diff --git a/web/flake.nix b/web/flake.nix index 82e08ed..f3703b4 100644 --- a/web/flake.nix +++ b/web/flake.nix @@ -72,22 +72,50 @@ description = "QueueCube media player service"; wantedBy = [ "default.target" ]; after = [ "pipewire.service" "pipewire-pulse.service" ]; - + serviceConfig = { ExecStart = "${self.packages.${pkgs.system}.queuecube}/bin/queuecube"; Restart = "on-failure"; RestartSec = 5; - - # Allow access to X11 for mpv - Environment = [ "DISPLAY=:0" ]; + + # Remove all resource limits for mpv to function properly + LimitNOFILE = "infinity"; # No limit on file descriptors + LimitMEMLOCK = "infinity"; # No limit on locked memory (for real-time audio) + LimitNPROC = "infinity"; # No limit on number of processes + LimitAS = "infinity"; # No limit on address space + LimitRSS = "infinity"; # No limit on resident set size + LimitCORE = "infinity"; # Allow core dumps for debugging + LimitDATA = "infinity"; # No limit on data segment + LimitSTACK = "infinity"; # No limit on stack size + LimitCPU = "infinity"; # No limit on CPU time + LimitRTPRIO = "99"; # Allow real-time priority + LimitRTTIME = "infinity"; # No limit on real-time scheduling + + # Nice level for better performance + Nice = "-10"; + + # Allow access to necessary devices and features + PrivateDevices = false; + ProtectHome = false; + ProtectSystem = false; + NoNewPrivileges = false; + + # Environment for X11 and runtime directories + Environment = [ + "DISPLAY=:0" + "XDG_RUNTIME_DIR=/run/user/%u" + ]; }; - + environment = { PORT = toString cfg.port; ENABLE_VIDEO = if cfg.enable_video then "1" else "0"; USE_INVIDIOUS = if cfg.invidious.enable then "1" else "0"; INVIDIOUS_BASE_URL = cfg.invidious.url; STORE_PATH = cfg.store_path; + + # Add PulseAudio runtime path + PULSE_RUNTIME_PATH = "/run/user/%u/pulse"; }; }; };