feat(scardanelli): host media server

2026-03-16 10:11:08 +01:00 · 2020-10-28 20:29:41 +01:00
parent 048429f593
commit 3efb4682f2
4 changed files with 118 additions and 14 deletions
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -1,6 +1,7 @@
 {
  localAddresses = {
    toum = "192.168.178.24";
+    scardanelli = "192.168.178.21";
    homeros = "192.168.178.22";
    wilde = "192.168.178.32";
    android = "192.168.178.35";
--- a/systems/scardanelli/configuration.nix
+++ b/systems/scardanelli/configuration.nix
@@ -1,18 +1,122 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
 let
-  sshKey.rilke =
-    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDWRcTILWzSzOAWqwBjJC97K9wKm+pfxk15L5AiTUlUMyBzVQsU+d2jUEe1rmp+kjVXL0qgNMI+eBzEAzaafUMdCPeIkMyeiOlXaYxq8NHApcZUSYV9CmzWqePj8Dlu8uexoF3TJi6tj3mmGM8BY50qkwk4mlT/5xLPPnh/HHyFmoZlj6183Z4vJRnK8UZ6x2gevVaE36lP27MikZ/MQ6/PaHJ5TNZy63rQwzKXw6ZQMx4JU22CwyZqPn1wjlGEkpJFOBKtnypURdVBsPydaZd/I7b/13FMwso2hSUoXqeV6iaeno2FWOrB3cAaFogNWKPRkEacKEE5mQOvLGGdG1Xp u0_a138@localhost";
+  kmeinKeys = lib.strings.splitString "\n" (lib.strings.fileContents (pkgs.fetchurl {
+    url = "https://github.com/kmein.keys";
+    sha256 = "1b9gbpgihg7zc89ivsz0gs3najp0zg53rcknvzvkm0851fdzkryx";
+  }));
 in {
-  imports = [ <niveum/configs/default.nix> ./hardware-configuration.nix ];
+  imports = [
+    ./hardware-configuration.nix
+    <niveum/configs/wifi.nix>
+    <niveum/configs/keyboard.nix>
+    <niveum/modules/retiolum.nix>
+    <niveum/modules/constants.nix>
+    <niveum/configs/spotifyd.nix>
+    <niveum/configs/spacetime.nix>
+    {
+      services.mpd = {
+        enable = true;
+        extraConfig = ''
+          audio_output {
+            type "pulse"
+            name "Pulseaudio"
+            server "127.0.0.1"
+          }
+        '';
+      };

-  users.users.me.openssh.authorizedKeys.keys = [ sshKey.rilke ];
+      hardware.pulseaudio.extraConfig = "load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1";

-  niveum = {
-    batteryBlocks.default = "BAT1";
-    networkInterfaces.wireless = "wlp2s0";
-    promptColours.success = "yellow";
+      services.ympd = {
+        enable = true;
+        webPort = 8080;
+      };
+
+      networking.firewall.extraCommands = ''
+        ${pkgs.iptables}/bin/iptables -A INPUT -p tcp --dport 8080 -s 192.168.0.0/16 -j ACCEPT
+        ${pkgs.iptables}/bin/iptables -A INPUT -p tcp --dport 8080 -s 127.0.0.0/8 -j ACCEPT
+        ${pkgs.iptables}/bin/iptables -A INPUT -p tcp --dport 8080 -j DROP
+      '';
+    }
+    {
+      sound.enable = true;
+
+      hardware.pulseaudio.enable = true;
+
+      environment.systemPackages = [ pkgs.pavucontrol pkgs.pamixer ];
+    }
+  ];
+
+  nix.nixPath = [ "/var/src" ];
+
+  services.logind = {
+    lidSwitch = "ignore";
+    lidSwitchDocked = "ignore";
+    lidSwitchExternalPower = "ignore";
  };

+  services.illum.enable = true;
+
+  environment.systemPackages = with pkgs; [ git vim htop ];
+
+  users.mutableUsers = false;
+  users.users.kiosk = {
+    isNormalUser = true;
+    name = "kiosk";
+    extraGroups = [ "audio" ];
+    password = "";
+    openssh.authorizedKeys.keys = kmeinKeys;
+  };
+
+  programs.chromium = {
+    enable = true;
+    extensions = [
+      "cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin
+    ];
+  };
+
+  services.xserver = {
+    enable = true;
+    enableCtrlAltBackspace = true;
+
+    displayManager = {
+      autoLogin = {
+        enable = true;
+        user = config.users.users.kiosk.name;
+      };
+      sessionCommands = ''
+        ${pkgs.xorg.xset}/bin/xset -dpms
+        ${pkgs.xorg.xset}/bin/xset s off
+      '';
+      session = [
+        {
+          manage = "desktop";
+          name = "youtube";
+          start = let startUrl = "https://youtube.com"; in ''
+            export PATH=$PATH:${lib.makeBinPath [ pkgs.chromium pkgs.xorg.xrandr pkgs.gawk pkgs.gnused ]}
+            SIZE="$(xrandr | awk '/\*\+/{print $1}' | sed s/x/,/)"
+
+            chromium \
+              --incognito --disable-translate \
+              --no-first-run --no-message-box --noerrdialogs \
+              --default-browser --no-default-browser-check \
+              --start-maximized --window-position=0,0 --window-size="$SIZE" \
+              --kiosk ${startUrl}
+            waitPID=$!
+          '';
+        }
+      ];
+    };
+  };
+
+  services.openssh = {
+    enable = true;
+    ports = [ 22022 ];
+    passwordAuthentication = false;
+  };
+
+  users.users.root.openssh.authorizedKeys.keys = kmeinKeys;
+
  boot.loader.systemd-boot = {
    enable = true;
    configurationLimit = 5;
@@ -27,5 +131,5 @@ in {
    ipv6 = "42:0:3c46:4007:5bce:f1bc:606b:2b18";
  };

-  system.stateVersion = "18.09";
+  system.stateVersion = "20.09";
 }
--- a/systems/scardanelli/hardware-configuration.nix
+++ b/systems/scardanelli/hardware-configuration.nix
@@ -7,17 +7,17 @@
  boot.extraModulePackages = [ ];

  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/8bc52e48-58e0-463d-8268-941a5a54cd4a";
+    device = "/dev/disk/by-label/nixos";
    fsType = "ext4";
  };

  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/6E76-4ED9";
+    device = "/dev/disk/by-label/boot";
    fsType = "vfat";
  };

  swapDevices =
-    [{ device = "/dev/disk/by-uuid/b7728657-9dbd-4377-bbc9-17252b8b88d0"; }];
+    [{ device = "/dev/disk/by-label/swap"; }];

  nix.maxJobs = lib.mkDefault 4;
  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
--- a/systems/toum/configuration.nix
+++ b/systems/toum/configuration.nix
@@ -71,7 +71,6 @@ in {

  nix.nixPath = [ "/var/src" ];

-
  boot.loader.grub.enable = false;
  boot.loader.generic-extlinux-compatible.enable = true;