From 9311af020e37bc7615e303d3caebd0315253b3e5 Mon Sep 17 00:00:00 2001
From: Joeri Exelmans <joeri.exelmans@gmail.com>
Date: Thu, 6 Nov 2025 00:05:49 +0100
Subject: [PATCH] bunch of outstanding changes + add MTL-aas

---
 common/mtl-aas.nix          | 39 +++++++++++++++++++++++++++++++++++++
 deemz.org/configuration.nix |  4 ++++
 flake.lock                  | 12 ++++++------
 flake.nix                   |  8 +++++++-
 msdl/configuration.nix      |  1 +
 t14/configuration.nix       |  8 +++++++-
 t14/system-packages.nix     |  4 ++++
 7 files changed, 68 insertions(+), 8 deletions(-)
 create mode 100644 common/mtl-aas.nix

diff --git a/common/mtl-aas.nix b/common/mtl-aas.nix
new file mode 100644
index 0000000..9f19cdc
--- /dev/null
+++ b/common/mtl-aas.nix
@@ -0,0 +1,39 @@
+# Example configuration:
+#  host: deemz.org
+#  refineryBaseUrl: /refinery
+
+{ config, pkgs, mtlAasHost, mtlAasBaseUrl, ... }:
+{
+  # reverse proxy
+  services.nginx = {
+    enable = true;
+
+    virtualHosts.${mtlAasHost} = {
+      locations."${mtlAasBaseUrl}/" = {
+        proxyPass = "http://127.0.0.1:15478/";
+        extraConfig = ''
+          charset UTF-8;
+          more_set_headers 'Server: NIXOS';
+        '';
+      };
+
+      serverName = mtlAasHost;
+    };
+  };
+
+  # run refinery container as a systemd service
+  systemd.services.mtl-aas = {
+    script = ''
+      ${mtl-aas}/bin/run_server
+    '';
+    serviceConfig = {
+      Type = "exec";
+      User = "mtl-aas";
+    };
+  };
+  users.users.mtl-aas = {
+    isSystemUser = true;
+    group = "mtl-aas";
+  };
+  users.groups.mtl-aas = {};
+}
diff --git a/deemz.org/configuration.nix b/deemz.org/configuration.nix
index 4d7c650..970e430 100644
--- a/deemz.org/configuration.nix
+++ b/deemz.org/configuration.nix
@@ -299,6 +299,10 @@ let secrets = import ../secrets.nix; in
         proxyWebsockets = true;
       };
 
+      locations."/apis/mtl-aas/" = {
+        proxyPass = "http://127.0.0.1:15478/";
+      };
+
       forceSSL = true;
       enableACME = true;
       extraConfig = ''
diff --git a/flake.lock b/flake.lock
index e8dd55c..38474a2 100644
--- a/flake.lock
+++ b/flake.lock
@@ -22,11 +22,11 @@
     },
     "nixpkgs-stable": {
       "locked": {
-        "lastModified": 1758589230,
-        "narHash": "sha256-zMTCFGe8aVGTEr2RqUi/QzC1nOIQ0N1HRsbqB4f646k=",
+        "lastModified": 1760862643,
+        "narHash": "sha256-PXwG0TM7Ek87DNx4LbGWuD93PbFeKAJs4FfALtp7Wo0=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d1d883129b193f0b495d75c148c2c3a7d95789a0",
+        "rev": "33c6dca0c0cb31d6addcd34e90a63ad61826b28c",
         "type": "github"
       },
       "original": {
@@ -38,11 +38,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1758427187,
-        "narHash": "sha256-pHpxZ/IyCwoTQPtFIAG2QaxuSm8jWzrzBGjwQZIttJc=",
+        "lastModified": 1760878510,
+        "narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "554be6495561ff07b6c724047bdd7e0716aa7b46",
+        "rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 6cbea70..c924f3d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -8,9 +8,13 @@
       url = "git+https://deemz.org/git/joeri/icomidal";
       inputs.nixpkgs.follows = "nixpkgs-stable";
     };
+    mtl-aas = {
+      url = "git+https://deemz.org/git/teaching/mtl-aas";
+      inputs.nixpkgs.follows = "nixpkgs-stable";
+    };
   };
 
-  outputs = { self, nixpkgs-stable, nixpkgs-unstable, icomidal }:
+  outputs = { self, nixpkgs-stable, nixpkgs-unstable, icomidal, mtl-aas }:
     let 
       system = "x86_64-linux";
     in {
@@ -27,10 +31,12 @@
             icomidal=icomidal.packages.${system}.default;
             refineryHost = "deemz.org";
             refineryBaseUrl = "/refinery";
+            mtl-aas=mtl-aas.packages.${system}.default;
           };
           modules = [
             ./deemz.org/configuration.nix
             ./common/refinery.nix
+            ./common/mtl-aas.nix
           ];
         };
         msdl = nixpkgs-stable.lib.nixosSystem {
diff --git a/msdl/configuration.nix b/msdl/configuration.nix
index c7df19b..369f0df 100644
--- a/msdl/configuration.nix
+++ b/msdl/configuration.nix
@@ -78,6 +78,7 @@
 
   services.nginx = {
     enable = true;
+    
     recommendedGzipSettings = true;
     recommendedOptimisation = true;
     recommendedProxySettings = true;
diff --git a/t14/configuration.nix b/t14/configuration.nix
index be030f2..487fcba 100644
--- a/t14/configuration.nix
+++ b/t14/configuration.nix
@@ -183,9 +183,14 @@
   virtualisation.docker.enable = true;
 
   # KDE config
-  services.desktopManager.plasma6.enable = true;
+  #services.desktopManager.plasma6.enable = true;
   #services.xserver.desktopManager.xfce.enable = true;
 
+
+  # GNOME
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true; 
+
   # firmware updates
   services.fwupd.enable = true;
 
@@ -204,6 +209,7 @@
   services.udev.extraRules = ''
     ACTION=="add", SUBSYSTEM=="usb", DRIVERS=="usb", ATTR{power/wakeup}="disabled"
   '';
+  services.udev.packages = with pkgs; [ gnome-settings-daemon ];
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
diff --git a/t14/system-packages.nix b/t14/system-packages.nix
index 7f8a7b1..8898bd0 100644
--- a/t14/system-packages.nix
+++ b/t14/system-packages.nix
@@ -44,6 +44,7 @@ in [
   xfce.xfce4-weather-plugin
   alacritty
   xorg.xkill
+  gpu-screen-recorder-gtk # great screen recorder
 
   # Programming
   git
@@ -118,4 +119,7 @@ in [
   qdigidoc
 
   solaar # extra options for logitech mouse
+
+  # GNOME stuff
+  gnomeExtensions.appindicator
 ]