diff --git a/inventories/default.nix b/inventories/default.nix index c820b80..3badb1b 100644 --- a/inventories/default.nix +++ b/inventories/default.nix @@ -169,6 +169,17 @@ }; roles.default.machines.b4l = { }; }; + pulse-stream = { + module = { + name = "pulse-stream"; + input = "self"; + }; + roles.default.machines.neptune = { + settings.client-ip-ranges = [ + "10.0.0.0/24" + ]; + }; + }; }; }; }; diff --git a/modules/clan/pulse-stream/default.nix b/modules/clan/pulse-stream/default.nix new file mode 100644 index 0000000..399dd64 --- /dev/null +++ b/modules/clan/pulse-stream/default.nix @@ -0,0 +1,43 @@ +{ ... }: +{ + _class = "clan.service"; + manifest.name = "pulse-stream"; + manifest.description = "stream audio to attached speakers"; + manifest.categories = [ "System" ]; + + roles.default = { + interface = + { lib, ... }: + { + options.client-ip-ranges = lib.mkOption { + type = lib.types.listOf lib.types.str; + description = "ip subnets permitted to stream to the server"; + default = []; + }; + }; + perInstance = + { + roles, + settings, + ... + }: + { + nixosModule = + { ... }: + { + services.pulseaudio = { + enable = true; + systemWide = true; + tcp = { + enable = true; + anonymousClients.allowedIpRanges = + settings.client-ip-ranges; + anonymousClients.allowAll = true; + }; + zeroconf.publish.enable = true; + }; + networking.firewall.allowedTCPPorts = [ 4713 ]; + }; + }; + }; +} diff --git a/modules/clan/pulse-stream/flake-module.nix b/modules/clan/pulse-stream/flake-module.nix new file mode 100644 index 0000000..1b20f6d --- /dev/null +++ b/modules/clan/pulse-stream/flake-module.nix @@ -0,0 +1,9 @@ +{ lib, ... }: +let + module = lib.modules.importApply ./default.nix { }; +in +{ + clan.modules = { + pulse-stream = module; + }; +}