feat: Add nvidia compatibility option for LXC devices

docs/INVENTORY.md

@@ -343,6 +343,34 @@ nix-lxc = {
 };
 ```
 
+### Proxmox LXC with NVIDIA (Dual P40 Example)
+
+```nix
+nix-lxc = {
+  devices = {
+    "gpu-builder" = {
+      athenix.host.useHostPrefix = false;
+      athenix.sw.type = "headless";
+
+      # Optional NVIDIA containerization support
+      athenix.hw.nix-lxc.cuda = {
+        enable = true;
+        # Expose both GPUs (index-based)
+        visibleDevices = [ "0" "1" ];
+        # Select a compatible driver branch for older cards when needed
+        driver.channel = "legacy_470";
+        driverCapabilities = [ "compute" "utility" ];
+      };
+    };
+  };
+};
+```
+
+Notes:
+- Proxmox host must provide `/dev/nvidia*` devices to the container.
+- Use `driver.channel = "dc_550"` (default) for newer datacenter cards when supported.
+- Use `driver.package` only when you need an explicit package override.
+
 ### WSL Instances
 
 ```nix

docs/NAMESPACE.md

@@ -5,6 +5,7 @@ All UGA Innovation Factory-specific options are in the `athenix` namespace to av
 ## Table of Contents
 
 - [Host Configuration (`athenix.host`)](#host-configuration-athenixhost)
+- [Hardware Type Configuration (`athenix.hw`)](#hardware-type-configuration-athenixhw)
 - [Software Configuration (`athenix.sw`)](#software-configuration-athenixsw)
 - [User Management (`athenix.users`)](#user-management-athenixusers)
 - [Convenience Options](#convenience-options)
@@ -90,6 +91,69 @@ Default WSL user account (only for `nix-wsl` type).
 athenix.host.wsl.user = "myusername";
 ```
 
+## Hardware Type Configuration (`athenix.hw`)
+
+Hardware-type specific options. These are usually set in per-device config or fleet overrides.
+
+### `athenix.hw.nix-lxc.cuda.enable`
+
+Enable NVIDIA CUDA container support for Proxmox LXC hosts.
+
+**Type:** Boolean
+
+**Default:** `false`
+
+### `athenix.hw.nix-lxc.cuda.visibleDevices`
+
+Select which NVIDIA GPUs are exposed to containerized workloads.
+
+**Type:** List of strings
+
+**Default:** `[ "all" ]`
+
+**Examples:**
+- `[ "all" ]`
+- `[ "0" "1" ]` (for dual-GPU systems)
+- `[ "GPU-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" ]`
+
+### `athenix.hw.nix-lxc.cuda.driverCapabilities`
+
+Sets `NVIDIA_DRIVER_CAPABILITIES` for container runtimes.
+
+**Type:** List of strings
+
+**Default:** `[ "compute" "utility" ]`
+
+**Example:**
+```nix
+athenix.hw.nix-lxc.cuda.driverCapabilities = [ "compute" "utility" "video" ];
+```
+
+### `athenix.hw.nix-lxc.cuda.driver.channel`
+
+Driver package channel selected from `boot.kernelPackages.nvidiaPackages`.
+
+**Type:** String
+
+**Default:** `"dc_550"`
+
+**Common values:** `"stable"`, `"latest"`, `"beta"`, `"dc_550"`, `"legacy_470"`, `"legacy_390"`
+
+**Aliases:**
+- `"production"` → `"stable"`
+- `"datacenter"` → `"dc_550"`
+
+### `athenix.hw.nix-lxc.cuda.driver.package`
+
+Explicit package override for NVIDIA driver selection.
+
+**Type:** Package or null
+
+**Default:** `null`
+
+**Description:**
+When set, this takes precedence over `athenix.hw.nix-lxc.cuda.driver.channel`.
+
 ## Software Configuration (`athenix.sw`)
 
 System type, packages, and application configuration.

hw/nix-lxc.nix

@@ -7,6 +7,7 @@
 {
   config,
   lib,
+  pkgs,
   ...
 }:
 
@@ -24,6 +25,56 @@ in
           default = false;
           description = "Enable Proxmox LXC container hardware configuration.";
         };
+        cuda.enable = mkOption {
+          type = types.bool;
+          default = false;
+          description = "Enable CUDA support in LXC containers (requires NVIDIA GPU and drivers on host).";
+        };
+        cuda.visibleDevices = mkOption {
+          type = types.listOf types.str;
+          default = [ "all" ];
+          example = [
+            "0"
+            "1"
+          ];
+          description = ''
+            NVIDIA devices exposed to containerized workloads.
+            Use indexes (e.g. "0", "1"), UUIDs, or "all".
+          '';
+        };
+        cuda.driverCapabilities = mkOption {
+          type = types.listOf types.str;
+          default = [
+            "compute"
+            "utility"
+          ];
+          example = [
+            "compute"
+            "utility"
+            "video"
+          ];
+          description = ''
+            Value used for NVIDIA_DRIVER_CAPABILITIES for container runtimes.
+          '';
+        };
+        cuda.driver.channel = mkOption {
+          type = types.str;
+          default = "dc_550";
+          example = "legacy_470";
+          description = ''
+            NVIDIA driver package channel from boot.kernelPackages.nvidiaPackages.
+            Common values include: stable, latest, beta, dc_550, legacy_470, legacy_390.
+            Alias values: production -> stable, datacenter -> dc_550.
+          '';
+        };
+        cuda.driver.package = mkOption {
+          type = types.nullOr types.package;
+          default = null;
+          description = ''
+            Explicit NVIDIA driver package override. When set, this takes precedence
+            over cuda.driver.channel.
+          '';
+        };
       };
     };
     default = { };
@@ -50,6 +101,53 @@ in
     # Set timezone to fix /etc/localtime for Docker containers
     time.timeZone = lib.mkDefault "America/New_York";
 
+    # NVIDIA Container Toolkit for CUDA support (optional)
+    hardware.nvidia = lib.mkIf cfg.cuda.enable {
+      package =
+        let
+          nvidiaPackages = config.boot.kernelPackages.nvidiaPackages;
+          driverAliasMap = {
+            production = "stable";
+            datacenter = "dc_550";
+          };
+          driverChannel = driverAliasMap.${cfg.cuda.driver.channel} or cfg.cuda.driver.channel;
+        in
+        if cfg.cuda.driver.package != null then
+          cfg.cuda.driver.package
+        else if builtins.hasAttr driverChannel nvidiaPackages then
+          builtins.getAttr driverChannel nvidiaPackages
+        else
+          throw "athenix.hw.nix-lxc.cuda.driver.channel '${driverChannel}' not found in boot.kernelPackages.nvidiaPackages";
+    };
+    hardware.nvidia-container-toolkit.enable = lib.mkIf cfg.cuda.enable true;
+    hardware.nvidia-container-toolkit.suppressNvidiaDriverAssertion = lib.mkIf cfg.cuda.enable true;
+    environment.systemPackages = lib.mkIf cfg.cuda.enable [
+      (pkgs.writeShellScriptBin "nvidia-smi" ''
+        primary="${config.hardware.nvidia.package}/bin/nvidia-smi"
+        secondary="${
+          if builtins.hasAttr "bin" config.hardware.nvidia.package then
+            config.hardware.nvidia.package.bin
+          else
+            config.hardware.nvidia.package
+        }/bin/nvidia-smi"
+
+        if [ -x "$primary" ]; then
+          exec "$primary" "$@"
+        fi
+
+        if [ -x "$secondary" ]; then
+          exec "$secondary" "$@"
+        fi
+
+        echo "nvidia-smi binary not found in configured NVIDIA package: ${config.hardware.nvidia.package}" >&2
+        exit 127
+      '')
+    ];
+    environment.variables = lib.mkIf cfg.cuda.enable {
+      NVIDIA_VISIBLE_DEVICES = lib.concatStringsSep "," cfg.cuda.visibleDevices;
+      NVIDIA_DRIVER_CAPABILITIES = lib.concatStringsSep "," cfg.cuda.driverCapabilities;
+    };
+
     # Allow getty to work in containers
     systemd.services."getty@".unitConfig.ConditionPathExists = [
       ""

hw/nix-zima.nix

@@ -66,6 +66,6 @@ in
 
     # ========== Software Profile ==========
     athenix.sw.enable = lib.mkDefault true;
-    athenix.sw.bigscreen.enable = lib.mkDefault true;
+    athenix.sw.desktop.enable = lib.mkDefault true;
   };
 }

inventory.nix

@@ -127,6 +127,25 @@
             };
           };
         };
+        "nix-big-cuda" = {
+          athenix.sw.headless.enable = true;
+          nixpkgs.config = {
+            allowUnfree = true;
+            nvidia.acceptLicense = true;
+          };
+          athenix.hw.nix-lxc.cuda = {
+            enable = true;
+            visibleDevices = [
+              "0"
+              "1"
+            ];
+            driver.channel = "legacy_535";
+            driverCapabilities = [
+              "compute"
+              "utility"
+            ];
+          };
+        };
         "usda-dash".external = {
           url = "https://git.factory.uga.edu/MODEL/usda-dash-config.git";
           rev = "ce2700b0196e106f7c013bbcee851a5f96b146a3";

pkgs/default.nix

@@ -1,24 +0,0 @@
-{ pkgs, ... }:
-{
-  plasma-bigscreen = pkgs.callPackage ./plasma-bigscreen.nix {
-    inherit (pkgs.kdePackages)
-      kcmutils
-      kdeclarative
-      ki18n
-      kio
-      knotifications
-      kwayland
-      kwindowsystem
-      mkKdeDerivation
-      qtmultimedia
-      plasma-workspace
-      bluez-qt
-      qtwebengine
-      plasma-nano
-      plasma-nm
-      milou
-      kscreen
-      kdeconnect-kde
-      ;
-  };
-}

pkgs/plasma-bigscreen.nix

@@ -1,112 +0,0 @@
-# NOTE: from https://github.com/NixOS/nixpkgs/pull/428353#issuecomment-3498917203
-# more info in tv.nix nixos config
-{
-  mkKdeDerivation,
-  lib,
-  fetchFromGitLab,
-  pkg-config,
-  ki18n,
-  kdeclarative,
-  kcmutils,
-  knotifications,
-  kio,
-  kwayland,
-  kwindowsystem,
-  plasma-workspace,
-  qtmultimedia,
-  bluez-qt,
-  qtwebengine,
-  plasma-nano,
-  plasma-nm,
-  milou,
-  kscreen,
-  kdeconnect-kde,
-  sdl3,
-  libcec ? null
-}:
-mkKdeDerivation {
-  pname = "plasma-bigscreen";
-  version = "unstable-2026-02-13";
-
-  src = fetchFromGitLab {
-    domain = "invent.kde.org";
-    owner = "plasma";
-    repo = "plasma-bigscreen";
-    rev = "1db19cdfc2ac1653cb129f403702addec2caf4c7";
-    hash = "sha256-dfsR20dY1jtLmEpGRxvp9xwOHJFn3mVw+1RUGBJRLpQ=";
-  };
-
-  extraNativeBuildInputs = [
-    pkg-config
-  ];
-
-  buildInputs = [
-    ki18n
-    kdeclarative
-    kcmutils
-    knotifications
-    kio
-    kwayland
-    kwindowsystem
-    plasma-workspace
-    qtmultimedia
-    bluez-qt
-    qtwebengine
-    plasma-nano
-    plasma-nm
-    milou
-    kscreen
-    kdeconnect-kde
-    sdl3
-  ] ++ lib.optionals (libcec != null) [ libcec ];
-
-  postPatch = ''
-        substituteInPlace bin/plasma-bigscreen-wayland.in \
-          --replace-fail @KDE_INSTALL_FULL_LIBEXECDIR@ "${plasma-workspace}/libexec"
-
-        # Plasma version numbers are required to match, but we are building an
-        # unreleased package against a stable Plasma release.
-        substituteInPlace CMakeLists.txt \
-          --replace-fail 'set(PROJECT_VERSION "6.5.80")' 'set(PROJECT_VERSION "${plasma-workspace.version}")'
-
-        # Fix for Qt 6.10+ which requires explicit find_package of private targets
-        # Reference: https://github.com/NixOS/nixpkgs/pull/461599/changes
-        substituteInPlace CMakeLists.txt \
-          --replace-fail \
-          'find_package(Qt6 ''${QT_MIN_VERSION} CONFIG REQUIRED COMPONENTS
-        Quick
-        Core
-        Qml
-        DBus
-        Network
-        Multimedia
-        WebEngineCore
-        WebEngineQuick
-        WaylandClient
-    )' \
-          'find_package(Qt6 ''${QT_MIN_VERSION} CONFIG REQUIRED COMPONENTS
-        Quick
-        Core
-        Qml
-        QmlPrivate
-        DBus
-        Network
-        Multimedia
-        WebEngineCore
-        WebEngineQuick
-        WaylandClient
-    )'
-  '';
-
-  preFixup = ''
-    wrapQtApp $out/bin/plasma-bigscreen-wayland
-  '';
-
-  passthru.providedSessions = [
-    "plasma-bigscreen-wayland"
-  ];
-
-  meta = {
-    license = lib.licenses.gpl2Plus;
-  };
-}

sw/bigscreen/default.nix

@@ -1,63 +0,0 @@
-# ============================================================================
-# Bigscreen Software Configuration
-# ============================================================================
-# Imports desktop-specific programs and services (KDE Plasma, CUPS, etc.)
-
-{
-  config,
-  lib,
-  pkgs,
-  inputs,
-  ...
-}:
-
-with lib;
-
-let
-  cfg = config.athenix.sw.bigscreen;
-in
-{
-  options.athenix.sw.bigscreen = mkOption {
-    type = lib.types.submodule {
-      options = {
-        enable = mkOption {
-          type = lib.types.bool;
-          default = false;
-          description = ''
-            Enable full desktop environment with KDE Plasma 6 Bigscreen.
-
-            Includes:
-            - KDE Plasma 6 desktop with SDDM display manager
-            - Printing and scanning support (CUPS)
-            - Virtualization (libvirt, virt-manager)
-            - Bluetooth and audio (PipeWire)
-
-            Recommended for: home theater PCs, media centers, and large-screen desktops.
-          '';
-          example = true;
-        };
-      };
-    };
-    default = { };
-    description = "Desktop environment configuration (KDE Plasma 6).";
-  };
-
-  config = mkIf cfg.enable (mkMerge [
-    (import ./programs.nix {
-      inherit
-        config
-        lib
-        pkgs
-        inputs
-        ;
-    })
-    (import ./services.nix {
-      inherit
-        config
-        lib
-        pkgs
-        inputs
-        ;
-    })
-  ]);
-}

sw/bigscreen/programs.nix

@@ -1,31 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-
-with lib;
-
-let
-  cfg = config.athenix.sw;
-  basePackages = with pkgs; [
-    tmux
-    man
-    (chromium.override {
-      commandLineArgs = [ "--enable-features=TouchpadOverscrollHistoryNavigation" ];
-    })
-    lm_sensors
-  ];
-in
-{
-  environment.systemPackages = subtractLists cfg.excludePackages (basePackages ++ cfg.extraPackages);
-
-  programs.mtr.enable = true;
-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
-
-  programs.virt-manager.enable = true;
-}

sw/bigscreen/services.nix

@@ -1,74 +0,0 @@
-{
-  lib,
-  pkgs,
-  ...
-}:
-
-let   
-  xelpkgs = pkgs: import ../../pkgs pkgs;
-  bigscreenpkgs = xelpkgs pkgs;
-in  
-
-{
-  athenix.sw.python.enable = lib.mkDefault true;
-
-  services.displayManager.sddm = {
-    enable = true;
-    theme = "breeze";
-    wayland.enable = true;
-    enableHidpi = true;
-    settings = {
-      Autologin = {
-        Session = "plasma-bigscreen-wayland";
-        User = "engr-ugaif";
-      };
-    };
-  };
-  services.desktopManager.plasma6.enable = true;
-  services.displayManager.sessionPackages = with bigscreenpkgs; [
-    plasma-bigscreen
-  ];
-
-  services.printing.enable = true;
-
-  networking.networkmanager.enable = true;
-
-  services.pulseaudio.enable = false;
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-  };
-
-  fonts.packages = with pkgs; [
-    nerd-fonts.fira-code
-    corefonts
-    noto-fonts
-  ];
-  fonts.fontconfig = {
-    enable = true;
-    defaultFonts.monospace = [ "FiraCode Nerd Font Mono" ];
-  };
-
-  hardware.bluetooth.enable = true;
-  services.blueman.enable = true;
-
-  networking.firewall.enable = true;
-
-  services.flatpak.enable = true;
-  xdg.portal.enable = true;
-  xdg.portal.extraPortals = [ pkgs.kdePackages.xdg-desktop-portal-kde ];
-
-  virtualisation.libvirtd.enable = true;
-
-  services.thermald.enable = true;
-
-  services.fwupd.enable = true;
-
-  services.openssh = {
-    enable = true;
-    settings.PermitRootLogin = "no";
-  };
-}

sw/default.nix

@@ -32,7 +32,6 @@ in
     ./builders
     ./tablet-kiosk
     ./stateless-kiosk
-    ./bigscreen
     inputs.home-manager.nixosModules.home-manager
     inputs.agenix.nixosModules.default
     inputs.disko.nixosModules.disko

users.nix

@@ -48,6 +48,7 @@
       enable = true; # Default user, enabled everywhere
     };
     hdh20267 = {
+      description = "Hunter Halloran";
       external = {
         url = "https://git.factory.uga.edu/hdh20267/hdh20267-nix";
         rev = "dbdf65c7bd59e646719f724a3acd2330e0c922ec";
@@ -67,5 +68,14 @@
       shell = "zsh";
       # enable = false by default, set to true per-system
     };
+    dj69594 = {
+      description = "David Joy";
+      extraGroups = [
+        "networkmanager"
+        "wheel"
+      ];
+      shell = "zsh";
+      # enable = false by default, set to true per-system
+    };
   };
 }