CCCHH/nix-infra
CCCHH/nix-infra
59
2
Fork 2
Code Issues Pull requests 3 Projects Wiki Activity

Compare commits

base: CCCHH:main
Branches Tags
CCCHH:main
CCCHH:simple-clean-up
CCCHH:howto-build-proxmox-ve-template
CCCHH:yate
CCCHH:ptouch-print-server
CCCHH:Bendodroid-ldflagsSpaceapid
..
compare: CCCHH:howto-build-proxmox-ve-template
Branches Tags
CCCHH:simple-clean-up
CCCHH:main
CCCHH:howto-build-proxmox-ve-template
CCCHH:yate
CCCHH:ptouch-print-server
CCCHH:Bendodroid-ldflagsSpaceapid

2 commits
main ... howto-buil

Author SHA1 Message Date
christian 25573d9dc8
fix typo and writing improvement 2024-10-30 21:56:02 +01:00
christian 78971c542a
Add how to generate the NixOS Proxmox VE templates 2024-10-30 21:56:02 +01:00
7 changed files with 83 additions and 23 deletions
Show stats Expand all files Collapse all files

11
README.md
View file

@ -62,3 +62,14 @@ This is exactly what we're doing to set the default deployment user to `colmena-
}; };
``` ```
This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host. This secret would then be available under `/run/secrets/forgejo_git_smtp_password` on the host.
## Build NixOS Proxmox VE Template
Build a new NixOS Proxmox VE Template for the thinkcccore's.
```shell
nix build .#proxmox-nixos-template
```
Build a new NixOS Proxmox VE Template for the chaosknoten.
```shell
nix build .#proxmox-chaosknoten-nixos-template
```

36
flake.lock
View file

@ -2,11 +2,11 @@
"nodes": { "nodes": {
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1729386149, "lastModified": 1726966855,
"narHash": "sha256-hUP9oxmnOmNnKcDOf5Y55HQ+NnoT0+bLWHLQWLLw9Ks=", "narHash": "sha256-25ByioeOBFcnitO5lM/Mufnv/u7YtHEHEM8QFuiS40k=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixpkgs.lib", "repo": "nixpkgs.lib",
"rev": "cce4521b6df014e79a7b7afc58c703ed683c916e", "rev": "575704ff85d3a41dc5bfef7b55380cbc7b87f3c2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -23,11 +23,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1729472750, "lastModified": 1727053438,
"narHash": "sha256-s93LPHi5BN7I2xSGNAFWiYb8WRsPvT1LE9ZjZBrpFlg=", "narHash": "sha256-t/+z1Tf7hSaStU1pBYkY7i0/GkG+YIPSmfeRrK8eYUw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565", "rev": "e8c1cd886cc17e31e424f915efd32e84d8af0ce9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -38,11 +38,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1730428893, "lastModified": 1727076372,
"narHash": "sha256-fLLUd2dO/Vnf96UDr8YPzerYi+n99l3S5yIUDnmcPBE=", "narHash": "sha256-gXIWudYhY/4LjQPvrGn9lN4fbHjw/mf1mb9KKJK//4I=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "38edd08881ce4dc24056eec173b43587a93c990f", "rev": "7ca0f93c530406c1610defff0b9bf643333cf992",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -54,11 +54,11 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1729973466, "lastModified": 1725762081,
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=", "narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950", "rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -70,11 +70,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1730449684, "lastModified": 1727104955,
"narHash": "sha256-Hlv3rTPxnO+DpKRXw9yjzERLdk05h7+fEbZxWM2taCw=", "narHash": "sha256-m6kgjR4zAwyMe1Pn4RGXLCzArtoBp1qzhb2AUlPeVh4=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ab464abbeb3a2833288c6e907488c49c2e599f88", "rev": "d266adc5a77ec8c10ed941c7251b2673004dbd62",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -100,11 +100,11 @@
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1729999681, "lastModified": 1726524647,
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=", "narHash": "sha256-qis6BtOOBBEAfUl7FMHqqTwRLB61OL5OFzIsOmRz2J4=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56", "rev": "e2d404a7ea599a013189aa42947f66cede0645c8",
"type": "github" "type": "github"
}, },
"original": { "original": {

36
flake.nix
View file

@ -26,18 +26,50 @@
outputs = { self, nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }: outputs = { self, nixpkgs, nixpkgs-unstable, nixos-generators, sops-nix, ... }:
let let
system = "x86_64-linux"; system = "x86_64-linux";
# Shairport Sync 4.3.1 (with nqptp 1.2.4) with metadata, MQTT and AirPlay 2 support.
shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: { shairportSync431ExtendedNixpkgsUnstableOverlay = final: prev: {
shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: { shairport-sync = (prev.shairport-sync.override { enableMetadata = true; enableAirplay2 = true; }).overrideAttrs (finalAttr: previousAttr: {
# See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md # See: https://github.com/mikebrady/shairport-sync/blob/e78a88b64adfe7b5f88fd6faedf55c57445bb240/CONFIGURATION%20FLAGS.md
configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ]; configureFlags = previousAttr.configureFlags ++ [ "--with-mqtt-client" ];
buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ]; buildInputs = previousAttr.buildInputs ++ [ final.mosquitto ];
# Use specific Shairport Sync and nqptp versions, since with those the
# following error doesn't happen:
# fatal error: The nqptp service on this system, which is required for
# Shairport Sync to operate, does not seem to be initialised.
#
# Also use a more recent dev version to fix Pipewire stuttering issue.
# See:
# https://github.com/mikebrady/shairport-sync/issues/1736
# https://github.com/mikebrady/shairport-sync/blob/a65ec2d7f1f380bbae196d7f8f1cd6a88ef5777b/RELEASENOTES-DEVELOPMENT.md#version-432-dev-51-g98679bbb
src = final.fetchFromGitHub {
owner = "mikebrady";
repo = finalAttr.pname;
rev = "98679bbb54f5aaeda859e34aa28425647b8d179e";
hash = "sha256-k0kcgtWk2xlG34lP0ryEaqdskYMNM68YnIRLwFR3jaY=";
};
});
nqptp = prev.nqptp.overrideAttrs (finalAttr: previousAttr: {
# See Shairport Sync version note.
src = final.fetchFromGitHub {
owner = "mikebrady";
repo = finalAttr.pname;
rev = "1.2.4";
hash = "sha256-roTNcr3v2kzE6vQ5plAVtlw1+2yJplltOYsGGibtoZo=";
};
# Custom install phase to avoid setcap.
# See:
# https://github.com/mikebrady/nqptp/blob/1.2.4/Makefile.am#L23
installPhase = ''
mkdir -p $out/bin
cp nqptp $out/bin/
'';
}); });
}; };
pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux"; pkgs-unstable = nixpkgs-unstable.legacyPackages."x86_64-linux";
in in
{ {
nixosConfigurations = { nixosConfigurations = {
audio-hauptraum-kueche = nixpkgs.lib.nixosSystem { audio-hauptraum-kueche = nixpkgs-unstable.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common ./config/common
@ -47,7 +79,7 @@
]; ];
}; };
audio-hauptraum-tafel = nixpkgs.lib.nixosSystem { audio-hauptraum-tafel = nixpkgs-unstable.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./config/common ./config/common

1
modules/services/audio/default.nix
View file

@ -12,6 +12,7 @@ in
imports = [ imports = [
./librespot.nix ./librespot.nix
./mpd.nix ./mpd.nix
./networking.nix
./pipewire.nix ./pipewire.nix
./shairport-sync.nix ./shairport-sync.nix
]; ];

4
modules/services/audio/librespot.nix
View file

@ -23,7 +23,7 @@ in
After = [ "network-online.target" "pipewire.service" ]; After = [ "network-online.target" "pipewire.service" ];
}; };
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.librespot}/bin/librespot --name '${config.ccchh.services.audio.name}' --device-type speaker --bitrate 320 --enable-volume-normalisation --disable-audio-cache --disable-credential-cache"; ExecStart = "${pkgs.librespot}/bin/librespot --name '${config.ccchh.services.audio.name}' --device-type speaker --bitrate 320 --enable-volume-normalisation --disable-audio-cache --disable-credential-cache --quiet";
User = "librespot"; User = "librespot";
Group = "librespot"; Group = "librespot";
}; };
@ -34,7 +34,7 @@ in
users.librespot = { users.librespot = {
isSystemUser = true; isSystemUser = true;
group = "librespot"; group = "librespot";
extraGroups = [ "pipewire" "audio" ]; extraGroups = [ "pipewire" ];
}; };
groups.librespot = { }; groups.librespot = { };
}; };

16
modules/services/audio/networking.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.ccchh.services.audio;
in
{
config = mkIf cfg.enable {
# Disable IPv6, since Shairport-Sync doesn't work with IPv6. Unclear why.
networking.enableIPv6 = false;
};
}

2
modules/services/audio/shairport-sync.nix
View file

@ -20,7 +20,7 @@ in
arguments = "-o pw -v"; arguments = "-o pw -v";
}; };
users.users.shairport.extraGroups = [ "pipewire" "audio" ]; users.users.shairport.extraGroups = [ "pipewire" ];
environment.etc.shairport-sync-config = { environment.etc.shairport-sync-config = {
enable = true; enable = true;