diff --git a/nixos/modules/services/networking/livekit-ingress.nix b/nixos/modules/services/networking/livekit-ingress.nix index 8db13b5f4e00..260698a4b2b4 100644 --- a/nixos/modules/services/networking/livekit-ingress.nix +++ b/nixos/modules/services/networking/livekit-ingress.nix @@ -8,6 +8,9 @@ let cfg = config.services.livekit.ingress; format = pkgs.formats.yaml { }; + settings = lib.filterAttrsRecursive (_: v: v != null) cfg.settings; + + isLocallyDistributed = config.services.livekit.enable; in { meta.maintainers = with lib.maintainers; [ k900 ]; @@ -51,6 +54,21 @@ in description = "TCP port for WHIP connections"; }; + redis = { + address = lib.mkOption { + type = with lib.types; nullOr str; + default = + if isLocallyDistributed then + "${config.services.livekit.redis.host}:${toString config.services.livekit.redis.port}" + else + null; + example = "redis.example.com:6379"; + defaultText = "Host and port of the local livekit redis instance, if enabled, or null"; + description = "Address or hostname and port for redis connection"; + }; + + }; + rtc_config = { port_range_start = lib.mkOption { type = lib.types.int; @@ -125,7 +143,7 @@ in serviceConfig = { ExecStart = utils.escapeSystemdExecArgs [ (lib.getExe cfg.package) - "--config=${format.generate "ingress.yaml" cfg.settings}" + "--config=${format.generate "ingress.yaml" settings}" ]; EnvironmentFile = lib.mkIf (cfg.environmentFile != null) cfg.environmentFile; DynamicUser = true; diff --git a/nixos/modules/services/networking/livekit.nix b/nixos/modules/services/networking/livekit.nix index 523e84094ebd..1c93fd6fc069 100644 --- a/nixos/modules/services/networking/livekit.nix +++ b/nixos/modules/services/networking/livekit.nix @@ -8,6 +8,9 @@ let cfg = config.services.livekit; format = pkgs.formats.json { }; + settings = lib.filterAttrsRecursive (_: v: v != null) cfg.settings; + + isLocallyDistributed = config.services.livekit.ingress.enable; in { meta.maintainers = with lib.maintainers; [ quadradical ]; @@ -34,6 +37,32 @@ in description = "Opens port range for LiveKit on the firewall."; }; + redis = { + createLocally = lib.mkOption { + type = lib.types.bool; + default = isLocallyDistributed; + defaultText = "true if any other Livekit component is enabled locally else false"; + description = "Whether to set up a local redis instance."; + }; + + host = lib.mkOption { + type = with lib.types; nullOr str; + default = if cfg.redis.createLocally then "127.0.0.1" else null; + defaultText = "127.0.0.1 if config.services.livekit.redis.createLocally else null"; + description = '' + Address to bind local redis instance to. + ''; + }; + + port = lib.mkOption { + type = with lib.types; nullOr port; + default = null; + description = '' + Port to bind local redis instance to. + ''; + }; + }; + settings = lib.mkOption { type = lib.types.submodule { freeformType = format.type; @@ -44,6 +73,16 @@ in description = "Main TCP port for RoomService and RTC endpoint."; }; + redis = { + address = lib.mkOption { + type = with lib.types; nullOr str; + default = if isLocallyDistributed then "${cfg.redis.host}:${toString cfg.redis.port}" else null; + defaultText = lib.literalExpression "Local Redis host/port when a local ingress component is enabled else null"; + example = "redis.example.com:6379"; + description = "Host and port used to connect to a redis instance."; + }; + }; + rtc = { port_range_start = lib.mkOption { type = lib.types.int; @@ -79,6 +118,15 @@ in }; config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = cfg.redis.createLocally -> cfg.redis.port != null; + message = '' + When `services.livekit.redis.createLocally` is enabled `services.livekit.redis.port` must be configured. + ''; + } + ]; + networking.firewall = lib.mkIf cfg.openFirewall { allowedTCPPorts = [ cfg.settings.port @@ -91,6 +139,13 @@ in ]; }; + # Provision a redis instance, when livekit-ingress (or later livekit-egress) are enabled on the same host + services.redis.servers.livekit = lib.mkIf cfg.redis.createLocally { + enable = true; + bind = cfg.redis.host; + port = cfg.redis.port; + }; + systemd.services.livekit = { description = "LiveKit SFU server"; documentation = [ "https://docs.livekit.io" ]; @@ -102,7 +157,7 @@ in LoadCredential = [ "livekit-secrets:${cfg.keyFile}" ]; ExecStart = utils.escapeSystemdExecArgs [ (lib.getExe cfg.package) - "--config=${format.generate "livekit.json" cfg.settings}" + "--config=${format.generate "livekit.json" settings}" "--key-file=/run/credentials/livekit.service/livekit-secrets" ]; DynamicUser = true;