kenji
46 lines
1.0 KiB
Nix
46 lines
1.0 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
cfg = config.programs.sunshine;
|
|
in {
|
|
options.programs.sunshine = with lib; {
|
|
enable = mkEnableOption "sunshine";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
networking.firewall.allowedTCPPortRanges = [
|
|
{
|
|
from = 47984;
|
|
to = 48010;
|
|
}
|
|
];
|
|
networking.firewall.allowedUDPPortRanges = [
|
|
{
|
|
from = 47998;
|
|
to = 48010;
|
|
}
|
|
];
|
|
security.wrappers.sunshine = {
|
|
owner = "root";
|
|
group = "root";
|
|
capabilities = "cap_sys_admin+p";
|
|
source = "${pkgs.sunshine}/bin/sunshine";
|
|
};
|
|
systemd.services.sunshine = {
|
|
description = "Sunshine self-hosted game stream host for Moonlight";
|
|
after = ["network-online.target" "multi-user.target"];
|
|
wantedBy = ["multi-user.target"];
|
|
startLimitBurst = 5;
|
|
startLimitIntervalSec = 500;
|
|
serviceConfig = {
|
|
ExecStart = "${config.security.wrapperDir}/sunshine";
|
|
Restart = "on-failure";
|
|
RestartSec = "5s";
|
|
};
|
|
};
|
|
};
|
|
}
|