From ade0694d14775369e1c2c1f0aa93d90ce7203fc6 Mon Sep 17 00:00:00 2001
From: xinyangli <lixinyang411@gmail.com>
Date: Sat, 21 Dec 2024 20:51:56 +0800
Subject: [PATCH 1/2] modules/comin: init

---
 .github/workflows/eval.yaml             |  2 +-
 modules/nixos/common-settings/comin.nix | 32 +++++++++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 modules/nixos/common-settings/comin.nix

diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml
index 90a9897..1997213 100644
--- a/.github/workflows/eval.yaml
+++ b/.github/workflows/eval.yaml
@@ -36,7 +36,7 @@ jobs:
           failed_hosts=""
           for host in $hosts; do
             echo "Eval derivation for $host"
-            if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
+            if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
               echo "❌ Failed to evaluate $host"
               failed_hosts+="$host "
               rm "eval/$host.json"
diff --git a/modules/nixos/common-settings/comin.nix b/modules/nixos/common-settings/comin.nix
new file mode 100644
index 0000000..3d543f2
--- /dev/null
+++ b/modules/nixos/common-settings/comin.nix
@@ -0,0 +1,32 @@
+{
+  config,
+  lib,
+  ...
+}:
+let
+  inherit (lib)
+    mkEnableOption
+    mkIf
+    ;
+
+  cfg = config.commonSettings.comin;
+in
+{
+  options.commonSettings.comin = {
+    enable = mkEnableOption "auto updater with comin";
+  };
+
+  config = {
+    services.comin = mkIf cfg.enable {
+      enable = true;
+      remotes = [
+        {
+          name = "origin";
+          url = "https://github.com/xinyangli/nixos-config.git";
+          branches.main.name = "deploy-comin-eval";
+        }
+      ];
+      hostname = config.networking.hostName;
+    };
+  };
+}

From da250e328cc757fd29dd34a6a1886d409c3f62d2 Mon Sep 17 00:00:00 2001
From: xinyangli <lixinyang411@gmail.com>
Date: Sat, 21 Dec 2024 20:52:27 +0800
Subject: [PATCH 2/2] calcite,weilite: use comin to auto update

---
 .github/workflows/eval.yaml            |  6 ++----
 machines/calcite/configuration.nix     | 13 +-----------
 machines/weilite/default.nix           | 29 ++++++++++++++++++++++----
 machines/weilite/services/default.nix  |  1 +
 machines/weilite/services/jellyfin.nix | 15 +++++++++++++
 5 files changed, 44 insertions(+), 20 deletions(-)
 create mode 100644 machines/weilite/services/jellyfin.nix

diff --git a/.github/workflows/eval.yaml b/.github/workflows/eval.yaml
index 1997213..494704f 100644
--- a/.github/workflows/eval.yaml
+++ b/.github/workflows/eval.yaml
@@ -1,10 +1,8 @@
 name: Eval NixOS Configurations
 
 on:
-  push:
-    branches:
-      - deploy
-  workflow_dispatch:
+  check_suite:
+    types: [completed]
 
 permissions:
   contents: write
diff --git a/machines/calcite/configuration.nix b/machines/calcite/configuration.nix
index c8e4e4a..a3c84c4 100644
--- a/machines/calcite/configuration.nix
+++ b/machines/calcite/configuration.nix
@@ -15,23 +15,12 @@ in
     ../sops.nix
   ];
 
-  services.comin = {
-    enable = true;
-    remotes = [
-      {
-        name = "origin";
-        url = "https://github.com/xinyangli/nixos-config.git";
-        branches.main.name = "deploy-comin-eval";
-      }
-    ];
-    hostname = config.networking.hostName;
-  };
-
   commonSettings = {
     # auth.enable = true;
     nix = {
       signing.enable = true;
     };
+    comin.enable = true;
   };
 
   # Bootloader.
diff --git a/machines/weilite/default.nix b/machines/weilite/default.nix
index 9d8cd04..bae1b92 100644
--- a/machines/weilite/default.nix
+++ b/machines/weilite/default.nix
@@ -19,6 +19,7 @@
       nix = {
         enable = true;
       };
+      comin.enable = true;
     };
 
     boot = {
@@ -38,7 +39,10 @@
 
     nixpkgs.config.allowUnfree = true;
 
-    environment.systemPackages = [ pkgs.virtiofsd ];
+    environment.systemPackages = [
+      pkgs.virtiofsd
+      pkgs.intel-gpu-tools
+    ];
 
     sops = {
       defaultSopsFile = ./secrets.yaml;
@@ -94,15 +98,32 @@
         options = "rw,nodev,nosuid";
         wantedBy = [ "restic-rest-server.service" ];
       }
+      # {
+      #   what = "ocis";
+      #   where = "/var/lib/ocis";
+      #   type = "virtiofs";
+      #   options = "rw,nodev,nosuid";
+      #   wantedBy = [ "ocis.service" ];
+      # }
       {
-        what = "ocis";
-        where = "/var/lib/ocis";
+        what = "media";
+        where = "/var/lib/jellyfin/media";
         type = "virtiofs";
         options = "rw,nodev,nosuid";
-        wantedBy = [ "ocis.service" ];
       }
     ];
 
+    hardware.graphics = {
+      enable = true;
+      extraPackages = with pkgs; [
+        intel-media-driver
+        intel-vaapi-driver
+        vaapiVdpau
+        intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
+        intel-media-sdk # QSV up to 11th gen
+      ];
+    };
+
     services.openssh.ports = [
       22
       2222
diff --git a/machines/weilite/services/default.nix b/machines/weilite/services/default.nix
index 0a6e4ca..5a5cc25 100644
--- a/machines/weilite/services/default.nix
+++ b/machines/weilite/services/default.nix
@@ -4,5 +4,6 @@
     ./restic.nix
     ./media-download.nix
     ./immich.nix
+    ./jellyfin.nix
   ];
 }
diff --git a/machines/weilite/services/jellyfin.nix b/machines/weilite/services/jellyfin.nix
new file mode 100644
index 0000000..d321de5
--- /dev/null
+++ b/machines/weilite/services/jellyfin.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+{
+  services.jellyfin.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    jellyfin
+    jellyfin-web
+    jellyfin-ffmpeg
+  ];
+  services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = ''
+    reverse_proxy 127.0.0.1:8096
+  '';
+  networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
+  users.users.jellyfin.extraGroups = [ "render" ];
+}