diff --git a/clanModules/flake-module.nix b/clanModules/flake-module.nix index c0d4a3bc..ead76513 100644 --- a/clanModules/flake-module.nix +++ b/clanModules/flake-module.nix @@ -9,8 +9,10 @@ borgbackup = ./borgbackup.nix; deltachat = ./deltachat.nix; moonlight = ./moonlight.nix; + sunshine = ./sunshine.nix; syncthing = ./syncthing.nix; xfce = ./xfce.nix; zt-tcp-relay = ./zt-tcp-relay.nix; + localsend = ./localsend.nix; }; } diff --git a/clanModules/localsend.nix b/clanModules/localsend.nix new file mode 100644 index 00000000..34aed631 --- /dev/null +++ b/clanModules/localsend.nix @@ -0,0 +1,40 @@ +{ config +, pkgs +, lib +, ... +}: +{ + options.clan.localsend = { + enable = lib.mkEnableOption (lib.mdDoc "enable the localsend module"); + defaultLocation = lib.mkOption { + type = lib.types.str; + description = "The default download location"; + }; + package = lib.mkPackageOption pkgs "localsend" { }; + }; + + imports = + if config.clan.localsend.enable then + [ + { + clanCore.state.localsend.folders = [ + "/var/localsend" + config.clan.localsend.defaultLocation + ]; + environment.systemPackages = [ config.clan.localsend.package ]; + + networking.firewall.interfaces."zt+".allowedTCPPorts = [ 53317 ]; + networking.firewall.interfaces."zt+".allowedUDPPorts = [ 53317 ]; + + #TODO: This is currently needed because there is no ipv6 multicasting support yet + # + systemd.network.networks."09-zerotier" = { + networkConfig = { + Address = "192.168.56.2/24"; + }; + }; + } + ] + else + [ ]; +} diff --git a/clanModules/sunshine.nix b/clanModules/sunshine.nix new file mode 100644 index 00000000..6558e47d --- /dev/null +++ b/clanModules/sunshine.nix @@ -0,0 +1,109 @@ +{ pkgs, config, ... }: +{ + networking.firewall = { + allowedTCPPorts = [ + 47984 + 47989 + 47990 + 48010 + ]; + + allowedUDPPorts = [ + 47998 + 47999 + 48000 + 48002 + 48010 + ]; + }; + + networking.firewall.allowedTCPPortRanges = [ + { + from = 47984; + to = 48010; + } + ]; + networking.firewall.allowedUDPPortRanges = [ + { + from = 47998; + to = 48010; + } + ]; + + environment.systemPackages = [ + pkgs.sunshine + pkgs.avahi + # Convenience script, until we find a better UX + (pkgs.writers.writeDashBin "sun" '' + ${pkgs.sunshine}/bin/sunshine -1 ${ + pkgs.writeText "sunshine.conf" '' + address_family = both + '' + } "$@" + '') + # Create a dummy account, for easier setup, + # don't use this account in actual production yet. + (pkgs.writers.writeDashBin "init-sun" '' + ${pkgs.sunshine}/bin/sunshine \ + --creds "sun" "sun" + '') + ]; + + # Required to simulate input + boot.kernelModules = [ "uinput" ]; + security.rtkit.enable = true; + + # services.udev.extraRules = '' + # KERNEL=="uinput", SUBSYSTEM=="misc", OPTIONS+="static_node=uinput", TAG+="uaccess" + # ''; + + services.udev.extraRules = '' + KERNEL=="uinput", GROUP="input", MODE="0660" OPTIONS+="static_node=uinput" + ''; + + security.wrappers.sunshine = { + owner = "root"; + group = "root"; + capabilities = "cap_sys_admin+p"; + source = "${pkgs.sunshine}/bin/sunshine"; + }; + + systemd.user.services.sunshine = { + description = "sunshine"; + wantedBy = [ "graphical-session.target" ]; + environment = { + DISPLAY = ":0"; + }; + serviceConfig = { + ExecStart = "${config.security.wrapperDir}/sunshine"; + }; + }; + + # xdg.configFile."sunshine/apps.json".text = builtins.toJSON { + # env = "/run/current-system/sw/bin"; + # apps = [ + # { + # name = "Steam"; + # output = "steam.txt"; + # detached = [ + # "${pkgs.util-linux}/bin/setsid ${pkgs.steam}/bin/steam steam://open/bigpicture" + # ]; + # image-path = "steam.png"; + # } + # ]; + # }; + + services = { + avahi = { + enable = true; + reflector = true; + nssmdns = true; + publish = { + enable = true; + addresses = true; + userServices = true; + workstation = true; + }; + }; + }; +}