From d4b6eb447ca5e87199470c6bd68aece89f1016ac Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Wed, 8 Nov 2023 09:26:34 +0100 Subject: [PATCH] improved chungus --- nixos/machines/chungus/configuration.nix | 2 +- .../machines/chungus/media-audiobookshelf.nix | 8 +- nixos/machines/chungus/packages.nix | 4 +- nixos/machines/chungus/tts.nix | 92 ------------------- 4 files changed, 10 insertions(+), 96 deletions(-) delete mode 100644 nixos/machines/chungus/tts.nix diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix index cb0843d..644b303 100644 --- a/nixos/machines/chungus/configuration.nix +++ b/nixos/machines/chungus/configuration.nix @@ -60,7 +60,7 @@ components.gui.enable = false; components.mainUser.enable = true; - components.media.tts-server.enable = true; + components.media.tts-server.enable = false; components.network.enable = true; components.network.wifi.enable = false; components.terminal.enable = true; diff --git a/nixos/machines/chungus/media-audiobookshelf.nix b/nixos/machines/chungus/media-audiobookshelf.nix index 5c47a53..25e1fef 100644 --- a/nixos/machines/chungus/media-audiobookshelf.nix +++ b/nixos/machines/chungus/media-audiobookshelf.nix @@ -10,11 +10,15 @@ in group = group; }; + # make available in retiolum + #networking.firewall.interfaces."tinc.retiolum".allowedTCPPorts = [ port ]; + #networking.firewall.interfaces."tinc.retiolum".allowedUDPPorts = [ port ]; + networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ port ]; networking.firewall.interfaces.enp0s31f6.allowedUDPPorts = [ port ]; - networking.firewall.interfaces.wq0.allowedTCPPorts = [ port ]; - networking.firewall.interfaces.wq0.allowedUDPPorts = [ port ]; + networking.firewall.interfaces.wg0.allowedTCPPorts = [ port ]; + networking.firewall.interfaces.wg0.allowedUDPPorts = [ port ]; systemd.services.audiobookshelf = { enable = true; diff --git a/nixos/machines/chungus/packages.nix b/nixos/machines/chungus/packages.nix index 2d9c1bc..f0e4a0b 100644 --- a/nixos/machines/chungus/packages.nix +++ b/nixos/machines/chungus/packages.nix @@ -3,10 +3,12 @@ { environment.systemPackages = [ pkgs.mediainfo - pkgs.youtube-dl pkgs.mnamer pkgs.mc pkgs.unrar pkgs.unzip + + pkgs.zfs-prune-snapshots + pkgs.zfstools ]; } diff --git a/nixos/machines/chungus/tts.nix b/nixos/machines/chungus/tts.nix deleted file mode 100644 index 71783a7..0000000 --- a/nixos/machines/chungus/tts.nix +++ /dev/null @@ -1,92 +0,0 @@ -{ pkgs -, config -, ... -}: { - - #systemd.services.tts = { - # after = [ "network.target" ]; - # wantedBy = [ "multi-user.target" ]; - # path = [ pkgs.espeak ]; - # environment.HOME = "/var/lib/tts"; - # serviceConfig = { - # CapabilityBoundingSet = ""; - # DeviceAllow = ""; - # DevicePolicy = "closed"; - # LockPersonality = true; - # # jit via numba->llvmpipe - # MemoryDenyWriteExecute = false; - # PrivateDevices = true; - # PrivateUsers = true; - # ProtectHome = true; - # ProtectHostname = true; - # ProtectKernelLogs = true; - # ProtectKernelModules = true; - # ProtectKernelTunables = true; - # ProtectControlGroups = true; - # ProtectProc = "invisible"; - # ProcSubset = "pid"; - # RestrictAddressFamilies = [ - # "AF_UNIX" - # "AF_INET" - # "AF_INET6" - # ]; - # RestrictRealtime = true; - # RestrictNamespaces = true; - # SystemCallArchitectures = "native"; - # SystemCallFilter = [ - # "@system-service" - # "~@privileged" - # ]; - # UMask = "0077"; - # StateDirectory = "tts"; - # DynamicUser = true; - # User = "tts"; - # Group = "tts"; - # ExecStart = '' - # ${pkgs.tts}/bin/tts-server --model_name tts_models/en/ljspeech/vits --port 5004 - # ''; - # }; - #}; - - # find models with ${pkgs.tts}/bin/tts --list_models - services.tts = { - servers = { - english = { - enable = true; - port = 5300; - #model = "tts_models/en/ljspeech/tacotron2-DDC"; - model = "tts_models/en/ljspeech/vits"; - }; - german = { - enable = true; - port = 5301; - #model = "tts_models/de/thorsten/tacotron2-DDC"; - model = "tts_models/de/thorsten/vits"; - }; - }; - }; - # fixes some issues - systemd.services.tts-german.serviceConfig.RestrictAddressFamilies = [ - "AF_UNIX" - ]; - systemd.services.tts-english.serviceConfig.RestrictAddressFamilies = [ - "AF_UNIX" - ]; - - - - - services.nginx = { - recommendedProxySettings = true; - enable = true; - virtualHosts."tts.${config.networking.hostName}.private" = { - locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.english.port}"; - }; - virtualHosts."en.tts.${config.networking.hostName}.private" = { - locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.english.port}"; - }; - virtualHosts."de.tts.${config.networking.hostName}.private" = { - locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.german.port}"; - }; - }; -}