Jimbo/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add initial support for Icecast and Liquidsoap, to later replace Azuracast and Docker

Browse source
This commit is contained in:
Jimbo 2024-09-07 00:38:19 -04:00
parent a0ac0f631c
commit 1e4989e67d
6 changed files with 58 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nixos/modules/ips.nix
View file

@ -4,4 +4,5 @@ rec {
server = "${localSpan}.2"; server = "${localSpan}.2";
pc = "${localSpan}.3"; pc = "${localSpan}.3";
vm = "${localSpan}.4"; vm = "${localSpan}.4";
hx = "${localSpan}.70";
} }

1
nixos/server.nix
View file

@ -22,6 +22,7 @@
./server/acme.nix ./server/acme.nix
./server/ddclient.nix ./server/ddclient.nix
./server/docker.nix ./server/docker.nix
./server/icecast.nix
./server/firewall.nix ./server/firewall.nix
./server/gitea.nix ./server/gitea.nix
./server/lemmy.nix ./server/lemmy.nix

16
nixos/server/firewall.nix
View file

@ -29,16 +29,18 @@
chain PREROUTING { chain PREROUTING {
type nat hook prerouting priority dstnat; policy accept; type nat hook prerouting priority dstnat; policy accept;
tcp dport 2211 dnat to ${ips.pc}:22 comment "SSH to PC" tcp dport 2211 dnat to ${ips.pc}:22 comment "SSH to PC"
udp dport { 27005, 27015, 7777 } dnat to ${ips.pc} comment "Games to PC" udp dport { 27005, 27015, 7777 } dnat to ${ips.pc} comment "PC Hosted Games"
tcp dport { 58010, 57989, 57984 } dnat to ${ips.pc} comment "Sunshine TCP to PC" tcp dport { 58010, 57989, 57984 } dnat to ${ips.pc} comment "PC Sunshine TCP"
udp dport { 57998, 57999, 58000 } dnat to ${ips.pc} comment "Sunshine UDP to PC" udp dport { 57998, 57999, 58000 } dnat to ${ips.pc} comment "PC Sunshine UDP"
tcp dport { 38010, 37989, 37984 } dnat to ${ips.vm} comment "Sunshine TCP to VM" tcp dport { 38010, 37989, 37984 } dnat to ${ips.vm} comment "VM Sunshine TCP"
udp dport { 37998, 37999, 38000 } dnat to ${ips.vm} comment "Sunshine UDP to VM" udp dport { 37998, 37999, 38000 } dnat to ${ips.vm} comment "VM Sunshine UDP"
udp dport { 7790, 7791, 7792 } dnat to ${ips.hx} comment "Deus Ex"
ip saddr ${outputs.secrets.cornIP} tcp dport { 9943, 9944 } dnat to ${ips.vm} comment "ALVR TCP to VM" ip saddr ${outputs.secrets.cornIP} tcp dport { 9943, 9944 } dnat to ${ips.vm} comment "VM ALVR TCP"
ip saddr ${outputs.secrets.cornIP} udp dport { 9943, 9944 } dnat to ${ips.vm} comment "ALVR UDP to VM" ip saddr ${outputs.secrets.cornIP} udp dport { 9943, 9944 } dnat to ${ips.vm} comment "VM ALVR UDP"
} }
chain POSTROUTING { chain POSTROUTING {
type nat hook postrouting priority 100; policy accept; type nat hook postrouting priority 100; policy accept;

41
nixos/server/icecast.nix
View file

@ -1,4 +1,4 @@
{outputs, ...}: { {pkgs, outputs, ...}: {
# Icecast, replacing Azuracast maybe # Icecast, replacing Azuracast maybe
services = { services = {
icecast = { icecast = {
@ -7,8 +7,45 @@
hostname = "icecast.${outputs.secrets.jimDomain}"; hostname = "icecast.${outputs.secrets.jimDomain}";
admin = { admin = {
user = "jimbo"; user = "jimbo";
password = "${outputs.secrets.castPass}"; password = "${outputs.secrets.castAdminPass}";
}; };
extraConf = ''
<authentication>
<source-password>${outputs.secrets.castSourcePass}</source-password>
</authentication>
'';
};
liquidsoap.streams = let
jimbops = ''
# CONFIGURATION
settings.log.stdout.set(true)
settings.init.allow_root.set(true)
settings.scheduler.fast_queues.set(2)
settings.decoder.file_extensions.mp4.set(["m4a", "m4b", "m4p", "m4v", "m4r", "3gp", "mp4"])
# Define the source with random playlist
jimbops = mksafe(normalize(playlist(mode='randomize', reload=1, reload_mode="rounds", "/export/JimboNFS/Music/")))
# Ensure the stream never stops
jimbops_fallback = fallback([jimbops, jimbops])
# Output configuration to Icecast
output.icecast(
%vorbis(channels=2, samplerate=48000, quality=0.8),
host="127.0.0.1",
port=265,
password="${outputs.secrets.castSourcePass}",
description="JimBops Radio",
url="https://icecast.jimbosfiles.com/jimbops.opus",
public=true,
icy_metadata=["artist", "title"],
genre="My personal music folder.",
mount="jimbops.opus",
jimbops_fallback
)
'';
in {
JimBops = pkgs.writeText "liquidjim" jimbops;
}; };
nginx.virtualHosts."icecast.${outputs.secrets.jimDomain}" = { nginx.virtualHosts."icecast.${outputs.secrets.jimDomain}" = {
enableACME = true; enableACME = true;

12
nixos/server/wireguard.nix
View file

@ -2,10 +2,14 @@
ips = import ../modules/ips.nix; ips = import ../modules/ips.nix;
in { in {
# enable NAT # enable NAT
networking.nat.enable = true; networking = {
networking.nat.externalInterface = "${ips.netInt}"; nat = {
networking.nat.internalInterfaces = [ "wg0" ]; enable = true;
networking.firewall.allowedUDPPorts = [ 51820 ]; externalInterface = "${ips.netInt}";
internalInterfaces = [ "wg0" ];
};
firewall.allowedUDPPorts = [ 51820 ];
};
networking.wireguard = { networking.wireguard = {
enable = true; enable = true;

BIN
secrets.nix
View file

Binary file not shown.