docker = {
       enable = true;
       storageDriver = "btrfs";
       enableOnBoot = false;
+      liveRestore = true;
+      enableNvidia = lib.mkForce true;
+
+      daemon.settings = {
+        default-runtime = "nvidia";
+        # runtimes.nvidia.path = "${pkgs.nvidia-docker}/bin/nvidia-container-runtime";
+        experimental = true;
+      };
+
+      autoPrune = {
+        enable = false;
+        dates = "daily";
+      };
 
       rootless = {
-        enable = true;
+        enable = false;
         setSocketVariable = true;
+
+        daemon.settings = {
+          default-runtime = "nvidia";
+          runtimes.nvidia.path = "${pkgs.nvidia-docker}/bin/nvidia-container-runtime";
+          experimental = true;
+        };
       };
     };
 
-- 
cgit v1.2.3