Unverified Commit fbe6eb95 authored by Sandro Jäckel's avatar Sandro Jäckel
Browse files

nixos/music-assistant: add openFirewall option 

to open all required ports for airplay or sendspin as otherwise airplay
(raopcli) just coredumps.
parent 94081af8

nixos/modules/services/audio/music-assistant.nix

+27 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ let 
    ;



  inherit (types)

    bool

    listOf

    enum

    str
@@ -54,6 +55,15 @@ in 
      '';

    };



    openFirewall = lib.mkOption {

      type = bool;

      default = false;

      description = ''

        Whether to open required ports for the configured providers.

        Currently airplay and sendspin need port to be opened to function.

      '';

    };



    providers = mkOption {

      type = listOf (enum cfg.package.providerNames);

      default = [ ];
@@ -68,6 +78,23 @@ in 
  };



  config = mkIf cfg.enable {

    networking.firewall = lib.mkIf cfg.openFirewall {

      allowedTCPPorts =

        lib.optional cfg.enable 8097 # Music Assistant stream port

        ++ lib.optional (lib.elem "airplay" cfg.providers) 7000

        ++ lib.optional (lib.elem "sendspin" cfg.providers) 8927;

      # The information published by Apple 1 seem to not apply to libraop.

      # The closest we could find that represents the port range being used as observed by tcpdump is the ephemeral port range.

      # 1: https://support.apple.com/en-us/103229#:~:text=49152%E2%80%93-,65535,-TCP%2C%20UDP

      # 2: https://en.wikipedia.org/wiki/Ephemeral_port#Range

      allowedUDPPortRanges = lib.mkIf (lib.elem "airplay" cfg.providers) [

        {

          from = 32768;

          to = 65535;

        }

      ];

    };



    services.avahi = lib.mkIf (lib.elem "airplay_receiver" cfg.providers) {

      enable = true;

      publish = {