diff --git a/modules/common/services/audio.nix b/modules/common/services/audio.nix index 11a409052..0eaf79fa1 100644 --- a/modules/common/services/audio.nix +++ b/modules/common/services/audio.nix @@ -44,7 +44,7 @@ in # Enable TCP socket for VMs pulseaudio clients "server.address" = [ { - address = "tcp:${toString cfg.pulseaudioTcpPort}"; + address = "tcp:0.0.0.0:${toString cfg.pulseaudioTcpPort}"; "client.access" = "unrestricted"; } ]; diff --git a/modules/microvm/virtualization/microvm/appvm.nix b/modules/microvm/virtualization/microvm/appvm.nix index 61429713b..a4f9237ff 100644 --- a/modules/microvm/virtualization/microvm/appvm.nix +++ b/modules/microvm/virtualization/microvm/appvm.nix @@ -33,6 +33,7 @@ let internalIP = index + 100; }) + ./common/ghaf-audio.nix ./common/storagevm.nix # To push logs to central location @@ -73,6 +74,11 @@ let withHardenedConfigs = true; }; + ghaf-audio = { + inherit (vm.ghafAudio) enable; + name = "${vm.name}"; + }; + storagevm = { enable = true; name = "${vm.name}"; @@ -253,6 +259,7 @@ in type = types.nullOr types.str; default = null; }; + ghafAudio.enable = lib.mkEnableOption "Ghaf application audio support"; vtpm.enable = lib.mkEnableOption "vTPM support in the virtual machine"; }; } diff --git a/modules/microvm/virtualization/microvm/common/ghaf-audio.nix b/modules/microvm/virtualization/microvm/common/ghaf-audio.nix new file mode 100644 index 000000000..2d0116f3e --- /dev/null +++ b/modules/microvm/virtualization/microvm/common/ghaf-audio.nix @@ -0,0 +1,44 @@ +# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors +# SPDX-License-Identifier: Apache-2.0 +{ + config, + lib, + pkgs, + ... +}: +let + cfg = config.ghaf.ghaf-audio; + audiovmHost = "audio-vm"; + audiovmPort = config.ghaf.services.audio.pulseaudioTcpPort; + address = "tcp:${audiovmHost}:${toString audiovmPort}"; + reconnectMs = 1000; +in +{ + options.ghaf.ghaf-audio = with lib; { + enable = mkEnableOption "Ghaf audio support for application virtual machine."; + + name = mkOption { + description = '' + Basename of corresponding virtual machine audio channel. + ''; + type = types.str; + }; + }; + + config = lib.mkIf cfg.enable { + security.rtkit.enable = true; + users.extraUsers.ghaf.extraGroups = [ + "audio" + "video" + ]; + + hardware.pulseaudio = { + enable = true; + extraConfig = '' + load-module module-tunnel-sink-new sink_name=${cfg.name}.speaker server=${address} reconnect_interval_ms=${toString reconnectMs} + load-module module-tunnel-source-new source_name=${cfg.name}.mic server=${address} reconnect_interval_ms=${toString reconnectMs} + ''; + package = pkgs.pulseaudio-ghaf; + }; + }; +} diff --git a/modules/reference/appvms/business.nix b/modules/reference/appvms/business.nix index 1ed989a67..2f1b84dc1 100644 --- a/modules/reference/appvms/business.nix +++ b/modules/reference/appvms/business.nix @@ -32,7 +32,6 @@ in in [ pkgs.chromium - pkgs.pulseaudio pkgs.xdg-utils xdgPdfItem xdgOpenPdf @@ -47,22 +46,6 @@ in extraModules = [ { imports = [ ../programs/chromium.nix ]; - # Enable pulseaudio for Chromium VM - security.rtkit.enable = true; - users.extraUsers.ghaf.extraGroups = [ - "audio" - "video" - ]; - - hardware.pulseaudio = { - enable = true; - extraConfig = '' - load-module module-tunnel-sink-new sink_name=business-speaker server=audio-vm:4713 reconnect_interval_ms=1000 - load-module module-tunnel-source-new source_name=business-mic server=audio-vm:4713 reconnect_interval_ms=1000 - ''; - package = pkgs.pulseaudio-ghaf; - }; - time.timeZone = config.time.timeZone; microvm = { @@ -284,5 +267,6 @@ in } ]; borderColor = "#00FF00"; + ghafAudio.enable = true; vtpm.enable = true; } diff --git a/modules/reference/appvms/chromium.nix b/modules/reference/appvms/chromium.nix index 94dddd4bd..d08206efe 100644 --- a/modules/reference/appvms/chromium.nix +++ b/modules/reference/appvms/chromium.nix @@ -44,21 +44,6 @@ in extraModules = [ { imports = [ ../programs/chromium.nix ]; - # Enable pulseaudio for Chromium VM - security.rtkit.enable = true; - users.extraUsers.ghaf.extraGroups = [ - "audio" - "video" - ]; - - hardware.pulseaudio = { - enable = true; - extraConfig = '' - load-module module-tunnel-sink-new sink_name=chromium-speaker server=audio-vm:4713 reconnect_interval_ms=1000 - load-module module-tunnel-source-new source_name=chromium-mic server=audio-vm:4713 reconnect_interval_ms=1000 - ''; - package = pkgs.pulseaudio-ghaf; - }; time.timeZone = config.time.timeZone; @@ -84,5 +69,6 @@ in } ]; borderColor = "#630505"; + ghafAudio.enable = true; vtpm.enable = true; } diff --git a/modules/reference/appvms/comms.nix b/modules/reference/appvms/comms.nix index 86f5fcef3..f65982050 100644 --- a/modules/reference/appvms/comms.nix +++ b/modules/reference/appvms/comms.nix @@ -26,29 +26,12 @@ in pkgs.element-gps pkgs.gpsd pkgs.tcpdump - pkgs.pulseaudio ] ++ pkgs.lib.optionals isDendritePineconeEnabled [ dendrite-pinecone ]; macAddress = "02:00:00:03:09:01"; ramMb = 4096; cores = 4; extraModules = [ { - # Enable pulseaudio for user ghaf to access mic - security.rtkit.enable = true; - users.extraUsers.ghaf.extraGroups = [ - "audio" - "video" - ]; - - hardware.pulseaudio = { - enable = true; - extraConfig = '' - load-module module-tunnel-sink-new sink_name=comms-speaker server=audio-vm:4713 reconnect_interval_ms=1000 - load-module module-tunnel-source-new source_name=comms-mic server=audio-vm:4713 reconnect_interval_ms=1000 - ''; - package = pkgs.pulseaudio-ghaf; - }; - systemd = { services = { element-gps = { @@ -110,4 +93,5 @@ in } ]; borderColor = "#337aff"; + ghafAudio.enable = true; }