From 8d04dd72f1b32f0f61487690dfbeaaed63335833 Mon Sep 17 00:00:00 2001 From: Ophestra Date: Sat, 25 Jan 2025 18:05:18 +0900 Subject: [PATCH] nix: mount nvidia devices These non-standard paths are required in the sandbox for nvidia drivers to work. Signed-off-by: Ophestra --- nixos.nix | 60 +++++++++++++++++++++++++++---------------------------- 1 file changed, 29 insertions(+), 31 deletions(-) diff --git a/nixos.nix b/nixos.nix index 02d94f9..bd0d7af 100644 --- a/nixos.nix +++ b/nixos.nix @@ -124,42 +124,40 @@ in map_real_uid = app.mapRealUid; no_new_session = app.tty; filesystem = + let + bind = src: { inherit src; }; + mustBind = src: { + inherit src; + require = true; + }; + devBind = src: { + inherit src; + dev = true; + }; + in [ - { src = "/bin"; } - { src = "/usr/bin"; } - { src = "/nix/store"; } - { src = "/run/current-system"; } - { - src = "/sys/block"; - require = false; - } - { - src = "/sys/bus"; - require = false; - } - { - src = "/sys/class"; - require = false; - } - { - src = "/sys/dev"; - require = false; - } - { - src = "/sys/devices"; - require = false; - } + (mustBind "/bin") + (mustBind "/usr/bin") + (mustBind "/nix/store") + (mustBind "/run/current-system") + (bind "/sys/block") + (bind "/sys/bus") + (bind "/sys/class") + (bind "/sys/dev") + (bind "/sys/devices") ] ++ optionals app.nix [ - { src = "/nix/var"; } - { src = "/var/db/nix-channels"; } + (mustBind "/nix/var") + (bind "/var/db/nix-channels") ] ++ optionals (if app.gpu != null then app.gpu else app.capability.wayland || app.capability.x11) [ - { src = "/run/opengl-driver"; } - { - src = "/dev/dri"; - dev = true; - } + (bind "/run/opengl-driver") + (devBind "/dev/dri") + (devBind "/dev/nvidiactl") + (devBind "/dev/nvidia-modeset") + (devBind "/dev/nvidia-uvm") + (devBind "/dev/nvidia-uvm-tools") + (devBind "/dev/nvidia0") ] ++ app.extraPaths; auto_etc = true;