diff options
| author | hyperion <hyperion@spacekookie.de> | 2020-10-30 12:00:11 +0100 |
|---|---|---|
| committer | hyperion <hyperion@spacekookie.de> | 2020-10-30 12:00:11 +0100 |
| commit | 857e0584d19e0abbc9f73a7ea9aea24be6a6786e (patch) | |
| tree | 2ffbd6a261b00b6adfb148d458c6185a0ddf59a9 /nix | |
| parent | 43fc40d5dc18615aab9b99f940de59a8da20a902 (diff) | |
Refactoring repository structure and building basic nix module
Diffstat (limited to 'nix')
| -rw-r--r-- | nix/dash.nix | 44 | ||||
| -rw-r--r-- | nix/default.nix | 10 | ||||
| -rw-r--r-- | nix/metrics.nix | 30 | ||||
| -rw-r--r-- | nix/nginx.nix | 57 | ||||
| -rw-r--r-- | nix/prosody.nix | 60 |
5 files changed, 201 insertions, 0 deletions
diff --git a/nix/dash.nix b/nix/dash.nix new file mode 100644 index 0000000..c0af4d7 --- /dev/null +++ b/nix/dash.nix @@ -0,0 +1,44 @@ +{ config, lib, pkgs, ... }: + +with lib; +let + cfg = config.services.brook; +in +{ + options.services.brook.dash = { + enable = mkEnableOption "ffmpeg dash server"; + + name = mkOption { + type = types.str; + description = '' + The name of the rtmp endpoint of the stream. This might show up as + metadata in some clients + ''; + }; + }; + + config = mkIf cfg.dash.enable { + systemd.services.brook-ffmpeg = { + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + StateDirectory = "dash"; + Group = "nginx"; + }; + + script = let + ffmpeg = "${pkgs.ffmpeg}/bin/ffmpeg"; + in + '' + ${ffmpeg}-listen 1 -i rtmp://0.0.0.0:1935/${cfg.dash.name}/live \ + -c:v libx264 -x264opts "keyint=24:min-keyint=24:no-scenecut" -r 24 \ + -c:a aac -b:a 128k \ + -bf 1 -b_strategy 0 -sc_threshold 0 -pix_fmt yuv420p \ + -map 0:v:0 -map 0:a:0 -map 0:v:0 \ + -map 0:a:0 -map 0:v:0 -map 0:a:0 \ + /var/lib/dash/live.mpd + ''; + }; + }; +} diff --git a/nix/default.nix b/nix/default.nix new file mode 100644 index 0000000..f5f4954 --- /dev/null +++ b/nix/default.nix @@ -0,0 +1,10 @@ +{ ... }: + +{ + imports = [ + ./dash.nix + ./metrics.nix + ./nginx.nix + ./prosody.nix + ]; +} diff --git a/nix/metrics.nix b/nix/metrics.nix new file mode 100644 index 0000000..8dfc881 --- /dev/null +++ b/nix/metrics.nix @@ -0,0 +1,30 @@ +{ lib, config, ... }: + +with lib; +let + cfg = config.services.brook; +in +{ + options.services.brook.metrics = { + enable = mkEnableOption "brook-web metrics backend"; + + port = mkOption { + type = types.int; + description = '' + Port to bind the brook-metrics backend server to. + ''; + }; + + path = mkOption { + type = types.str; + description = '' + Set the BROOK_METRICS_PATH environment variable to let + brook-metrics know where to export the csv output to. + ''; + }; + }; + + config = mkIf cfg.enable { + + }; +} diff --git a/nix/nginx.nix b/nix/nginx.nix new file mode 100644 index 0000000..d60b884 --- /dev/null +++ b/nix/nginx.nix @@ -0,0 +1,57 @@ +{ lib, config, pkgs, ... }: + +with lib; +let + cfg = config.services.brook; +in +{ + options.services.brook.nginx = { + enable = mkEnableOption "brook nginx host handling"; + + hostAddr = mkOption { + type = types.str; + example = "stream.example.com"; + description = '' + Set the virtual host address to use for streaming + If nginx is not already enabled, this module will + enable it for you. + ''; + }; + + acmeHost = mkOption { + type = types.str; + description = '' + An additional host address to use for acme handling. Not setting + this option will disable `useACMEHost` and `forceSSL` for this + virtualhost. + ''; + }; + }; + + config = mkIf cfg.nginx.enable { + services.nginx.virtualHosts."${cfg.nginx.hostAddr}" = { + serverAliases = [ cfg.nginx.acmeHost ]; + enableACME = false; + useACMEHost = cfg.nginx.acmeHost; + forceSSL = true; + + locations."/xmpp-bosh" = mkIf cfg.prosody.enable { + proxyPass = "https://localhost:${cfg.prosody.port}/http-bind"; + extraConfig = '' + proxy_set_header Host ${cfg.prosody.guest-domain}; + proxy_set_header X-Forwarded-For ${cfg.prosody.guest-domain}; + proxy_buffering off; + tcp_nodelay on; + ''; + }; + + locations."/dash" = { + root = "/var/lib"; + }; + + locations."/metrics" = mkIf cfg.metrics.enable { + proxyPass = "http://localhost:${cfg.metrics.port}"; + }; + }; + }; +} diff --git a/nix/prosody.nix b/nix/prosody.nix new file mode 100644 index 0000000..cfbc551 --- /dev/null +++ b/nix/prosody.nix @@ -0,0 +1,60 @@ +{ lib, config, ... }: + +with lib; +let + cfg = config.services.brook; +in +{ + options.services.brook.prosody = { + enable = mkEnableOption "brook XMPP chat with prosody"; + + port = mkOption { + type = types.int; + default = 5281; + description = '' + Specify the port that prosody's web server is listening on. + ''; + }; + + guest-domain = mkOption { + type = types.string; + description = '' + The virtualhost prosody uses as an anonymous user scope. + By default prosody can either run in normal user mode, or in + anonymous mode. Becuase the stream chat doesn't require registration, + this creates a new virtualhost to achieve this. + ''; + }; + + certRoot = mkOption { + type = types.string; + description = '' + Pass in the root path to the certificates that the + prosody virtualhost should use. + ''; + }; + }; + + config = mkIf cfg.prosody.enable { + services.prosody = { + modules = { bosh = true; websocket = true; }; + + virtualHosts."${cfg.prosody.guest-domain}" = { + enable = true; + domain = "${cfg.prosody.guest-domain}"; + ssl = { + cert = "${cfg.prosody.certRoot}/fullchain.pem"; + key = "${cfg.prosody.certRoot}/key.pem"; + }; + extraConfig = '' + authentication = "anonymous" + http_host = ${cfg.prosody.guest-domain} + ''; + }; + + extraConfig = services.prosody.extraConfig + '' + consider_bosh_secure = true + ''; + }; + }; +} |