wip nice

common/default.nix

@@ -44,6 +44,8 @@ else
       ./sourceTree.nix
       ./units-impl.nix
       ./units-config.nix
+      ./nice-option.nix
+      ./nice-config.nix
       ./lix.nix
       ./git.nix
       ./hpn.nix

common/lib/default.nix

@@ -1,4 +1,34 @@
 { lib, config, ... }:
+let
+  inherit (builtins) isAttrs isInt isList isString isFunction isPath length tail head;
+  inherit (lib) types;
+  listToAttrsOfIndexes_impl = res: idx: list:
+    let
+      newName = head list;
+    in
+    assert isAttrs res;
+    assert isInt idx;
+    assert isList list;
+    assert isStringish newName;
+    assert !(res ? ${newName}); #no duplicates
+    if (length list) == 0 then res
+      else
+        listToAttrsOfIndexes_impl
+        (res // { newName = idx; })
+        (idx + 1)
+        (tail list)
+  ;
+  listToAttrsOfIndexes = list:
+    assert isList list;
+    listToAttrsOfIndexes_impl {} 0 list;
+  # true iff val can (probably) be interpolated
+  isStringish = val:
+    isString val || isPath val || (
+      isAttrs val &&
+        (if val ? __toString then isFunction val.__toString else val ? outPath && isStringish val.outPath)
+    )
+  ;
+in
 {
   imports = [
     ./makeWrapper.nix
@@ -7,15 +37,18 @@
   ];
 
   options.vacu.vaculib = lib.mkOption {
-    type = lib.types.anything;
+    type = types.attrsOf types.anything;
   };
 
   config._module.args.vaculib = config.vacu.vaculib;
 
-  config.vacu.vaculib.mkOutOption =
+  config.vacu.vaculib = {
-    val:
+    mkOutOption = val:
       lib.mkOption {
         readOnly = true;
         default = val;
+      }
+    ;
+    inherit listToAttrsOfIndexes isStringish;
   };
 }

common/nice-config.nix

@@ -0,0 +1,172 @@
+{
+  lib,
+  config,
+  vacuModuleType,
+  ...
+}:
+let
+  nice = config.vacu.nice;
+  serviceNice = name: { serviceConfig = {
+    Nice = nice.${name};
+    X-VacuExplicitNice = true;
+  }; };
+  noNice = { serviceConfig.X-VacuExplicitNice = true; };
+in
+{ imports = [
+{
+  config.vacu.nice = {
+    oomd = -15;
+    input = -14;
+    tty = -13;
+    sshServer = -12;
+    adminShell = -11;
+    adminShellCommand = -10;
+    udev = -10;
+    importantServices = -9;
+    graphicsDM = -8;
+    graphicsKonsole = -7;
+    audio = -6;
+    graphicsLight = -5;
+    network = -4;
+    zfs = -3; # the userland stuff, so not super important
+    peripherals = -2; # interacting with all the incidental/misc parts of the hardware. Battery status, lights, rfkill, thunderbolt ...
+    database = -1;
+    default = 0;
+    shellCommand = 1;
+    frontproxy = 2;
+    normalContainer = 3;
+    graphicsAppHeavy = 4;
+    bulkContainer = 5;
+    bulk = 6;
+    nixbuild = 7;
+  };
+}
+(lib.optionalAttrs vacuModuleType == "nixos" {
+  systemd.services = {
+    bluetooth = serviceNice "peripherals";
+    bolt = serviceNice "peripherals";
+    "console-getty" = serviceNice "tty";
+    "container@" = serviceNice "normalContainer";
+    dbus-broker = serviceNice "importantServices";
+    dbus = serviceNice "importantServices";
+    display-manager = serviceNice "graphicsDM";
+    debug-shell = serviceNice "tty";
+    emergency = serviceNice "tty";
+    firewall = serviceNice "network";
+    fwupd = serviceNice "bulk";
+    "getty@" = serviceNice "tty";
+    iio-sensor-proxy = serviceNice "peripherals";
+    interception-tools = serviceNice "input";
+    kmod-static-nodes = serviceNice "importantServices";
+    logrotate-checkconf = serviceNice "importantServices";
+    ModemManager = serviceNice "network";
+    mount-pstore = serviceNice "importantServices";
+    network-local-commands = serviceNice "network";
+    network-setup = serviceNice "network";
+    NetworkManager-wait-online = serviceNice "network";
+    NetworkManager = serviceNice "network";
+    nix-daemon = serviceNice "nixbuild";
+    nix-gc = serviceNice "nixbuild";
+    nix-optimise = serviceNice "nixbuild";
+    nscd = serviceNice "importantService";
+    openvpn-restart = serviceNice "network";
+    polkit = serviceNice "importantServices";
+    postgresql = serviceNice "database";
+    post-resume = serviceNice "importantServices";
+    power-profiles-daemon = serviceNice "peripherals";
+    pre-sleep = serviceNice "importantServices";
+    prepare-kexec = serviceNice "importantServices";
+    reload-systemd-vconsole-setup = serviceNice "importantServices";
+    rescue = serviceNice "importantServices";
+    resolvconf = serviceNice "network";
+    rtkit-daemon = serviceNice "importantServices";
+    save-hwclock = serviceNice "importantServices";
+    "serial-getty@" = serviceNice "tty";
+    sshd = serviceNice "sshServer";
+    suid-sgid-wrappers = serviceNice "importantServices";
+    systemd-ask-password-console = serviceNice "importantServices";
+    systemd-ask-password-wall = serviceNice "importantServices";
+    "systemd-backlight@" = serviceNice "graphicsLight";
+    systemd-binfmt = serviceNice "importantServices";
+    systemd-boot-random-seed = serviceNice "importantServices";
+    "systemd-fsck@" = serviceNice "importantServices";
+    systemd-hibernate = serviceNice "importantServices";
+    systemd-hostnamed = serviceNice "importantServices";
+    systemd-hybrid-sleep = serviceNice "importantServices";
+    systemd-importd = serviceNice "bulk";
+    systemd-journal-catalog-update = serviceNice "importantServices";
+    systemd-journal-flush = serviceNice "importantServices";
+    systemd-journald = serviceNice "importantServices";
+    "systemd-journald@" = serviceNice "importantServices";
+    systemd-kexec = serviceNice "importantServices";
+    systemd-localed = serviceNice "importantServices";
+    systemd-logind = serviceNice "tty";
+    systemd-machined = serviceNice "importantServices";
+    systemd-modules-load = serviceNice "importantServices";
+    systemd-oomd = serviceNice "oomd";
+    systemd-random-seed = serviceNice "importantServices";
+    systemd-remount-fs = serviceNice "importantServices";
+    systemd-sysctl = serviceNice "importantServices";
+    systemd-timesyncd = serviceNice "network";
+    systemd-tmpfiles-setup-dev-early = serviceNice "importantServices";
+    systemd-tmpfiles-setup-dev = serviceNice "importantServices";
+    systemd-tmpfiles-setup = serviceNice "importantServices";
+    systemd-udev-trigger = serviceNice "udev";
+    systemd-udevd = serviceNice "udev";
+    systemd-update-utmp = serviceNice "importantService";
+    systemd-user-sessions = serviceNice "importantService";
+    systemd-vconsole-setup = serviceNice "tty";
+    udisks2 = serviceNice "peripherals";
+    upower = serviceNice "peripherals";
+    "user@" = noNice;
+    "user-runtime-dir@" = serviceNice "importantServices";
+    waydroid-container = serviceNice "bulk";
+    wpa_supplicant = serviceNice "network";
+    zfs-share = serviceNice "zfs";
+    zfs-zes = serviceNice "zfs";
+  };
+  systemd.user.services = {
+    "app-blueman@" = serviceNice "peripherals";
+    "app-brave@" = serviceNice "graphicsAppHeavy";
+    "app-Nextcloud@" = serviceNice "bulk";
+    "app-nheko@" = serviceNice "graphicsAppHeavy";
+    "app-obsidian@" = serviceNice "graphicsAppHeavy";
+    "app-org.kde.dolphin@" = serviceNice "graphicsLight";
+    "app-org.kde.gwenview@" = serviceNice "graphicsLight";
+    "app-org.kde.kalendarac@" = serviceNice "graphicsLight";
+    "app-org.kde.konsole@" = serviceNice "graphicsKonsole";
+    "app-org.kde.kunifiedpush\\x2ddistributor@" = serviceNice "graphicsLight";
+    "app-org.kde.xwaylandvideobridge@" = serviceNice "graphicsLight";
+    "app-signal\\x2ddesktop@" = serviceNice "graphicsAppHeavy";
+    "app-systemsettings@" = serviceNice "graphicsLight";
+    "app-thunderbird@" = serviceNice "graphicsAppHeavy";
+    "at-spi-dbus-bus" = serviceNice "graphicsDM";
+    "dbus" = serviceNice "graphicsDM";
+    "dconf" = serviceNice "graphicsDM";
+    "kde-baloo" = serviceNice "bulk";
+    "obex" = serviceNice "graphicsLight";
+    "pipewire-pulse" = serviceNice "audio";
+    "pipewire" = serviceNice "audio";
+    "plasma-baloorunner" = serviceNice "graphicsDM";
+    "plasma-gmenudbusmenuproxy" = serviceNice
+  };
+  vacu.shell.initLines = lib.mkBefore ''
+    if [[ -z "$VACU_DO_RENICE" ]]; then
+      new_nice="''${VACU_DO_RENICE:-${toString nice.default}}"
+      renice --priority $new_nice --pid $$ || true
+    fi
+  '';
+  security.pam.loginLimits = [
+    {
+      domain = "@${users.groups.wheel.name}";
+      item = "priority";
+      value = toString nice.adminShell;
+    }
+    {
+      domain = "root";
+      item = "priority";
+      value = toString nice.adminShell;
+    }
+  ];
+})
+]

common/nice-option.nix

@@ -0,0 +1,29 @@
+{
+  lib,
+  config,
+  ...
+}:
+let
+  inherit (lib) mkOption types;
+in
+{
+  options.vacu.nice = mkOption {
+    default = { };
+    type = types.attrsOf (types.ints.between (-20) 19);
+  };
+
+  config.vacu.nice.default = 0;
+
+  config.vacu.versionInfo.nice = config.vacu.nice;
+
+  config.vacu.assertions = [
+    {
+      assertion = config.vacu.nice ? default;
+      message = ''vacu.nice must have a "default"'';
+    }
+    {
+      assertion = !(config.vacu.nice ? default) || config.vacu.nice.default == 0;
+      message = ''vacu.nice.default must be set to 0'';
+    }
+  ];
+}

common/nix-on-droid.nix

@@ -13,8 +13,8 @@ lib.optionalAttrs (vacuModuleType == "nix-on-droid") {
   nix.substituters = lib.mkForce config.vacu.nix.substituterUrls;
   nix.trustedPublicKeys = lib.mkForce config.vacu.nix.trustedKeys;
   vacu.shell.functionsDir = "${config.user.home}/.nix-profile/share/vacufuncs";
-  environment.etc.bashrc.text = config.vacu.shell.interactiveLines;
+  environment.etc.bashrc.text = config.vacu.shell.initLines;
-  environment.etc.profile.text = config.vacu.shell.interactiveLines;
+  environment.etc.profile.text = config.vacu.shell.initLines;
   environment.etc."vacu/info.json".text = builtins.toJSON config.vacu.versionInfo;
 
   vacu.hostName = mkDefault "nix-on-droid";

common/nixos.nix

@@ -99,7 +99,7 @@ lib.optionalAttrs (vacuModuleType == "nixos") {
       "/share/vacufuncs"
       "/etc/chromium"
     ];
-    programs.bash.interactiveShellInit = config.vacu.shell.interactiveLines;
+    programs.bash.shellInit = config.vacu.shell.initLines;
     programs.bash.promptInit = lib.mkForce "";
   };
 }

common/shell/default.nix

@@ -22,7 +22,7 @@ let
       '';
     };
   functionPackages = lib.mapAttrsToList writeShellFunction cfg.functions;
-  vacuInitFile = pkgs.writeText "vacu.shell.interactiveLines.sh" cfg.interactiveLines;
+  vacuInitFile = pkgs.writeText "vacu.shell.initLines.sh" cfg.initLines;
   wrappedBashPkg = vaculib.makeWrapper {
     original = pkgs.bash;
     new = "vacuinit-bash";
@@ -44,9 +44,9 @@ in
       type = types.path;
       default = "/run/current-system/sw/share/vacufuncs";
     };
-    vacu.shell.interactiveLines = mkOption {
+    vacu.shell.initLines = mkOption {
       type = types.lines;
-      readOnly = true;
+      default = "";
     };
     vacu.shell.wrappedBash = mkOption {
       readOnly = true;
@@ -77,7 +77,7 @@ in
         white = 37;
       };
     };
-    shell.interactiveLines = ''
+    shell.initLines = ''
       if [[ $- == *i* ]] && [[ -f ${cfg.functionsDir}/vacureload ]]; then
         function __vacushell_load() { eval "$(cat ${cfg.functionsDir}/vacureload)"; }
         __vacushell_load

triple-dezert/nice.nix

@@ -0,0 +1,18 @@
+{
+  config,
+  ...
+}:
+let
+  serviceNice = name: { serviceConfig.Nice = config.vacu.nice.${name}; };
+in
+{
+  config.systemd.services = {
+    "container@frontproxy" = serviceNice "frontproxy";
+    "container@yt-archive" = serviceNice "bulkContainer";
+    "container@gallerygrab" = serviceNice "bulkContainer";
+    "container@llm" = serviceNice "bulkContainer";
+    "container@emily" = serviceNice "bulkContainer";
+    "openvpn-awootrip" = serviceNice "networkLame";
+    postgresql = serviceNice "database";
+  };
+}