blob: c9a2efb6b125107056781aaa8f745d5712a2e9a3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
{
...
}:
{
imports = [
# we inherit from desktop
./desktop.nix
];
virtualisation = {
docker = {
enable = true;
daemon.settings.dns = [
"1.1.1.1"
"1.0.0.1"
];
};
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
localNetworkGameTransfers.openFirewall = true;
};
services.openssh = {
enable = true;
openFirewall = true;
};
services.sunshine = {
enable = true;
autoStart = true;
capSysAdmin = true;
openFirewall = true;
settings = {
adapter_name = "/dev/dri/renderD128"; # primary card should be located here
encoder = "vaapi"; # or "qsv" is quicksync is better supported
av1_mode = 2;
audio_sink = "alsa_output.pci-0000_29_00.0.hdmi-stereo";
# no need for encryption since we are going through a secure network anyway
lan_encryption_mode = 0;
wan_encryption_mode = 0;
origin_web_ui_allowed = "wan"; # allow access everywhere
sunshine_name = "Wolfram"; # todo: change
};
};
# override desktop configuration, because we do run SSH
# on remote-servers.
age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
}
|
