improved chungus

This commit is contained in:
Ingolf Wagner 2023-11-08 09:26:34 +01:00
parent c8f0298beb
commit d4b6eb447c
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
4 changed files with 10 additions and 96 deletions

View file

@ -60,7 +60,7 @@
components.gui.enable = false; components.gui.enable = false;
components.mainUser.enable = true; components.mainUser.enable = true;
components.media.tts-server.enable = true; components.media.tts-server.enable = false;
components.network.enable = true; components.network.enable = true;
components.network.wifi.enable = false; components.network.wifi.enable = false;
components.terminal.enable = true; components.terminal.enable = true;

View file

@ -10,11 +10,15 @@ in
group = group; group = group;
}; };
# make available in retiolum
#networking.firewall.interfaces."tinc.retiolum".allowedTCPPorts = [ port ];
#networking.firewall.interfaces."tinc.retiolum".allowedUDPPorts = [ port ];
networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ port ]; networking.firewall.interfaces.enp0s31f6.allowedTCPPorts = [ port ];
networking.firewall.interfaces.enp0s31f6.allowedUDPPorts = [ port ]; networking.firewall.interfaces.enp0s31f6.allowedUDPPorts = [ port ];
networking.firewall.interfaces.wq0.allowedTCPPorts = [ port ]; networking.firewall.interfaces.wg0.allowedTCPPorts = [ port ];
networking.firewall.interfaces.wq0.allowedUDPPorts = [ port ]; networking.firewall.interfaces.wg0.allowedUDPPorts = [ port ];
systemd.services.audiobookshelf = { systemd.services.audiobookshelf = {
enable = true; enable = true;

View file

@ -3,10 +3,12 @@
{ {
environment.systemPackages = [ environment.systemPackages = [
pkgs.mediainfo pkgs.mediainfo
pkgs.youtube-dl
pkgs.mnamer pkgs.mnamer
pkgs.mc pkgs.mc
pkgs.unrar pkgs.unrar
pkgs.unzip pkgs.unzip
pkgs.zfs-prune-snapshots
pkgs.zfstools
]; ];
} }

View file

@ -1,92 +0,0 @@
{ pkgs
, config
, ...
}: {
#systemd.services.tts = {
# after = [ "network.target" ];
# wantedBy = [ "multi-user.target" ];
# path = [ pkgs.espeak ];
# environment.HOME = "/var/lib/tts";
# serviceConfig = {
# CapabilityBoundingSet = "";
# DeviceAllow = "";
# DevicePolicy = "closed";
# LockPersonality = true;
# # jit via numba->llvmpipe
# MemoryDenyWriteExecute = false;
# PrivateDevices = true;
# PrivateUsers = true;
# ProtectHome = true;
# ProtectHostname = true;
# ProtectKernelLogs = true;
# ProtectKernelModules = true;
# ProtectKernelTunables = true;
# ProtectControlGroups = true;
# ProtectProc = "invisible";
# ProcSubset = "pid";
# RestrictAddressFamilies = [
# "AF_UNIX"
# "AF_INET"
# "AF_INET6"
# ];
# RestrictRealtime = true;
# RestrictNamespaces = true;
# SystemCallArchitectures = "native";
# SystemCallFilter = [
# "@system-service"
# "~@privileged"
# ];
# UMask = "0077";
# StateDirectory = "tts";
# DynamicUser = true;
# User = "tts";
# Group = "tts";
# ExecStart = ''
# ${pkgs.tts}/bin/tts-server --model_name tts_models/en/ljspeech/vits --port 5004
# '';
# };
#};
# find models with ${pkgs.tts}/bin/tts --list_models
services.tts = {
servers = {
english = {
enable = true;
port = 5300;
#model = "tts_models/en/ljspeech/tacotron2-DDC";
model = "tts_models/en/ljspeech/vits";
};
german = {
enable = true;
port = 5301;
#model = "tts_models/de/thorsten/tacotron2-DDC";
model = "tts_models/de/thorsten/vits";
};
};
};
# fixes some issues
systemd.services.tts-german.serviceConfig.RestrictAddressFamilies = [
"AF_UNIX"
];
systemd.services.tts-english.serviceConfig.RestrictAddressFamilies = [
"AF_UNIX"
];
services.nginx = {
recommendedProxySettings = true;
enable = true;
virtualHosts."tts.${config.networking.hostName}.private" = {
locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.english.port}";
};
virtualHosts."en.tts.${config.networking.hostName}.private" = {
locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.english.port}";
};
virtualHosts."de.tts.${config.networking.hostName}.private" = {
locations."/".proxyPass = "http://localhost:${toString config.services.tts.servers.german.port}";
};
};
}