From d4b6eb447ca5e87199470c6bd68aece89f1016ac Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Wed, 8 Nov 2023 09:26:34 +0100
Subject: [PATCH] improved chungus

---
 nixos/machines/chungus/configuration.nix      |  2 +-
 .../machines/chungus/media-audiobookshelf.nix |  8 +-
 nixos/machines/chungus/packages.nix           |  4 +-
 nixos/machines/chungus/tts.nix                | 92 -------------------
 4 files changed, 10 insertions(+), 96 deletions(-)
 delete mode 100644 nixos/machines/chungus/tts.nix

diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix
index cb0843d..644b303 100644
--- a/nixos/machines/chungus/configuration.nix
+++ b/nixos/machines/chungus/configuration.nix
@@ -60,7 +60,7 @@
 
   components.gui.enable = false;
   components.mainUser.enable = true;
-  components.media.tts-server.enable = true;
+  components.media.tts-server.enable = false;
   components.network.enable = true;
   components.network.wifi.enable = false;
   components.terminal.enable = true;
diff --git a/nixos/machines/chungus/media-audiobookshelf.nix b/nixos/machines/chungus/media-audiobookshelf.nix
index 5c47a53..25e1fef 100644
--- a/nixos/machines/chungus/media-audiobookshelf.nix
+++ b/nixos/machines/chungus/media-audiobookshelf.nix
@@ -10,11 +10,15 @@ in
     group = group;
   };
 
+  # make available in retiolum
+  #networking.firewall.interfaces."tinc.retiolum".allowedTCPPorts = [ port ];
+  #networking.firewall.interfaces."tinc.retiolum".allowedUDPPorts = [ port ];
+
   networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ port ];
   networking.firewall.interfaces.enp0s31f6.allowedUDPPorts = [ port ];
 
-  networking.firewall.interfaces.wq0.allowedTCPPorts = [ port ];
-  networking.firewall.interfaces.wq0.allowedUDPPorts = [ port ];
+  networking.firewall.interfaces.wg0.allowedTCPPorts = [ port ];
+  networking.firewall.interfaces.wg0.allowedUDPPorts = [ port ];
 
   systemd.services.audiobookshelf = {
     enable = true;
diff --git a/nixos/machines/chungus/packages.nix b/nixos/machines/chungus/packages.nix
index 2d9c1bc..f0e4a0b 100644
--- a/nixos/machines/chungus/packages.nix
+++ b/nixos/machines/chungus/packages.nix
@@ -3,10 +3,12 @@
 {
   environment.systemPackages = [
     pkgs.mediainfo
-    pkgs.youtube-dl
     pkgs.mnamer
     pkgs.mc
     pkgs.unrar
     pkgs.unzip
+
+    pkgs.zfs-prune-snapshots
+    pkgs.zfstools
   ];
 }
diff --git a/nixos/machines/chungus/tts.nix b/nixos/machines/chungus/tts.nix
deleted file mode 100644
index 71783a7..0000000
--- a/nixos/machines/chungus/tts.nix
+++ /dev/null
@@ -1,92 +0,0 @@
-{ pkgs
-, config
-, ...
-}: {
-
-  #systemd.services.tts = {
-  #  after = [ "network.target" ];
-  #  wantedBy = [ "multi-user.target" ];
-  #  path = [ pkgs.espeak ];
-  #  environment.HOME = "/var/lib/tts";
-  #  serviceConfig = {
-  #    CapabilityBoundingSet = "";
-  #    DeviceAllow = "";
-  #    DevicePolicy = "closed";
-  #    LockPersonality = true;
-  #    # jit via numba->llvmpipe
-  #    MemoryDenyWriteExecute = false;
-  #    PrivateDevices = true;
-  #    PrivateUsers = true;
-  #    ProtectHome = true;
-  #    ProtectHostname = true;
-  #    ProtectKernelLogs = true;
-  #    ProtectKernelModules = true;
-  #    ProtectKernelTunables = true;
-  #    ProtectControlGroups = true;
-  #    ProtectProc = "invisible";
-  #    ProcSubset = "pid";
-  #    RestrictAddressFamilies = [
-  #      "AF_UNIX"
-  #      "AF_INET"
-  #      "AF_INET6"
-  #    ];
-  #    RestrictRealtime = true;
-  #    RestrictNamespaces = true;
-  #    SystemCallArchitectures = "native";
-  #    SystemCallFilter = [
-  #      "@system-service"
-  #      "~@privileged"
-  #    ];
-  #    UMask = "0077";
-  #    StateDirectory = "tts";
-  #    DynamicUser = true;
-  #    User = "tts";
-  #    Group = "tts";
-  #    ExecStart = ''
-  #      ${pkgs.tts}/bin/tts-server --model_name tts_models/en/ljspeech/vits --port 5004
-  #    '';
-  #  };
-  #};
-
-  # find models with ${pkgs.tts}/bin/tts --list_models
-  services.tts = {
-    servers = {
-      english = {
-        enable = true;
-        port = 5300;
-        #model = "tts_models/en/ljspeech/tacotron2-DDC";
-        model = "tts_models/en/ljspeech/vits";
-      };
-      german = {
-        enable = true;
-        port = 5301;
-        #model = "tts_models/de/thorsten/tacotron2-DDC";
-        model = "tts_models/de/thorsten/vits";
-      };
-    };
-  };
-  # fixes some issues
-  systemd.services.tts-german.serviceConfig.RestrictAddressFamilies = [
-    "AF_UNIX"
-  ];
-  systemd.services.tts-english.serviceConfig.RestrictAddressFamilies = [
-    "AF_UNIX"
-  ];
-
-
-
-
-  services.nginx = {
-    recommendedProxySettings = true;
-    enable = true;
-    virtualHosts."tts.${config.networking.hostName}.private" = {
-      locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.english.port}";
-    };
-    virtualHosts."en.tts.${config.networking.hostName}.private" = {
-      locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.english.port}";
-    };
-    virtualHosts."de.tts.${config.networking.hostName}.private" = {
-      locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.german.port}";
-    };
-  };
-}