calcite,weilite: use comin to auto update

.github/workflows/eval.yaml

@@ -1,10 +1,8 @@
 name: Eval NixOS Configurations
 
 on:
-  push:
+  check_suite:
-    branches:
+    types: [completed]
-      - deploy
-  workflow_dispatch:
 
 permissions:
   contents: write
@@ -36,7 +34,7 @@ jobs:
           failed_hosts=""
           for host in $hosts; do
             echo "Eval derivation for $host"
-            if ! nix show-derivation -L ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
+            if ! nix derivation show ".#nixosConfigurations.$host.config.system.build.toplevel" > "eval/$host.json"; then
               echo "❌ Failed to evaluate $host"
               failed_hosts+="$host "
               rm "eval/$host.json"

machines/calcite/configuration.nix

@@ -15,23 +15,12 @@ in
     ../sops.nix
   ];
 
-  services.comin = {
-    enable = true;
-    remotes = [
-      {
-        name = "origin";
-        url = "https://github.com/xinyangli/nixos-config.git";
-        branches.main.name = "deploy-comin-eval";
-      }
-    ];
-    hostname = config.networking.hostName;
-  };
-
   commonSettings = {
     # auth.enable = true;
     nix = {
       signing.enable = true;
     };
+    comin.enable = true;
   };
 
   # Bootloader.

machines/weilite/default.nix

@@ -19,6 +19,7 @@
       nix = {
         enable = true;
       };
+      comin.enable = true;
     };
 
     boot = {
@@ -38,7 +39,10 @@
 
     nixpkgs.config.allowUnfree = true;
 
-    environment.systemPackages = [ pkgs.virtiofsd ];
+    environment.systemPackages = [
+      pkgs.virtiofsd
+      pkgs.intel-gpu-tools
+    ];
 
     sops = {
       defaultSopsFile = ./secrets.yaml;
@@ -94,15 +98,32 @@
         options = "rw,nodev,nosuid";
         wantedBy = [ "restic-rest-server.service" ];
       }
+      # {
+      #   what = "ocis";
+      #   where = "/var/lib/ocis";
+      #   type = "virtiofs";
+      #   options = "rw,nodev,nosuid";
+      #   wantedBy = [ "ocis.service" ];
+      # }
       {
-        what = "ocis";
+        what = "media";
-        where = "/var/lib/ocis";
+        where = "/var/lib/jellyfin/media";
         type = "virtiofs";
         options = "rw,nodev,nosuid";
-        wantedBy = [ "ocis.service" ];
       }
     ];
 
+    hardware.graphics = {
+      enable = true;
+      extraPackages = with pkgs; [
+        intel-media-driver
+        intel-vaapi-driver
+        vaapiVdpau
+        intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
+        intel-media-sdk # QSV up to 11th gen
+      ];
+    };
+
     services.openssh.ports = [
       22
       2222

machines/weilite/services/default.nix

@@ -4,5 +4,6 @@
     ./restic.nix
     ./media-download.nix
     ./immich.nix
+    ./jellyfin.nix
   ];
 }

machines/weilite/services/jellyfin.nix

@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+{
+  services.jellyfin.enable = true;
+
+  environment.systemPackages = with pkgs; [
+    jellyfin
+    jellyfin-web
+    jellyfin-ffmpeg
+  ];
+  services.caddy.virtualHosts."https://weilite.coho-tet.ts.net:8920".extraConfig = ''
+    reverse_proxy 127.0.0.1:8096
+  '';
+  networking.firewall.allowedTCPPorts = [ 8920 ]; # allow on lan
+  users.users.jellyfin.extraGroups = [ "render" ];
+}

modules/nixos/common-settings/comin.nix

@@ -0,0 +1,32 @@
+{
+  config,
+  lib,
+  ...
+}:
+let
+  inherit (lib)
+    mkEnableOption
+    mkIf
+    ;
+
+  cfg = config.commonSettings.comin;
+in
+{
+  options.commonSettings.comin = {
+    enable = mkEnableOption "auto updater with comin";
+  };
+
+  config = {
+    services.comin = mkIf cfg.enable {
+      enable = true;
+      remotes = [
+        {
+          name = "origin";
+          url = "https://github.com/xinyangli/nixos-config.git";
+          branches.main.name = "deploy-comin-eval";
+        }
+      ];
+      hostname = config.networking.hostName;
+    };
+  };
+}