# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ../common-cli.nix ../common-gui.nix ]; boot.loader.efi.canTouchEfiVariables = true; boot.loader.grub = { efiSupport = true; device = "nodev"; zfsSupport = true; memtest86.enable = true; fontSize = 32; }; boot.kernelParams = [ "acpi_enforce_resources=lax" "zfs.zfs_arc_max=2147483648" ]; boot.tmpOnTmpfs = false; boot.supportedFilesystems = [ "zfs" ]; virtualisation.virtualbox.host.enable = true; # virtualisation.virtualbox.host.enableExtensionPack = true; # virtualisation.anbox.enable = true; virtualisation.podman.enable = true; services.zfs = { trim = { enable = true; interval = "monthly"; }; autoScrub = { enable = true; interval = "monthly"; }; autoSnapshot = { enable = true; monthly = 6; }; autoReplication = { enable = true; host = "nyanlout.re"; username = "zfspaulfixe"; identityFilePath = "/var/lib/zfs-replication/id_rsa"; localFilesystem = "fastaf/home"; remoteFilesystem = "loutrepool/zfs-replicate/paul-fixe"; }; }; hardware.bluetooth.enable = true; # Logitech G920 hardware.usbWwan.enable = true; # hardware.pulseaudio.extraConfig = '' # load-module module-null-sink sink_name=mic_denoised_out rate=48000 # load-module module-ladspa-sink sink_name=mic_raw_in sink_master=mic_denoised_out label=noise_suppressor_mono plugin=${pkgs.rnnoise-plugin}/lib/ladspa/librnnoise_ladspa.so control=50 # load-module module-loopback source=alsa_input.pci-0000_09_00.4.analog-stereo sink=mic_raw_in channels=1 source_dont_move=true sink_dont_move=true # load-module module-echo-cancel source_name=hd_mic source_master=mic_denoised_out.monitor sink_master=alsa_output.pci-0000_09_00.4.analog-stereo # set-default-source hd_mic # ''; # hardware.pulseaudio.configFile = pkgs.runCommand "default.pa" {} '' # sed '/module-switch-on-port-available$/d' \ # ${pkgs.pulseaudio}/etc/pulse/default.pa > $out # ''; services.udev.packages = with pkgs; [ usb-modeswitch-data # Logitech G920 ]; services.udev.extraRules = '' ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE="0664", GROUP="dialout" ''; security.pki.certificateFiles = [ ./codemasters.pem ]; networking.hostName = "paul-fixe"; networking.hostId = "3a1f739e"; networking.hosts = { "10.30.0.1" = ["emby.nyanlout.re" "nyanlout.re"]; }; environment.systemPackages = with pkgs; [ usb_modeswitch ]; programs.wireshark.enable = true; programs.wireshark.package = pkgs.wireshark; networking.firewall.enable = false; services.xserver.displayManager.autoLogin = { enable = true; user = "paul"; }; users.users.paul = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "wireshark" "input" "dialout" "libvirtd" "vboxusers" ]; uid = 1000; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDstFRwMoTEip5IBSYE4dUj3miO0LsKrnUKQJmp7d5QYo3VhXk43jU6VUU0tVAegkzWLlQ3ohoFns+8bZyf7hj7roftrDfoC9bbbx4ihhWrZTlF0gzoH4t52yetFO5eC/tV2sm/zFoa+3IWLokOEFmAoknAVag1MmVLXTQ6WPoTPD4UsX/D3lyE4dbSKxHpMOIjqIdqSEgO0BeTdnHe5afvGXXO1VYTvPsGDHT9w8EHwQV9JXIPn7KVOp3qin7OwvFFrrB3QbiEVTJvGiH2hrfxcARTN/+TxGtf+aOFeuQykURG9Wz/aBK60EWE0wGrzuIymxtNdOR1NhmnNrUZ976Tb9WdR7FC+yM6+/kdfICy+sGQmmn8TLsGvcJTT/pl4Pa9uRAKjRJuLIEgYY6W/ms9lCRyf484yRkDlq+V0BPuN9Jy6Eb7x+tmZNkpEtkqso7wfXD8sf5BIwv2K69SVMpfTswydHGmDwHZ0zaDKGlyCiyJ1QGqUhCTXqtYVq+kQ3AcjKcysMwVEmwx/ySu0XFuV8oUkl9XK/RUoc++sMEd0EbHcn8uwCmBARNX+GLQ03vxwyMW3HyneP8EAxoqtSepZXbTdVP/0i+l7EUUeA7zsaWfU2a82ktZWpVPFGfxkuo0l3zLF19EsXPKZNqlRfkOWjSgp+qWihAkQIQk3GoduQ== openpgp:0x75EE3375" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3fEmkmrhccW8NegIk/Ubu6Yw80VCQ1ttG419e+1V1wkJPXFAqcIhffwrIlz81dJ47T+H+zeptpAX8U1Gbk1B5ZH4DW8OcqU6ymM+j6g/gICpvrjJUOpdgyA3GIOjuBJGijGQGggDw1k2SdopAVV1H38YUAJ33RGDvjLJO6VREYLDYLF4oaDp8ann7Wn8BpX2T7cRvhrzqcwbEGaw1f/xrLE5KklOb6pOHRWFJMxW83d8OKiLkQvM4vFGlvvG0/AKGZaZWHDXS7ldoyAv+vnN8DrIxmWEQjdNLfAwYDBHp6XqE0slde4dqBjVHji5+ajFr7eJnrzc4IXsHJ1jM9xGB paul@loutreos" ]; }; services.netdata.enable = true; services.openssh.enable = true; services.openssh.passwordAuthentication = false; services.openssh.forwardX11 = true; # security.pki.certificates = [ # '' # -----BEGIN CERTIFICATE----- # MIIDoTCCAomgAwIBAgIGDorvJrq1MA0GCSqGSIb3DQEBCwUAMCgxEjAQBgNVBAMM # CW1pdG1wcm94eTESMBAGA1UECgwJbWl0bXByb3h5MB4XDTIwMDgzMDE5MjA1NloX # DTIzMDkwMTE5MjA1NlowKDESMBAGA1UEAwwJbWl0bXByb3h5MRIwEAYDVQQKDAlt # aXRtcHJveHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsUHB2if9A # L5ytR9VrZncwDdx3J6ZdA2+wZQe9EjtX5ax1r55bbQBoJmN2HqZCSA3vdvMzr42W # Jx0ksNhNocEGvER2dTUIqkUKeeYQIRCc5CD9T5IpUVVKm3aeJo+FATmuzg4m23MZ # a9Up4nCdUJwufSqzv0ZWvEHERWtRXPYRZ2t+vKqnCS+dOQ3NsGWvC+12i7kNMKyy # 0ylFBY/BZfaH/kMVzUijAnNQPWpW3T/Wqpx7z+IXZ+ccCQ1U1N26FXhSMa/+DenW # fo27QVNOu5cIIpAYmTl6+Oek0XLSH8oFLdjeVtBJuHFA1iAfmqPv4yJDKbSgg/d8 # Jb46BE2ZyW6RAgMBAAGjgdAwgc0wDwYDVR0TAQH/BAUwAwEB/zARBglghkgBhvhC # AQEEBAMCAgQweAYDVR0lBHEwbwYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcD # BAYIKwYBBQUHAwgGCisGAQQBgjcCARUGCisGAQQBgjcCARYGCisGAQQBgjcKAwEG # CisGAQQBgjcKAwMGCisGAQQBgjcKAwQGCWCGSAGG+EIEATAOBgNVHQ8BAf8EBAMC # AQYwHQYDVR0OBBYEFEiFqrQtFmTV66rlQ9SCqp7ohrtsMA0GCSqGSIb3DQEBCwUA # A4IBAQBfH5xpxt4mCdnjiISaMeEcKuur2kfVbQEKNceDeKLZJfcwEkMtAr0LeyMV # 1hkExtvyU0JPmgyzU7Le4UHEB8pwyyD3kYx7vBtxjVSXAbK1YKgDllPmXtlJGmA/ # SMuxnwkUXwMeZBxmu8LR1SOQiMX+aZvYbQIjigduXOC/ZSHYtJbh+RmrvHFEBu7L # zZx8DzJKOmlfo9gohNIW1ucRM6B4B5yy5plqurGlkFPHlRqGoWkJPI4oB+cobzMh # QidzHgk4Set3bqIuYAsqtHGxdTtnGooagQBUWt0CxmGdmonofzinsAAasKprcBl6 # QaNGz7o/LfHprXvCM1mHjbVVbZN2 # -----END CERTIFICATE----- # '' # ]; # services.wakeonlan.interfaces = [ { interface = "eno1"; method = "magicpacket"; } ]; services.nginx = { enable = true; recommendedGzipSettings = true; recommendedOptimisation = true; package = pkgs.nginx.override { modules = with pkgs.nginxModules; [ rtmp ]; }; virtualHosts."stream.nyanlout.re" = { locations."/" = { root = "/var/www/hls/"; extraConfig = '' add_header Cache-Control no-cache; add_header Access-Control-Allow-Origin *; ''; }; default = true; }; appendConfig = let rootLocation = config.services.nginx.virtualHosts."stream.nyanlout.re".locations."/".root; in '' rtmp { server { listen 1935; application live { live on; interleave on; exec_push ${pkgs.ffmpeg}/bin/ffmpeg -i rtmp://localhost/$app/$name -async 1 -vsync -1 -c:v libx264 -c:a aac -b:v 256k -b:a 96k -vf "scale=480:trunc(ow/a/2)*2" -tune zerolatency -preset veryfast -crf 23 -f flv rtmp://localhost/show/$name_low -c:v libx264 -c:a aac -b:v 768k -b:a 96k -vf "scale=720:trunc(ow/a/2)*2" -tune zerolatency -preset veryfast -crf 23 -f flv rtmp://localhost/show/$name_mid -c:v libx264 -c:a aac -b:v 1024k -b:a 128k -vf "scale=960:trunc(ow/a/2)*2" -tune zerolatency -preset veryfast -crf 23 -f flv rtmp://localhost/show/$name_high -c:v libx264 -c:a aac -b:v 1920k -b:a 128k -vf "scale=1280:trunc(ow/a/2)*2" -tune zerolatency -preset veryfast -crf 23 -f flv rtmp://localhost/show/$name_hd720 -c copy -f flv rtmp://localhost/show/$name_src 2>>${rootLocation}/ffmpeg-$name.log; } application show { live on; hls on; hls_path ${rootLocation}; hls_fragment 5; hls_playlist_length 10; hls_nested on; hls_variant _low BANDWIDTH=352000; # Low bitrate, sub-SD resolution hls_variant _mid BANDWIDTH=448000; # Medium bitrate, SD resolution hls_variant _high BANDWIDTH=1152000; # High bitrate, higher-than-SD resolution hls_variant _hd720 BANDWIDTH=2048000; # High bitrate, HD 720p resolution hls_variant _src BANDWIDTH=8192000; # Source bitrate, source resolution } } } ''; }; services.xserver.deviceSection = '' Option "metamodes" "DP-0: 3440x1440_144 +0+0 {AllowGSYNCCompatible=On}" ''; systemd = let DP0Config = "--mode 3440x1440 --rate 144"; DP2Config = "--auto --left-of DP-0"; HDMIConfig = "--auto --left-of DP-0"; in { services = { wol = { description = "Wake-on-LAN"; wantedBy = [ "multi-user.target" ]; requires = [ "network.target" ]; after = [ "network.target" ]; script = '' ${pkgs.ethtool}/sbin/ethtool -s eno1 wol g ''; serviceConfig.Type = "oneshot"; }; nginx.serviceConfig.ReadWritePaths = "/var/www/hls"; zfs-replication.serviceConfig.StateDirectory = "zfs-replication"; }; user.services = { "enableTV" = { description = "Enable TV output"; script = '' ${pkgs.xorg.xrandr}/bin/xrandr --output DP-0 --mode 3440x1440 --rate 144 --primary /run/current-system/sw/bin/nvidia-settings --assign CurrentMetaMode="DP-0: 3440x1440_144 { AllowGSYNCCompatible=On }" ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-0 ${HDMIConfig} ''; conflicts = ["CSMode.service"]; serviceConfig.Type = "oneshot"; }; "primaryTV" = { description = "Set TV output as primary"; script = '' ${pkgs.xorg.xrandr}/bin/xrandr --output DP-0 --mode 3440x1440 --rate 144 /run/current-system/sw/bin/nvidia-settings --assign CurrentMetaMode="DP-0: 3440x1440_144 { AllowGSYNCCompatible=On }" ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-0 --primary ${HDMIConfig} ''; conflicts = ["CSMode.service"]; serviceConfig.Type = "oneshot"; }; "FreeSyncMode" = { description = "Enable FreeSync screen only"; script = '' ${pkgs.xorg.xrandr}/bin/xrandr --output DP-0 --mode 3440x1440 --rate 144 /run/current-system/sw/bin/nvidia-settings --assign CurrentMetaMode="DP-0: 3440x1440_144 { AllowGSYNCCompatible=On }" ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-0 --off ''; conflicts = ["CSMode.service"]; serviceConfig.Type = "oneshot"; }; "CSMode" = { description = "Enable 4:3 black bars"; script = '' ${pkgs.xorg.xrandr}/bin/xrandr --output DP-0 --mode 3440x1440 --rate 144 --primary /run/current-system/sw/bin/nvidia-settings --assign CurrentMetaMode="DP-0: 3440x1440_144 { ViewPortIn=3440x1440, ViewPortOut=1920x1440+760+0, AllowGSYNCCompatible=On }" ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-0 --off ''; preStop = '' /run/current-system/sw/bin/nvidia-settings --assign CurrentMetaMode="DP-0: 3440x1440_144 { ViewPortIn=3440x1440, ViewPortOut=3440x1440+0+0, AllowGSYNCCompatible=On }" ''; serviceConfig = { Type = "oneshot"; RemainAfterExit = true; }; }; }; }; system.stateVersion = "20.03"; }