yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

migrate moonlight/sunshine to vars

Browse Source
This commit is contained in:
Jörg Thalheim
2025-04-16 15:03:35 +02:00
parent ee16f7c072
commit cdfd03a067
2 changed files with 43 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
clanModules/moonlight/default.nix
View File

@@ -1,6 +1,6 @@
{ pkgs, config, ... }:
let
ms-accept = pkgs.callPackage ../pkgs/moonlight-sunshine-accept { };
ms-accept = pkgs.callPackage ../../pkgs/moonlight-sunshine-accept { };
defaultPort = 48011;
in
{
@@ -13,10 +13,10 @@ in
systemd.tmpfiles.rules = [
"d '/var/lib/moonlight' 0770 'user' 'users' - -"
"C '/var/lib/moonlight/moonlight.cert' 0644 'user' 'users' - ${
config.clan.core.facts.services.moonlight.secret."moonlight.cert".path or ""
config.clan.core.vars.generators.moonlight.files."moonlight.cert".path or ""
}"
"C '/var/lib/moonlight/moonlight.key' 0644 'user' 'users' - ${
config.clan.core.facts.services.moonlight.secret."moonlight.key".path or ""
config.clan.core.vars.generators.moonlight.files."moonlight.key".path or ""
}"
];
@@ -45,7 +45,7 @@ in
systemd.user.services.moonlight-join = {
description = "Join sunshine hosts";
script = ''${ms-accept}/bin/moonlight-sunshine-accept moonlight join --port ${builtins.toString defaultPort} --cert '${
config.clan.core.facts.services.moonlight.public."moonlight.cert".value or ""
config.clan.core.vars.generators.moonlight.files."moonlight.cert".value or ""
}' --host fd2e:25da:6035:c98f:cd99:93e0:b9b8:9ca1'';
serviceConfig = {
Type = "oneshot";
@@ -68,19 +68,20 @@ in
};
};
clan.core.facts.services.moonlight = {
secret."moonlight.key" = { };
secret."moonlight.cert" = { };
public."moonlight.cert" = { };
generator.path = [
clan.core.vars.generators.moonlight = {
migrateFact = "moonlight";
files."moonlight.key" = { };
files."moonlight.cert" = { };
files."moonlight.cert".secret = false;
runtimeInputs = [
pkgs.coreutils
ms-accept
];
generator.script = ''
script = ''
moonlight-sunshine-accept moonlight init
mv credentials/cakey.pem "$secrets"/moonlight.key
cp credentials/cacert.pem "$secrets"/moonlight.cert
mv credentials/cacert.pem "$facts"/moonlight.cert
mv credentials/cakey.pem "$out"/moonlight.key
cp credentials/cacert.pem "$out"/moonlight.cert
mv credentials/cacert.pem "$out"/moonlight.cert
'';
};
}

66
clanModules/sunshine/default.nix
View File

@@ -5,7 +5,7 @@
...
}:
let
ms-accept = pkgs.callPackage ../pkgs/moonlight-sunshine-accept { };
ms-accept = pkgs.callPackage ../../pkgs/moonlight-sunshine-accept { };
sunshineConfiguration = pkgs.writeText "sunshine.conf" ''
address_family = both
channels = 5
@@ -47,19 +47,6 @@ in
to = 48010;
}
];
networking.firewall.interfaces."zt+".allowedTCPPorts = [
47984
47989
47990
48010
listenPort
];
networking.firewall.interfaces."zt+".allowedUDPPortRanges = [
{
from = 47998;
to = 48010;
}
];
environment.systemPackages = [
ms-accept
@@ -97,10 +84,10 @@ in
systemd.tmpfiles.rules = [
"d '/var/lib/sunshine' 0770 'user' 'users' - -"
"C '/var/lib/sunshine/sunshine.cert' 0644 'user' 'users' - ${
config.clan.core.facts.services.sunshine.secret."sunshine.cert".path or ""
config.clan.core.vars.generators.sunshine.files."sunshine.cert".path or ""
}"
"C '/var/lib/sunshine/sunshine.key' 0644 'user' 'users' - ${
config.clan.core.facts.services.sunshine.secret."sunshine.key".path or ""
config.clan.core.vars.generators.sunshine.files."sunshine.key".path or ""
}"
];
@@ -117,8 +104,8 @@ in
RestartSec = "5s";
ReadWritePaths = [ "/var/lib/sunshine" ];
ReadOnlyPaths = [
(config.clan.core.facts.services.sunshine.secret."sunshine.key".path or "")
(config.clan.core.facts.services.sunshine.secret."sunshine.cert".path or "")
(config.clan.core.vars.services.sunshine.files."sunshine.key".path or "")
(config.clan.core.vars.services.sunshine.files."sunshine.cert".path or "")
];
};
wantedBy = [ "graphical-session.target" ];
@@ -136,9 +123,9 @@ in
startLimitBurst = 5;
startLimitIntervalSec = 500;
script = ''
${ms-accept}/bin/moonlight-sunshine-accept sunshine init-state --uuid ${
config.clan.core.facts.services.sunshine.public.sunshine-uuid.value or null
} --state-file /var/lib/sunshine/state.json
${ms-accept}/bin/moonlight-sunshine-accept sunshine init-state \
--uuid ${config.clan.core.vars.generators.sunshine.files.sunshine-uuid.value} \
--state-file /var/lib/sunshine/state.json
'';
serviceConfig = {
Restart = "on-failure";
@@ -172,11 +159,11 @@ in
startLimitBurst = 5;
startLimitIntervalSec = 500;
script = ''
${ms-accept}/bin/moonlight-sunshine-accept sunshine listen --port ${builtins.toString listenPort} --uuid ${
config.clan.core.facts.services.sunshine.public.sunshine-uuid.value or null
} --state /var/lib/sunshine/state.json --cert '${
config.clan.core.facts.services.sunshine.public."sunshine.cert".value or null
}'
${ms-accept}/bin/moonlight-sunshine-accept sunshine listen --port ${builtins.toString listenPort} \
--uuid ${config.clan.core.vars.generators.sunshine.files.sunshine-uuid.value} \
--state /var/lib/sunshine/state.json --cert '${
config.clan.core.vars.generators.sunshine.files."sunshine.cert".value
}'
'';
serviceConfig = {
# );
@@ -187,21 +174,26 @@ in
wantedBy = [ "graphical-session.target" ];
};
clan.core.facts.services.ergochat = {
secret."sunshine.key" = { };
secret."sunshine.cert" = { };
public."sunshine-uuid" = { };
public."sunshine.cert" = { };
generator.path = [
clan.core.vars.generators.sunshine = {
# generator was named incorrectly in the past
migrateFact = "ergochat";
files."sunshine.key" = { };
files."sunshine.cert" = { };
files."sunshine-uuid".secret = false;
files."sunshine.cert".secret = false;
runtimeInputs = [
pkgs.coreutils
ms-accept
];
generator.script = ''
script = ''
moonlight-sunshine-accept sunshine init
mv credentials/cakey.pem "$secrets"/sunshine.key
cp credentials/cacert.pem "$secrets"/sunshine.cert
mv credentials/cacert.pem "$facts"/sunshine.cert
mv uuid "$facts"/sunshine-uuid
mv credentials/cakey.pem "$out"/sunshine.key
cp credentials/cacert.pem "$out"/sunshine.cert
mv credentials/cacert.pem "$out"/sunshine.cert
mv uuid "$out"/sunshine-uuid
'';
};
}