blob: 09797cba59c9ef85dd4ab572114103eaeaf72432 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
{ me, pkgs, ... }:
let
moonrakerPort = 7125;
klipperDir = "/srv/klipper";
serial = "/dev/ttyUSB0";
user = "klipper";
group = "klipper";
klipper-config = pkgs.runCommand "klipper-printer.cfg" {} ''
cat \
${../assets/printer/printer.cfg} \
${../assets/printer/mainsail.cfg} \
> $out
'';
webcamPort = 1984;
in
{
security.polkit.enable = true;
users.users.klipper = {
isSystemUser = true;
description = "Klipper user";
home = "/srv/klipper";
inherit group;
extraGroups = [ "dialout" ]; # for serial access
};
users.groups.klipper = {};
services = {
klipper = {
enable = true;
inherit user group;
firmwares.mcu = {
enable = true;
enableKlipperFlash = true;
inherit serial;
configFile = ../assets/printer/firmware.cfg;
};
configFile = klipper-config;
# will change to just `configDir` in 25.05,
# update it then.
mutableConfig = true;
mutableConfigFolder = "${klipperDir}/config";
};
moonraker = {
enable = true;
inherit user group;
address = me.tailscale.ip;
port = moonrakerPort;
allowSystemControl = true;
stateDir = "${klipperDir}/moonraker";
settings = {
authorization = {
cors_domains = [
"*://app.fluidd.xyz"
"*://my.mainsail.xyz"
"*://*.rnrd.fyi"
];
trusted_clients = [
"10.0.0.0/8"
"100.0.0.0/8"
"127.0.0.0/24"
"192.168.178.0/24"
];
};
# ignore warnings about moonraker not being able to
# adjust klipper configuration. i don't really mind.
file_manager = {
check_klipper_config_path = false;
};
};
};
mainsail = {
enable = true;
hostName = "3d.rnrd.fyi";
nginx = {
useACMEHost = "rnrd.fyi";
forceSSL = true;
listenAddresses = [ me.tailscale.ip ];
locations."/webcam" = {
proxyPass = "http://${me.tailscale.ip}:${toString webcamPort}";
proxyWebsockets = true;
};
extraConfig = ''
access_log /var/log/nginx/3d.access.log json_combined;
'';
};
};
# don't reject large gcode files etc.
nginx.clientMaxBodySize = "1000M";
};
foundation.tailnetServices = [ "moonraker" ];
}
|
