37 lines
941 B
Nix
37 lines
941 B
Nix
{ lib, pkgs, ... }: {
|
|
# Intel graphics support for hardware transcoding
|
|
hardware.graphics = {
|
|
enable = true;
|
|
extraPackages = with pkgs; [
|
|
intel-media-driver
|
|
vpl-gpu-rt
|
|
intel-compute-runtime
|
|
];
|
|
};
|
|
|
|
# Set VA-API driver to iHD (modern Intel driver for N100)
|
|
environment.sessionVariables = {
|
|
LIBVA_DRIVER_NAME = "iHD";
|
|
};
|
|
|
|
services.jellyfin = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
};
|
|
|
|
# Override systemd hardening for GPU access
|
|
systemd.services.jellyfin = {
|
|
serviceConfig = {
|
|
PrivateUsers = lib.mkForce false; # Disable user namespacing - breaks GPU device access
|
|
DeviceAllow = [
|
|
"/dev/dri/card0 rw"
|
|
"/dev/dri/renderD128 rw"
|
|
];
|
|
SupplementaryGroups = [ "render" "video" ]; # Critical: Explicit group membership for GPU access
|
|
};
|
|
environment = {
|
|
LIBVA_DRIVER_NAME = "iHD"; # Ensure service sees this variable
|
|
};
|
|
};
|
|
}
|