From 3609e216a438192a6caf27f20f4c5124c91d83da Mon Sep 17 00:00:00 2001 From: Max Niederman Date: Mon, 5 Feb 2024 23:43:41 -0800 Subject: [PATCH] nixos/photonvision: init module --- .../manual/release-notes/rl-2405.section.md | 2 + nixos/modules/module-list.nix | 1 + nixos/modules/services/video/photonvision.nix | 64 +++++++++++++++++++ 3 files changed, 67 insertions(+) create mode 100644 nixos/modules/services/video/photonvision.nix diff --git a/nixos/doc/manual/release-notes/rl-2405.section.md b/nixos/doc/manual/release-notes/rl-2405.section.md index bad1fd449bbb..e838edea228a 100644 --- a/nixos/doc/manual/release-notes/rl-2405.section.md +++ b/nixos/doc/manual/release-notes/rl-2405.section.md @@ -42,6 +42,8 @@ In addition to numerous new and upgraded packages, this release has the followin - [Guix](https://guix.gnu.org), a functional package manager inspired by Nix. Available as [services.guix](#opt-services.guix.enable). +- [PhotonVision](https://photonvision.org/), a free, fast, and easy-to-use computer vision solution for the FIRSTĀ® Robotics Competition. + - [pyLoad](https://pyload.net/), a FOSS download manager written in Python. Available as [services.pyload](#opt-services.pyload.enable) - [maubot](https://github.com/maubot/maubot), a plugin-based Matrix bot framework. Available as [services.maubot](#opt-services.maubot.enable). diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index b64a3360701a..3ee4fb2be195 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -1259,6 +1259,7 @@ ./services/video/go2rtc/default.nix ./services/video/frigate.nix ./services/video/mirakurun.nix + ./services/video/photonvision.nix ./services/video/replay-sorcery.nix ./services/video/mediamtx.nix ./services/video/unifi-video.nix diff --git a/nixos/modules/services/video/photonvision.nix b/nixos/modules/services/video/photonvision.nix new file mode 100644 index 000000000000..fdbe9da3999d --- /dev/null +++ b/nixos/modules/services/video/photonvision.nix @@ -0,0 +1,64 @@ +{ config, pkgs, lib, ... }: + +let + cfg = config.services.photonvision; +in +{ + options = { + services.photonvision = { + enable = lib.mkEnableOption (lib.mdDoc "Enable PhotonVision"); + + package = lib.mkPackageOption pkgs "photonvision" {}; + + openFirewall = lib.mkOption { + description = lib.mdDoc '' + Whether to open the required ports in the firewall. + ''; + default = false; + type = lib.types.bool; + }; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.services.photonvision = { + description = "PhotonVision, the free, fast, and easy-to-use computer vision solution for the FIRST Robotics Competition"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + ExecStart = lib.getExe cfg.package; + + # ephemeral root directory + RuntimeDirectory = "photonvision"; + RootDirectory = "/run/photonvision"; + + # setup persistent state and logs directories + StateDirectory = "photonvision"; + LogsDirectory = "photonvision"; + + BindReadOnlyPaths = [ + # mount the nix store read-only + "/nix/store" + + # the JRE reads the user.home property from /etc/passwd + "/etc/passwd" + ]; + BindPaths = [ + # mount the configuration and logs directories to the host + "/var/lib/photonvision:/photonvision_config" + "/var/log/photonvision:/photonvision_config/logs" + ]; + + # for PhotonVision's dynamic libraries, which it writes to /tmp + PrivateTmp = true; + }; + }; + + networking.firewall = lib.mkIf cfg.openFirewall { + allowedTCPPorts = [ 5800 ]; + allowedTCPPortRanges = [{ from = 1180; to = 1190; }]; + }; + }; +}