Working Jellyfin transcoding setup + crowdsec
Some checks are pending
/ Build Nix targets (push) Waiting to run
Some checks are pending
/ Build Nix targets (push) Waiting to run
This commit is contained in:
Théo Barnouin
parent
0d3bf29866
commit
1d126cae12
3 changed files with 26 additions and 3 deletions
|
|
@ -15,19 +15,19 @@ in {
|
||||||
sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; };
|
sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; };
|
||||||
systemPackages = with pkgs; [
|
systemPackages = with pkgs; [
|
||||||
cifs-utils
|
cifs-utils
|
||||||
intel-gpu-tools
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# Intel Hardware Acceleration config
|
# Intel Hardware Acceleration config
|
||||||
hardware = {
|
hardware = {
|
||||||
|
enableAllFirmware = true;
|
||||||
intel-gpu-tools.enable = true;
|
intel-gpu-tools.enable = true;
|
||||||
graphics = {
|
graphics = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraPackages = with pkgs; [
|
extraPackages = with pkgs; [
|
||||||
intel-media-driver
|
intel-media-driver
|
||||||
vaapiVdpau
|
vaapiVdpau
|
||||||
libvdpau-va-gl
|
|
||||||
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
|
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
|
||||||
|
intel-ocl
|
||||||
vpl-gpu-rt # QSV on 11th gen or newer
|
vpl-gpu-rt # QSV on 11th gen or newer
|
||||||
];
|
];
|
||||||
extraPackages32 = with pkgs.pkgsi686Linux; [
|
extraPackages32 = with pkgs.pkgsi686Linux; [
|
||||||
|
|
|
||||||
|
|
@ -98,6 +98,7 @@
|
||||||
netcat-openbsd
|
netcat-openbsd
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
cs-lapi-key = {
|
cs-lapi-key = {
|
||||||
file = ../secrets/cs-lapi-key.age;
|
file = ../secrets/cs-lapi-key.age;
|
||||||
|
|
|
||||||
|
|
@ -35,7 +35,7 @@
|
||||||
users = {
|
users = {
|
||||||
users.tbarnouin = {
|
users.tbarnouin = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = ["wheel"];
|
extraGroups = ["wheel" "video" "render"];
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
|
||||||
|
|
@ -86,6 +86,13 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
age.secrets = {
|
||||||
|
cs-lapi-key = {
|
||||||
|
file = ../secrets/cs-lapi-key.age;
|
||||||
|
owner = "crowdsec";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
cloud-init.network.enable = true;
|
cloud-init.network.enable = true;
|
||||||
openssh = {
|
openssh = {
|
||||||
|
|
@ -103,6 +110,21 @@
|
||||||
fail2ban = {
|
fail2ban = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
crowdsec = {
|
||||||
|
enable = true;
|
||||||
|
package = pkgs.crowdsec;
|
||||||
|
autoUpdateService = false;
|
||||||
|
openFirewall = true;
|
||||||
|
settings = {
|
||||||
|
general = {
|
||||||
|
prometheus.listen_addr = "0.0.0.0";
|
||||||
|
};
|
||||||
|
lapi.credentialsFile = "${config.age.secrets.cs-lapi-key.path}";
|
||||||
|
};
|
||||||
|
hub.collections = [
|
||||||
|
"crowdsecurity/linux"
|
||||||
|
];
|
||||||
|
};
|
||||||
rsyslogd = {
|
rsyslogd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = "*.*@192.168.1.27:514;RSYSLOG_SyslogProtocol23Format";
|
extraConfig = "*.*@192.168.1.27:514;RSYSLOG_SyslogProtocol23Format";
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue