From 1d46cb69fc3db8f50c25e49c90b5a79b38aba22b Mon Sep 17 00:00:00 2001
From: Henry-Hiles <henry@henryhiles.com>
Date: Fri, 18 Apr 2025 13:10:50 -0400
Subject: [PATCH] Change ec modules
---
clients/quadraticserver/element-call.nix | 4 +-
clients/quadraticserver/grapevine.nix | 5 +-
modules/common/services/livekit.nix | 62 ++++++++++++----------
modules/common/services/lk-jwt-service.nix | 6 +--
4 files changed, 42 insertions(+), 35 deletions(-)
diff --git a/clients/quadraticserver/element-call.nix b/clients/quadraticserver/element-call.nix
index 53f2fa4..bcf8376 100644
--- a/clients/quadraticserver/element-call.nix
+++ b/clients/quadraticserver/element-call.nix
@@ -10,13 +10,13 @@
enable = true;
livekit = {
url = "wss://${domain}/livekit/sfu";
- keyFile = config.age.secrets."livekitKeys.age".path;
+ environmentFile = config.age.secrets."livekitKeys.age".path;
};
};
livekit = {
enable = true;
- keyFile = config.age.secrets."livekitKeys.age".path;
+ environmentFile = config.age.secrets."livekitKeys.age".path;
};
caddy.virtualHosts."${domain}".extraConfig = ''
diff --git a/clients/quadraticserver/grapevine.nix b/clients/quadraticserver/grapevine.nix
index e31e50c..412ea14 100644
--- a/clients/quadraticserver/grapevine.nix
+++ b/clients/quadraticserver/grapevine.nix
@@ -11,7 +11,10 @@
settings = {
server_name = "henryhiles.com";
database.backend = "rocksdb";
- federation.max_concurrent_requests = 10000;
+ federation = {
+ max_concurrent_requests = 10000;
+ self_test = false;
+ };
server_discovery = {
server.authority = "${domain}:443";
diff --git a/modules/common/services/livekit.nix b/modules/common/services/livekit.nix
index bd06cfa..7f2c05b 100644
--- a/modules/common/services/livekit.nix
+++ b/modules/common/services/livekit.nix
@@ -5,13 +5,14 @@
...
}: let
cfg = config.services.livekit;
+ format = pkgs.formats.json {};
in {
meta.maintainers = with lib.maintainers; [quadradical];
options.services.livekit = {
enable = lib.mkEnableOption "Enable the livekit server";
package = lib.mkPackageOption pkgs "livekit" {};
- keyFile = lib.mkOption {
+ environmentFile = lib.mkOption {
type = lib.types.path;
description = ''
LiveKit key file, with syntax `LIVEKIT_KEYS=\"key: secret\"`
@@ -34,24 +35,38 @@ in {
'';
};
- port = lib.mkOption {
- type = lib.types.port;
- default = 7880;
- description = "Main TCP port for RoomService and RTC endpoint.";
- };
+ settings = lib.mkOption {
+ type = lib.types.submodule {
+ freeformType = format.type;
+ options = {
+ port = lib.mkOption {
+ type = lib.types.port;
+ default = 7880;
+ description = "Main TCP port for RoomService and RTC endpoint.";
+ };
- rtc = {
- portRangeStart = lib.mkOption {
- type = lib.types.int;
- default = 50000;
- description = "Start of UDP port range for WebRTC";
- };
+ rtc = {
+ port_range_start = lib.mkOption {
+ type = lib.types.int;
+ default = 50000;
+ description = "Start of UDP port range for WebRTC";
+ };
- portRangeEnd = lib.mkOption {
- type = lib.types.int;
- default = 51000;
- description = "End of UDP port range for WebRTC";
+ port_range_end = lib.mkOption {
+ type = lib.types.int;
+ default = 51000;
+ description = "End of UDP port range for WebRTC";
+ };
+ };
+ };
};
+ default = {};
+ description = ''
+ LiveKit configuration file expressed in nix.
+
+ For an example configuration, see <https://docs.livekit.io/home/self-hosting/deployment/#configuration>.
+ For all possible values, see <https://github.com/livekit/livekit/blob/master/config-sample.yaml>.
+ '';
};
};
@@ -76,7 +91,7 @@ in {
after = ["network-online.target"];
serviceConfig = {
- EnvironmentFile = cfg.keyFile;
+ EnvironmentFile = cfg.environmentFile;
DynamicUser = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;
@@ -103,18 +118,7 @@ in {
"~@privileged"
"~@resources"
];
- ExecStart = "${lib.getExe cfg.package} --config-body=${
- builtins.toJSON (
- builtins.toJSON {
- port = cfg.port;
- rtc = {
- port_range_start = cfg.rtc.portRangeStart;
- port_range_end = cfg.rtc.portRangeEnd;
- use_external_ip = cfg.useExternalIP;
- };
- }
- )
- }";
+ ExecStart = "${lib.getExe cfg.package} --config ${format.generate "livekit.json" cfg.settings}";
Restart = "on-failure";
RestartSec = 5;
UMask = "077";
diff --git a/modules/common/services/lk-jwt-service.nix b/modules/common/services/lk-jwt-service.nix
index a91a6bf..c4bfdd4 100644
--- a/modules/common/services/lk-jwt-service.nix
+++ b/modules/common/services/lk-jwt-service.nix
@@ -20,10 +20,10 @@ in {
'';
};
- keyFile = lib.mkOption {
+ environmentFile = lib.mkOption {
type = lib.types.path;
description = ''
- Path to a file showing LiveKit keys, where you must declare some of: `LIVEKIT_KEY`, `LIVEKIT_SECRET`, `LIVEKIT_KEY_FROM_FILE`, `LIVEKIT_SECRET_FROM_FILE`, and/or `LIVEKIT_KEY_FILE`.
+ Path to a file of environment variables, where you must declare some of: `LIVEKIT_KEY`, `LIVEKIT_SECRET`, `LIVEKIT_KEY_FROM_FILE`, `LIVEKIT_SECRET_FROM_FILE`, and/or `LIVEKIT_KEY_FILE`.
For more information, see <https://github.com/element-hq/lk-jwt-service#configuration>.
'';
};
@@ -46,7 +46,7 @@ in {
environment.LIVEKIT_URL = cfg.livekit.url;
serviceConfig = {
- EnvironmentFile = cfg.livekit.keyFile;
+ EnvironmentFile = cfg.livekit.environmentFile;
DynamicUser = true;
LockPersonality = true;
MemoryDenyWriteExecute = true;