summaryrefslogtreecommitdiff
path: root/bragi.nix
diff options
context:
space:
mode:
Diffstat (limited to 'bragi.nix')
-rw-r--r--bragi.nix157
1 files changed, 86 insertions, 71 deletions
diff --git a/bragi.nix b/bragi.nix
index fe447e2d..f0817580 100644
--- a/bragi.nix
+++ b/bragi.nix
@@ -3,6 +3,7 @@
3let 3let
4 trivmixService = opts: (pkgs.callPackage ./custom/trivmix-service.nix opts).out; 4 trivmixService = opts: (pkgs.callPackage ./custom/trivmix-service.nix opts).out;
5 thermoprint-servant = (pkgs.callPackage ./custom/thermoprint {}).thermoprint-servant; 5 thermoprint-servant = (pkgs.callPackage ./custom/thermoprint {}).thermoprint-servant;
6 inherit (pkgs) lib;
6in rec { 7in rec {
7 imports = 8 imports =
8 [ ./musnix 9 [ ./musnix
@@ -31,29 +32,22 @@ in rec {
31 overrides = self: super: let 32 overrides = self: super: let
32 callPackage = pkgs.lib.callPackageWith ( pkgs // self ); 33 callPackage = pkgs.lib.callPackageWith ( pkgs // self );
33 in { 34 in {
34 trivmix = callPackage ./custom/trivmix.nix {}; 35 trivmix = callPackage ./custom/trivmix {};
35 # filelock = callPackage ./custom/filelock.nix {};
36 }; 36 };
37 } 37 }
38 ); 38 );
39 39
40 jack2Full = pkgs.jack2Full.override { dbus = null; }; 40 jack2Full = pkgs.jack2Full.override { dbus = null; };
41 41
42 mpd = pkgs.symlinkJoin { 42 mpd = pkgs.mpd.override { gmeSupport = false; pulseaudioSupport = false; };
43 name = "mpd";
44 paths = [ (pkgs.mpd.override { gmeSupport = false; pulseaudioSupport = false; }) ];
45 buildInputs = [ pkgs.makeWrapper ];
46 postBuild = ''
47 wrapProgram $out/bin/mpd \
48 --run "umask 0"
49 '';
50 };
51 43
52 inherit (pkgs.callPackage ./custom/thermoprint {}) thermoprint-server thermoprint-webgui tprint; 44 inherit (pkgs.callPackage ./custom/thermoprint { extraPackages = (p: with p; [ persistent-postgresql ]); }) thermoprint-server thermoprint-webgui tprint;
53 45
54 inherit (haskellPackages) trivmix; 46 inherit (haskellPackages) trivmix;
55 }; 47 };
56 48
49 nixpkgs.config.allowUnfree = true;
50
57 environment.systemPackages = with pkgs; [ 51 environment.systemPackages = with pkgs; [
58 git 52 git
59 mosh 53 mosh
@@ -124,17 +118,20 @@ in rec {
124 }; 118 };
125 }; 119 };
126 120
127 systemd.services."mpdmix0" = trivmixService { name = "mpdmix0"; connectOut = "system:playback_3"; group = "mpd"; }; 121 systemd.services."mpdmix0" = trivmixService { name = "mpdmix0"; connectOut = "system:playback_3"; group = "mpd"; initial = "-35dB"; };
128 systemd.services."mpdmix1" = trivmixService { name = "mpdmix1"; connectOut = "system:playback_4"; group = "mpd"; }; 122 systemd.services."mpdmix1" = trivmixService { name = "mpdmix1"; connectOut = "system:playback_4"; group = "mpd"; initial = "-35dB"; };
123
124 systemd.services."passmix0" = trivmixService { name = "passmix0"; connectOut = "system:playback_3"; connectIn = "system:capture_5"; group = "vali_out"; initial = "-20dB"; };
125 systemd.services."passmix1" = trivmixService { name = "passmix1"; connectOut = "system:playback_4"; connectIn = "system:capture_6"; group = "vali_out"; initial = "-20dB"; };
129 126
130 systemd.services."passmix0" = trivmixService { name = "passmix0"; connectOut = "system:playback_3"; connectIn = "system:capture_5"; group = "vali_out"; }; 127 systemd.services."passmix2" = trivmixService { name = "passmix2"; connectOut = "system:playback_5"; connectIn = "system:capture_1"; group = "vali_in"; initial = "1"; };
131 systemd.services."passmix1" = trivmixService { name = "passmix1"; connectOut = "system:playback_4"; connectIn = "system:capture_6"; group = "vali_out"; }; 128 systemd.services."passmix3" = trivmixService { name = "passmix3"; connectOut = "system:playback_6"; connectIn = "system:capture_1"; group = "vali_in"; initial = "1"; };
132 129
133 systemd.services."passmix2" = trivmixService { name = "passmix2"; connectOut = "system:playback_5"; connectIn = "system:capture_1"; group = "vali_in"; }; 130 systemd.services."passmix4" = trivmixService { name = "passmix4"; connectOut = "system:playback_3"; connectIn = "system:capture_7"; group = "hel_out"; initial = "-17.5dB"; };
134 systemd.services."passmix3" = trivmixService { name = "passmix3"; connectOut = "system:playback_6"; connectIn = "system:capture_1"; group = "vali_in"; }; 131 systemd.services."passmix5" = trivmixService { name = "passmix5"; connectOut = "system:playback_4"; connectIn = "system:capture_8"; group = "hel_out"; initial = "-17.5dB"; };
135 132
136 systemd.services."passmix4" = trivmixService { name = "passmix4"; connectOut = "system:playback_3"; connectIn = "system:capture_7"; group = "hel_out"; }; 133 systemd.services."passmix6" = trivmixService { name = "passmix6"; connectOut = "system:playback_7"; connectIn = "system:capture_1"; group = "hel_in"; initial = "1"; };
137 systemd.services."passmix5" = trivmixService { name = "passmix5"; connectOut = "system:playback_4"; connectIn = "system:capture_8"; group = "hel_out"; }; 134 systemd.services."passmix7" = trivmixService { name = "passmix7"; connectOut = "system:playback_8"; connectIn = "system:capture_1"; group = "hel_in"; initial = "1"; };
138 135
139 services.mpd = { 136 services.mpd = {
140 enable = true; 137 enable = true;
@@ -159,6 +156,9 @@ in rec {
159 systemd.services."mpd".requires = [ "jack.service" ]; 156 systemd.services."mpd".requires = [ "jack.service" ];
160 systemd.services."mpd".serviceConfig = { 157 systemd.services."mpd".serviceConfig = {
161 LimitMEMLOCK = "infinity"; 158 LimitMEMLOCK = "infinity";
159 Nice = "-5";
160 LimitRTPRIO = "95:95";
161 UMask = "0000";
162 }; 162 };
163 163
164 users.extraUsers.jack = { 164 users.extraUsers.jack = {
@@ -167,7 +167,7 @@ in rec {
167 group = "audio"; 167 group = "audio";
168 }; 168 };
169 169
170 security.setuidPrograms = ["mount.nfs"]; 170 security.wrappers = { "mount.nfs".source = "${pkgs.nfs-utils}/bin/mount.nfs"; };
171 171
172 programs.bash.promptInit = '' 172 programs.bash.promptInit = ''
173 PROMPT_COLOR="1;31m" 173 PROMPT_COLOR="1;31m"
@@ -208,6 +208,7 @@ in rec {
208 allowPing = true; 208 allowPing = true;
209 allowedTCPPorts = [ 22 # SSH 209 allowedTCPPorts = [ 22 # SSH
210 80 # HTTP 210 80 # HTTP
211 5432 # PostgreSQL
211 6600 # MPD 212 6600 # MPD
212 ]; 213 ];
213 allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh 214 allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh
@@ -220,7 +221,14 @@ in rec {
220 ''; 221 '';
221 }; 222 };
222 223
223 services.dhcpd = { 224 networking.defaultMailServer = {
225 directDelivery = true;
226 hostName = "ymir.niflheim.yggdrasil";
227 useSTARTTLS = true;
228 setSendmail = true;
229 };
230
231 services.dhcpd4 = {
224 enable = true; 232 enable = true;
225 interfaces = [ "enp1s0" 233 interfaces = [ "enp1s0"
226 ]; 234 ];
@@ -249,14 +257,6 @@ in rec {
249 ''; 257 '';
250 }; 258 };
251 259
252 services.ntp = {
253 enable = false;
254 };
255
256 services.chrony = {
257 enable = true;
258 };
259
260 users.extraUsers.root = let 260 users.extraUsers.root = let
261 template = (import users/gkleen.nix); 261 template = (import users/gkleen.nix);
262 in { 262 in {
@@ -272,56 +272,19 @@ in rec {
272 home = "/var/lib/thermoprint"; 272 home = "/var/lib/thermoprint";
273 }; 273 };
274 274
275 environment.etc."thermoprint-server/thermoprint-server.hs" = {
276 text = ''
277 {-# LANGUAGE OverloadedStrings #-}
278 {-# LANGUAGE ImpredicativeTypes #-}
279
280 module Main (main) where
281
282 import Thermoprint.Server
283
284 import Thermoprint.Server.Printer.Generic
285
286 import Control.Monad.Trans.Resource
287 import Control.Monad.Logger
288 import Control.Monad.Reader
289
290 import Database.Persist.Sqlite
291
292 import qualified Network.Wai.Handler.Warp as Warp
293
294 main :: IO ()
295 main = thermoprintServer True (Nat runSqlite) $ (\c -> c { queueManagers = queueManagers, warpSettings = wSettings }) <$> def `withPrinters` printers
296 where
297 runSqlite :: ReaderT ConnectionPool (LoggingT IO) a -> IO a
298 runSqlite = runStderrLoggingT . withSqlitePool "${users.extraUsers."thermoprint".home}/thermoprint.sqlite" 1 . runReaderT
299
300 printers = [ (pure $ genericPrint "/dev/usb/lp0", def :: QMConfig (ResourceT (ReaderT ConnectionPool (LoggingT IO))))
301 ]
302
303 queueManagers _ = QMConfig
304 { manager = union [ limitHistorySize 100
305 , limitHistoryAge 3600
306 ]
307 , collapse = standardCollapse
308 }
309
310 wSettings = Warp.setHost "127.0.0.1" . Warp.setPort 8080 $ Warp.defaultSettings
311 '';
312 };
313
314 systemd.services."thermoprint" = { 275 systemd.services."thermoprint" = {
315 environment = { 276 environment = {
316 THERMOPRINT_CONFIG = "/etc/thermoprint-server"; 277 THERMOPRINT_CONFIG = ./bragi/thermoprint-server;
317 THERMOPRINT_CACHE = ''${users.extraUsers."thermoprint".home}/dyre''; 278 THERMOPRINT_CACHE = ''${users.extraUsers."thermoprint".home}/dyre'';
318 }; 279 };
280 requires = [ "postgresql.service" ];
319 wantedBy = [ "default.target" ]; 281 wantedBy = [ "default.target" ];
320 serviceConfig = { 282 serviceConfig = {
321 Type = "simple"; 283 Type = "simple";
322 ExecStart = ''${pkgs.thermoprint-server}/bin/thermoprint-server --force-reconf''; 284 ExecStart = ''${pkgs.thermoprint-server}/bin/thermoprint-server --force-reconf'';
323 User = users.extraUsers."thermoprint".name; 285 User = users.extraUsers."thermoprint".name;
324 Group = users.extraUsers."thermoprint".group; 286 Group = users.extraUsers."thermoprint".group;
287 WorkingDirectory = "~";
325 }; 288 };
326 }; 289 };
327 290
@@ -332,6 +295,35 @@ in rec {
332 ExecStart = ''${pkgs.thermoprint-webgui}/bin/thermoprint-webgui -P 80 -A localhost -F /thermoprint/api/ -a "localhost" -p 8081''; 295 ExecStart = ''${pkgs.thermoprint-webgui}/bin/thermoprint-webgui -P 80 -A localhost -F /thermoprint/api/ -a "localhost" -p 8081'';
333 User = users.extraUsers."thermoprint".name; 296 User = users.extraUsers."thermoprint".name;
334 Group = users.extraUsers."thermoprint".group; 297 Group = users.extraUsers."thermoprint".group;
298 WorkingDirectory = "~";
299 };
300 };
301
302 users.extraUsers."bar" = {
303 name = "bar";
304 group = "nogroup";
305 isSystemUser = true;
306 createHome = true;
307 home = "/var/lib/bar";
308 };
309
310 systemd.services."bar" = let
311 ghc = pkgs.haskellPackages.ghcWithPackages (p: with p; [yesod persistent-postgresql]);
312 in {
313 environment = {
314 PORT = "8082";
315 HOST = "::1";
316 };
317 requires = [ "postgresql.service" ];
318 wantedBy = [ "default.target" ];
319 serviceConfig = {
320 Type = "simple";
321 ExecStart = ''
322 ${pkgs.callPackage ./bragi/bar {}}/bin/bar
323 '';
324 User = users.extraUsers."bar".name;
325 Group = users.extraUsers."bar".group;
326 WorkingDirectory = "~";
335 }; 327 };
336 }; 328 };
337 329
@@ -379,7 +371,7 @@ in rec {
379 server_name _; 371 server_name _;
380 372
381 location /thermoprint/api/ { 373 location /thermoprint/api/ {
382 proxy_pass http://localhost:8080/; 374 proxy_pass http://[::1]:8080/;
383 proxy_http_version 1.1; 375 proxy_http_version 1.1;
384 proxy_set_header Upgrade $http_upgrade; 376 proxy_set_header Upgrade $http_upgrade;
385 proxy_set_header Connection "upgrade"; 377 proxy_set_header Connection "upgrade";
@@ -388,10 +380,33 @@ in rec {
388 location /thermoprint/ { 380 location /thermoprint/ {
389 proxy_pass http://localhost:8081/; 381 proxy_pass http://localhost:8081/;
390 } 382 }
383
384 location /bar/ {
385 proxy_set_header AppRoot "http://$host/bar";
386 proxy_pass http://[::1]:8082/;
387 }
391 } 388 }
392 ''; 389 '';
393 }; 390 };
394 391
392 services.postgresql = {
393 enable = true;
394 enableTCPIP = true;
395 authentication = lib.mkForce ''
396 local all all peer
397 host all all 10.141.0.0/16 md5
398 '';
399 initialScript = pkgs.writeText "schema.sql" ''
400 CREATE USER thermoprint;
401 CREATE DATABASE thermoprint WITH OWNER = thermoprint;
402 GRANT ALL ON DATABASE thermoprint TO thermoprint;
403
404 CREATE USER bar;
405 CREATE DATABASE bar WITH OWNER = bar;
406 GRANT ALL ON DATABASE bar TO bar;
407 '';
408 };
409
395 nix = { 410 nix = {
396 daemonIONiceLevel = 3; 411 daemonIONiceLevel = 3;
397 daemonNiceLevel = 10; 412 daemonNiceLevel = 10;
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-27 03:00:05 +0000