tabby wip

functora · functora · commit 6007ac5224af · 2025-03-01T16:06:27.000-03:00
diff --git a/nix/configuration.nix b/nix/configuration.nix
@@ -91,80 +91,85 @@
     exe,
     dir,
     net ? false,
+    cfg ? "",
   }: {
     "${pkg}" = {
       executable = exe;
-      profile = mkFirejailProfile {inherit pkg dir net;};
+      profile = mkFirejailProfile {inherit pkg dir net cfg;};
     };
   };
   mkFirejailProfile = {
     pkg,
     dir,
-    net ? false,
+    net,
+    cfg,
   }:
-    pkgs.writeText "${pkg}.local" ''
-      include default.profile
+    pkgs.writeText "${pkg}.local" (
+      ''
+        include default.profile
 
-      include disable-X11.inc
-      include disable-common.inc
-      include disable-devel.inc
-      include disable-exec.inc
-      include disable-interpreters.inc
-      include disable-proc.inc
-      include disable-programs.inc
-      include disable-shell.inc
-      include disable-write-mnt.inc
-      include disable-xdg.inc
+        include disable-X11.inc
+        include disable-common.inc
+        include disable-devel.inc
+        include disable-exec.inc
+        include disable-interpreters.inc
+        include disable-proc.inc
+        include disable-programs.inc
+        include disable-shell.inc
+        include disable-write-mnt.inc
+        include disable-xdg.inc
 
-      # no3d
-      # nosound
-      apparmor
-      caps.drop all
-      machine-id
-      ${
-        if net
-        then ""
-        else "net none"
-      }
-      netfilter
-      nodvd
-      nogroups
-      noinput
-      nonewprivs
-      noprinters
-      noroot
-      notv
-      nou2f
-      novideo
-      shell none
+        # no3d
+        # nosound
+        apparmor
+        caps.drop all
+        machine-id
+        ${
+          if net
+          then ""
+          else "net none"
+        }
+        netfilter
+        nodvd
+        nogroups
+        noinput
+        nonewprivs
+        noprinters
+        noroot
+        notv
+        nou2f
+        novideo
+        shell none
 
-      disable-mnt
-      private ''${HOME}/.firejail/${dir}
-      private-bin none
-      private-cache
-      private-cwd
-      private-dev
-      ${
-        if net
-        then ""
-        else "private-etc none"
-      }
-      private-lib none
-      private-opt none
-      private-srv none
-      private-tmp
-      seccomp
-      ${
-        if net
-        then ""
-        else "x11 none"
-      }
+        disable-mnt
+        private ''${HOME}/.firejail/${dir}
+        private-bin none
+        private-cache
+        private-cwd
+        private-dev
+        ${
+          if net
+          then ""
+          else "private-etc none"
+        }
+        private-lib none
+        private-opt none
+        private-srv none
+        private-tmp
+        seccomp
+        ${
+          if net
+          then ""
+          else "x11 none"
+        }
 
-      dbus-system none
-      dbus-user none
+        dbus-system none
+        dbus-user none
 
-      restrict-namespaces
-    '';
+        restrict-namespaces
+      ''
+      + cfg
+    );
   mkFirejailWrapper = {
     pkgs,
     pkg,
@@ -806,6 +811,8 @@ in {
         "networkmanager"
         "scanner"
         "ydotool"
+        "render"
+        "video"
         "lp"
       ];
       #
@@ -899,6 +906,37 @@ in {
             -file ./ashes/Ashes2063EnrichedFDPatch.pk3 \
             -file ./SimpleSlots.1.1.pk7
         '';
+      }
+      // mkFirejailCustom {
+        pkg = "tabby-download-embed";
+        dir = "tabby";
+        net = true;
+        exe = ''
+          ${import ./tabby.nix}/bin/tabby \
+            download --model Nomic-Embed-Text
+        '';
+      }
+      // mkFirejailCustom {
+        pkg = "tabby-download-qwen";
+        dir = "tabby";
+        net = true;
+        exe = ''
+          ${import ./tabby.nix}/bin/tabby \
+            download --model Qwen2.5-Coder-0.5B
+        '';
+      }
+      // mkFirejailCustom {
+        pkg = "tabby-serve-qwen";
+        dir = "tabby";
+        cfg = ''
+          env SWC_DEBUG=1
+          env RUST_LOG=trace
+          env TABBY_DISABLE_USAGE_COLLECTION=1
+        '';
+        exe = ''
+          ${import ./tabby-socat.nix}/bin/tabby-socat \
+            serve --model Qwen2.5-Coder-0.5B
+        '';
       };
 
     #
diff --git a/nix/tabby-socat.nix b/nix/tabby-socat.nix
@@ -0,0 +1,14 @@
+let
+  pkgs = import ./nixpkgs.nix;
+in
+  pkgs.writeShellApplication {
+    name = "tabby-socat";
+    text = ''
+      ${pkgs.socat}/bin/socat \
+        UNIX-LISTEN:./tabby.sock,fork,reuseaddr,keepalive \
+        TCP:localhost:8080,keepalive &
+      ${import ./tabby.nix}/bin/tabby "$@" &
+      wait -n
+      exit $?
+    '';
+  }
diff --git a/nix/tabby.nix b/nix/tabby.nix
@@ -0,0 +1,31 @@
+let
+  pkgs = import ./nixpkgs.nix;
+  pname = "tabby-vulkan";
+  version = "0.25.1";
+  src = builtins.fetchurl {
+    url = "https://github.com/TabbyML/tabby/releases/download/v${version}/tabby_x86_64-manylinux_2_28-vulkan.tar.gz";
+    sha256 = "1hfddjpa9q42giya5zxqw9db0vhg0pqgd4hy4yfipcw8diz169i7";
+  };
+in
+  pkgs.stdenv.mkDerivation {
+    inherit src pname version;
+    buildInputs = [
+      # tabby
+      pkgs.libz
+      pkgs.libgcc
+      # llama-server
+      pkgs.vulkan-loader # libvulkan
+      (pkgs.lib.getLib pkgs.stdenv.cc.cc) # libgomp libstdc++
+    ];
+    nativeBuildInputs = [
+      pkgs.autoPatchelfHook
+    ];
+    installPhase = ''
+      mkdir -p $out/bin
+      cp tabby $out/bin
+      cp llama-server $out/bin
+    '';
+    fixupPhase = ''
+      autoPatchelf $out/bin
+    '';
+  }
