diff --git a/systems/LoutreOS/configuration.nix b/systems/LoutreOS/configuration.nix index 76d572f..65c875f 100644 --- a/systems/LoutreOS/configuration.nix +++ b/systems/LoutreOS/configuration.nix @@ -32,8 +32,6 @@ in "nixos-config=/etc/nixos/configuration.nix" ]; - documentation.nixos.enable = false; - nixpkgs.config.allowUnfree = false; nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem pkg.pname or (builtins.parseDrvName pkg.name).name [ "factorio-headless" "perl5.32.0-slimserver" "minecraft-server" ]); diff --git a/systems/LoutreOS/medias.nix b/systems/LoutreOS/medias.nix index 6ed2c0e..f643edf 100644 --- a/systems/LoutreOS/medias.nix +++ b/systems/LoutreOS/medias.nix @@ -29,12 +29,9 @@ dataDir = "/var/lib/slimserver"; }; - navidrome = { + airsonic = { enable = true; - settings = { - MusicFolder = "/mnt/medias/musique"; - ImageCacheSize = 0; - }; + maxMemory = 500; }; }; diff --git a/systems/LoutreOS/monitoring.nix b/systems/LoutreOS/monitoring.nix index b1ce207..d60beed 100644 --- a/systems/LoutreOS/monitoring.nix +++ b/systems/LoutreOS/monitoring.nix @@ -112,99 +112,8 @@ in ZED_EMAIL_ADDR = [ "paul@nyanlout.re" ]; ZED_NOTIFY_VERBOSE = true; }; - - loki = { - enable = true; - configuration = { - auth_enabled = false; - server.http_listen_port = 3100; - ingester = { - lifecycler = { - address = "127.0.0.1"; - ring = { - kvstore.store = "inmemory"; - replication_factor = 1; - }; - }; - chunk_idle_period = "1h"; - chunk_target_size = 1000000; - }; - schema_config.configs = [ - { - from = "2018-04-15"; - store = "boltdb"; - object_store = "filesystem"; - schema = "v11"; - index = { - prefix = "index_"; - period = "168h"; - }; - } - ]; - storage_config = { - boltdb.directory = "/var/lib/loki/index"; - filesystem.directory = "/var/lib/loki/chunks"; - }; - limits_config = { - enforce_metric_name = false; - reject_old_samples = true; - reject_old_samples_max_age = "168h"; - }; - chunk_store_config.max_look_back_period = "168h"; - table_manager = { - retention_deletes_enabled = true; - retention_period = "168h"; - }; - }; - }; - - promtail = { - enable = true; - configuration = { - server = { - http_listen_port = 9080; - grpc_listen_port = 0; - }; - positions.filename = "/tmp/positions.yaml"; - clients = [ { url = "http://127.0.0.1:3100/loki/api/v1/push"; } ]; - scrape_configs = [ - { - job_name = "nginx"; - static_configs = [ - { - labels = { - job = "nginx"; - __path__ = "/var/log/nginx/*log"; - }; - } - ]; - pipeline_stages = [ - { - match = { - selector = ''{job="nginx"}''; - stages = [ - { - regex.expression = ''^(?P[\w\.]+) - (?P[^ ]*) \[(?P.*)\] "(?P[^ ]*) (?P[^ ]*) (?P[^ ]*)" (?P[\d]+) (?P[\d]+) "(?P[^"]*)" "(?P[^"]*)"?''; - } - { - labels = { - method = null; - request = null; - status = null; - }; - } - ]; - }; - } - ]; - } - ]; - }; - }; }; - systemd.services.promtail.serviceConfig.SupplementaryGroups = [ "nginx" ]; - security.sudo.extraRules = [ { commands = [ { command = "${pkgs.smartmontools}/bin/smartctl"; options = [ "NOPASSWD" ]; } ]; users = [ "telegraf" ]; } ]; diff --git a/systems/LoutreOS/services.nix b/systems/LoutreOS/services.nix index 266d9d1..171056b 100644 --- a/systems/LoutreOS/services.nix +++ b/systems/LoutreOS/services.nix @@ -27,7 +27,7 @@ in ../../services/mail-server.nix ../../services/python-ci.nix ../../services/sdtdserver.nix - # ../../containers/vsftpd.nix + ../../containers/vsftpd.nix # /mnt/secrets/factorio_secrets.nix ./monitoring.nix ./medias.nix @@ -35,22 +35,6 @@ in ]; services = { - redis.enable = true; - - logrotate = { - enable = true; - paths = { - nginx = { - path = "/var/log/nginx/*.log"; - user = config.services.nginx.user; - group = config.services.nginx.group; - keep = 7; - extraConfig = '' - compress - ''; - }; - }; - }; fail2ban.enable = true; @@ -279,7 +263,6 @@ in "10.40.249.1".name = "Bureau"; "10.40.249.2".name = "Cuisine"; }; - zha = null; esphome = null; light = [ { @@ -403,27 +386,7 @@ in ]; automation = let min_sun_elevation = 4; - - switch_chambre = { - domain = "zha"; - platform = "device"; - device_id = "3329ecdcad244e5e8fc0f4b96d52ffe1"; - }; - - switch_entree = { - domain = "zha"; - platform = "device"; - device_id = "7cd814190ec543dba76a7aa7e7996c41"; - }; - - remote = { - domain = "zha"; - platform = "device"; - device_id = "d1230b76264e483388a8fdaad4f44143"; - }; in [ - # ENTREE - { alias = "Aziz lumière"; trigger = [ @@ -433,6 +396,11 @@ in value_template = "{{ state.attributes.elevation }}"; below = min_sun_elevation; } + { + platform = "state"; + entity_id = "person.paul"; + to = "home"; + } ]; condition = [ { @@ -445,34 +413,27 @@ in condition = "template"; value_template = "{{ state_attr('sun.sun', 'elevation') < ${toString min_sun_elevation} }}"; } + # All lights off + { + condition = "template"; + value_template = '' + {% set domain = 'light' %} + {% set state = 'off' %} + {{ states[domain] | count == states[domain] | selectattr('state','eq', state) | list | count }} + ''; + } ]; action = { scene = "scene.home"; }; } - { - alias = "Aziz lumière switch"; - trigger = { - type = "remote_button_short_press"; - subtype = "turn_on"; - } // switch_entree; - action = { - scene = "scene.home"; - }; - } { alias = "Adios"; - trigger = [ - { - platform = "state"; - entity_id = "person.paul"; - to = "not_home"; - } - ({ - type = "remote_button_short_press"; - subtype = "turn_off"; - } // switch_entree) - ]; + trigger = { + platform = "state"; + entity_id = "person.paul"; + to = "not_home"; + }; action = [ { service = "light.turn_off"; @@ -484,129 +445,6 @@ in } ]; } - - # REMOTE - - { - alias = "Button toggle"; - trigger = { - type = "remote_button_short_press"; - subtype = "turn_on"; - } // remote; - action = { - choose = { - conditions = { - condition = "template"; - value_template = '' - {% set domain = 'light' %} - {% set state = 'off' %} - {{ states[domain] | count == states[domain] | selectattr('state','eq',state) | list | count }} - ''; - }; - sequence = { - scene = "scene.home"; - }; - }; - default = { - service = "light.turn_off"; - entity_id = "all"; - }; - }; - } - { - alias = "Button scene movie"; - trigger = { - type = "remote_button_short_press"; - subtype = "right"; - } // remote; - action = { - scene = "scene.movie"; - }; - } - { - alias = "Button scene home"; - trigger = { - type = "remote_button_short_press"; - subtype = "left"; - } // remote; - action = { - scene = "scene.home"; - }; - } - { - alias = "Button light up"; - trigger = { - type = "remote_button_short_press"; - subtype = "dim_up"; - } // remote; - action = { - service = "light.turn_on"; - entity_id = "light.salon"; - data = { - brightness_step = 25; - }; - }; - } - { - alias = "Button light down"; - trigger = { - type = "remote_button_short_press"; - subtype = "dim_down"; - } // remote; - action = { - service = "light.turn_on"; - entity_id = "light.salon"; - data = { - brightness_step = -25; - }; - }; - } - - # CHAMBRE - - { - alias = "Button scene night"; - trigger = { - type = "remote_button_short_press"; - subtype = "turn_on"; - } // switch_chambre; - action = { - scene = "scene.night"; - }; - } - { - alias = "Button scene dodo"; - trigger = { - type = "remote_button_short_press"; - subtype = "turn_off"; - } // switch_chambre; - action = { - service = "light.turn_off"; - entity_id = "all"; - }; - } - { - alias = "Button scene lumière chambre ON"; - trigger = { - type = "remote_button_long_press"; - subtype = "dim_up"; - } // switch_chambre; - action = { - service = "light.turn_on"; - entity_id = "light.chambre"; - }; - } - { - alias = "Button scene lumière chambre OFF"; - trigger = { - type = "remote_button_long_press"; - subtype = "dim_down"; - } // switch_chambre; - action = { - service = "light.turn_off"; - entity_id = "light.chambre"; - }; - } ]; }; }; diff --git a/systems/LoutreOS/web.nix b/systems/LoutreOS/web.nix index 994131d..2d5518e 100644 --- a/systems/LoutreOS/web.nix +++ b/systems/LoutreOS/web.nix @@ -57,7 +57,6 @@ in services = { phpfpm.pools.work = { user = config.users.users.work.name; - phpPackage = pkgs.php.withExtensions ({ all, ... }: with all; [ redis filter ]); settings = { "listen.owner" = config.services.nginx.user; "pm" = "dynamic"; @@ -71,7 +70,7 @@ in nginx = { enable = true; package = pkgs.nginx.override { - modules = with pkgs.nginxModules; [ dav ]; + modules = with pkgs.nginxModules; [ rtmp dav ]; }; recommendedGzipSettings = true; recommendedOptimisation = true; @@ -183,7 +182,11 @@ in "maxspiegel.fr" = base { "/" = { root = "/run/python-ci/nyanloutre/site-max"; }; }; "stream.nyanlout.re" = base { "/" = { - proxyPass = "http://10.30.135.71"; + root = "/var/www/hls/"; + extraConfig = '' + add_header Cache-Control no-cache; + add_header Access-Control-Allow-Origin *; + ''; }; }; "login.nyanlout.re" = simpleReverse config.services.nginx.sso.configuration.listen.port; @@ -195,10 +198,10 @@ in "jackett.nyanlout.re" = authReverse 9117; "pgmanage.nyanlout.re" = authReverse config.services.pgmanage.port; "matrix.nyanlout.re" = simpleReverse 8008; + "airsonic.nyanlout.re" = simpleReverse 4040; "emby.nyanlout.re" = simpleReverse 8096; "ci.nyanlout.re" = simpleReverse 52350; "gitea.nyanlout.re" = simpleReverse config.services.gitea.httpPort; - "musique.nyanlout.re" = simpleReverse config.services.navidrome.settings.Port; "apart.nyanlout.re" = recursiveUpdate (simpleReverse config.services.home-assistant.port) { locations."/" = { proxyWebsockets = true; @@ -211,7 +214,7 @@ in dav_ext_methods PROPFIND OPTIONS; ''; }; - "~ ^/(_h5ai/public/index|random).php" = { + "/_h5ai/public/index.php" = { extraConfig = '' fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:${config.services.phpfpm.pools.work.socket}; @@ -219,13 +222,39 @@ in include ${pkgs.nginx}/conf/fastcgi.conf; ''; }; - } // { - root = "/mnt/medias/iso_linux"; - extraConfig = '' - access_log /var/log/nginx/$host.log; - ''; - }; + } // { root = "/mnt/medias/iso_linux"; }; }; + appendConfig = let + rootLocation = config.services.nginx.virtualHosts."stream.nyanlout.re".locations."/".root; + in '' + rtmp { + server { + listen 1935; + + application live { + live on; + + exec_push ${pkgs.ffmpeg}/bin/ffmpeg -i rtmp://localhost/$app/$name -async 1 -vsync -1 + -c:v libx264 -c:a aac -b:v 768k -b:a 96k -vf "scale=720:trunc(ow/a/2)*2" -tune zerolatency -preset ultrafast -crf 28 -f flv rtmp://localhost/show/$name_mid + -c:v libx264 -c:a aac -b:v 1024k -b:a 128k -vf "scale=960:trunc(ow/a/2)*2" -tune zerolatency -preset ultrafast -crf 28 -f flv rtmp://localhost/show/$name_high + -c copy -f flv rtmp://localhost/show/$name_src 2>>${rootLocation}/ffmpeg-$name.log; + } + + application show { + live on; + hls on; + + hls_path ${rootLocation}; + hls_fragment 3s; + hls_playlist_length 60s; + + hls_variant _mid BANDWIDTH=448000; # Medium bitrate, SD resolution + hls_variant _high BANDWIDTH=1152000; # High bitrate, higher-than-SD resolution + hls_variant _src BANDWIDTH=4096000; # Source bitrate, source resolution + } + } + } + ''; }; postgresql = { @@ -263,7 +292,7 @@ in python-ci.enable = true; mastodon = { - enable = false; + enable = true; localDomain = "social.nyanlout.re"; configureNginx = true; extraConfig = { @@ -285,9 +314,7 @@ in systemd.services.phpfpm-work.serviceConfig = { ReadOnlyPaths = "/mnt/medias/iso_linux"; - ReadWritePaths = [ - "/mnt/medias/iso_linux/_h5ai" - ]; + ReadWritePaths = "/mnt/medias/iso_linux/_h5ai"; }; systemd.services.site-musique = let