nixos

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs
commit fc045c0832f3c4c468f0deee0ceeb9d068f19a5e
parent 017a4e06d67ec49a91afaefeac1a6d6a085efb92
Author: Toni Brown <me@tb148.net>
Date:   Sun,  3 May 2026 02:31:47 +0800

enable idle detection for boinc

Diffstat:

Mlocal/service/boinc/default.nix | 65++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-


Alocal/service/boinc/idle_detect/default.nix | 44++++++++++++++++++++++++++++++++++++++++++++


Alocal/service/boinc/idle_detect/idle_detect.patch | 31+++++++++++++++++++++++++++++++


3 files changed, 139 insertions(+), 1 deletion(-)

diff --git a/local/service/boinc/default.nix b/local/service/boinc/default.nix
@@ -2,11 +2,74 @@
 	config,
 	pkgs,
 	...
-}: {
+}: let
+	idle_detect = pkgs.callPackage ./idle_detect/. {};
+in {
 	services.boinc.enable = true;
 	services.boinc.extraEnvPackages = [
 		pkgs.gmp
 		pkgs.ocl-icd
+		pkgs.podman
 		config.hardware.nvidia.package
 	];
+
+	users.users.event_detect = {
+		isSystemUser = true;
+		group = "event_detect";
+		extraGroups = ["input" "tty"];
+	};
+	users.groups.event_detect = {};
+
+	systemd.services.dc_event_detection = {
+		after = ["multi-user.target" "dev-shm.mount"];
+		description = "DC Event Detection Service";
+		wantedBy = ["multi-user.target"];
+		serviceConfig = {
+			Type = "simple";
+			ExecStartPre = "${pkgs.coreutils}/bin/sleep 5";
+			ExecStart = "${idle_detect}/bin/event_detect ${idle_detect}/etc/event_detect.conf";
+
+			Restart = "on-failure";
+			RestartSec = "5s";
+
+			RuntimeDirectory = "event_detect";
+			RuntimeDirectoryMode = "0755";
+
+			User = "event_detect";
+			Group = "event_detect";
+
+			# Filesystem Access Control
+			ProtectHome = true;
+			ProtectSystem = "strict";
+			ReadWritePaths = ["/dev/shm"];
+			PrivateTmp = true;
+			ProtectKernelTunables = true;
+			ProtectKernelModules = true;
+			ProtectControlGroups = true;
+			ProtectClock = true;
+			ProtectHostname = true;
+
+			# Process Execution Control
+			NoNewPrivileges = true;
+
+			# Network Access Control
+			PrivateNetwork = true;
+		};
+	};
+
+	systemd.user.services.dc_idle_detection = {
+		after = ["graphical-session.target"];
+		description = "BOINC Idle Detection Service";
+		wantedBy = ["graphical-session.target"];
+		serviceConfig = {
+			Type = "simple";
+			ExecStartPre = "${pkgs.coreutils}/bin/sleep 5";
+			ExecStart = "${idle_detect}/bin/idle_detect_wrapper.sh";
+			Restart = "on-failure";
+			RestartSec = "5s";
+			ProtectSystem = "strict";
+			ReadWritePaths = ["/run/event_detect"];
+			NoNewPrivileges = true;
+		};
+	};
 }
diff --git a/local/service/boinc/idle_detect/default.nix b/local/service/boinc/idle_detect/default.nix
@@ -0,0 +1,44 @@
+{
+	stdenv,
+	fetchFromGitHub,
+	cmake,
+	pkg-config,
+	ninja,
+	wayland-scanner,
+	dbus,
+	glib,
+	libevdev,
+	libx11,
+	libxscrnsaver,
+	wayland,
+}:
+stdenv.mkDerivation (finalAttrs: {
+		pname = "idle_detect";
+		version = "0.9.1.0";
+
+		src =
+			fetchFromGitHub {
+				owner = "jamescowens";
+				repo = "idle_detect";
+				tag = "${finalAttrs.version}";
+				hash = "sha256-KlA/vp+qDnaEhToCnh9oe2UlDQYQtCmGVWY1TpzQkWA=";
+			};
+
+		patches = [./idle_detect.patch];
+
+		nativeBuildInputs = [
+			cmake
+			pkg-config
+			ninja
+			wayland-scanner
+		];
+
+		buildInputs = [
+			dbus
+			glib
+			libevdev
+			libx11
+			libxscrnsaver
+			wayland
+		];
+	})
diff --git a/local/service/boinc/idle_detect/idle_detect.patch b/local/service/boinc/idle_detect/idle_detect.patch
@@ -0,0 +1,31 @@
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 1e80fcde21..69afc91c08 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -225,7 +225,7 @@
+ target_link_libraries(read_shmem_timestamps PRIVATE rt)
+ 
+ # Installation paths (parameterized)
+-set(INSTALL_BIN_DIR "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}" CACHE PATH "Installation directory for binaries")
++set(INSTALL_BIN_DIR "${CMAKE_INSTALL_BINDIR}" CACHE PATH "Installation directory for binaries")
+ 
+ if(EXISTS "${SYSCONF_INSTALL_DIR}")
+     set(INSTALL_CONFIG_DIR "${SYSCONF_INSTALL_DIR}" CACHE PATH "Installation directory for configuration files")
+@@ -239,7 +239,7 @@
+     # Force the single config file into /etc rather than ${PREFIX}/etc — the
+     # service files reference this path and relocating it complicates the
+     # template logic for no real gain.
+-    set(INSTALL_CONFIG_DIR "/${CMAKE_INSTALL_SYSCONFDIR}" CACHE PATH "Installation directory for configuration files")
++    set(INSTALL_CONFIG_DIR "${CMAKE_INSTALL_SYSCONFDIR}" CACHE PATH "Installation directory for configuration files")
+ endif()
+ 
+ set(INSTALL_SYSTEM_SERVICE_DIR "${CMAKE_INSTALL_PREFIX}/lib/systemd/system" CACHE PATH "Installation directory for the system level dc_event_detection service")
+@@ -280,7 +280,7 @@
+ )
+ 
+ # Define the standard XDG autostart directory
+-set(INSTALL_XDG_AUTOSTART_DIR "/etc/xdg/autostart" CACHE PATH "System-wide XDG autostart directory")
++set(INSTALL_XDG_AUTOSTART_DIR "${CMAKE_INSTALL_SYSCONFDIR}/xdg/autostart" CACHE PATH "System-wide XDG autostart directory")
+ install(FILES ${CMAKE_CURRENT_BINARY_DIR}/idle-detect-autostart.desktop DESTINATION ${INSTALL_XDG_AUTOSTART_DIR})
+ 
+ # Install default user service auto enable preset file