From 5f51d917f2a618ff1f4b9ffe7dcc887512613fe9 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Fri, 19 Sep 2025 12:24:13 +0200
Subject: [PATCH 1/4] feat: adds syncplay credentials

---
 modules/core/sops.nix       | 1 +
 secrets/violet/secrets.yaml | 5 +++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/modules/core/sops.nix b/modules/core/sops.nix
index 27b1c10..91bd2f0 100644
--- a/modules/core/sops.nix
+++ b/modules/core/sops.nix
@@ -23,6 +23,7 @@
             owner = "matrix-synapse";
           };
           "smbLoginDetails" = { };
+          "syncplay" = { };
         }
       else if (host == "sakura") then
         {
diff --git a/secrets/violet/secrets.yaml b/secrets/violet/secrets.yaml
index f8d5015..57aabc9 100644
--- a/secrets/violet/secrets.yaml
+++ b/secrets/violet/secrets.yaml
@@ -3,6 +3,7 @@ forgejoWorkerSecret: ENC[AES256_GCM,data:kmUjukTJ9SP6nJvfhIMFVTu5vAc9TIfZidUgejC
 matrixRegistrationSecret: ENC[AES256_GCM,data:xDFYVpBJa+FHWjmLlZspJAzJcoav53nWPoctQ5+gAnDYMurtSCkmoQn8r5j6fOmiy56KQyk8AD2/kT1HeFFNKA==,iv:82eIoh1ePc0VxfTbBPxpwGhYrcdRMI6WjFhlUJhxuHk=,tag:FAYUXUy0lEQU56ni2dxvbg==,type:str]
 minioRootCredentials: ENC[AES256_GCM,data:/IrpspB6Puy+6scHheBSBp6zQVh8uwpu4nFPLSkueuohSUESPHbRb0w1XAp4V5HraMtOThFqlm0JeBW0XbhY4E8L1P+S3/aMLKjp2voA928l9AjF6sTaSKsO7qh6LEmo90qm9Jo0nDo=,iv:M5NOGfSsl+LggLyEjV49vcWCaYmbG0eJcgwI2v7AKcI=,tag:A+CrDTL+TkEayOqBUII4aQ==,type:str]
 smbLoginDetails: ENC[AES256_GCM,data:Puv+Vewv0TDpiYM+Uym180CLT+vXKoeSW/uNxAX7f9y0NvG2Uqqglj/HcCMhyQn9GpCIQyb+xidlLWn3Ywdg6ybaf4WN5EdAEXMK/FRQyVIvvOcCcwG+IeUc1Wc5NmM2qEbxLqLNDWxiH8/QsrT9rWWxxx4c4eD1HOpIv9LCuavXXLmKy6JvtxYwtOv4u8ukp+e0uP7pLN7d,iv:XH+6soi7lZiGz9ZGlQb49f44API715ib/Y7Zh3hFnDM=,tag:iz8RYRSwNxrMxy+rqeM07Q==,type:str]
+syncplay: ENC[AES256_GCM,data:Vrn1GmmUnIikiTKIQtP3qBfZIZRW2Za2Xhhegp7PAulujxumLGMAz9lBnTPBy3uofpayP8NJuU9v8cpU4a4w5A==,iv:s4RFaZwftqmI3BhpO1msvpfO2u3AGlPik7nMX2hjnyE=,tag:13zft7dmd85udoi7CnfWYg==,type:str]
 sops:
     age:
         - recipient: age1yzapmznelujajfyrpw5mxmy86ckg377494w5ap4yej39jatewursfxls9w
@@ -23,7 +24,7 @@ sops:
             S3pjSjlhZjZiSDBNakhLVzNKMjd3bWsKC2geLVXFp190lkjxtmZKq8aLN0XMNeAI
             VqbwIY3a30iuWAaxqf8h1ZuCGJvbAZZBevFZraj9yktRHc54JV3Aww==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-08-19T12:23:05Z"
-    mac: ENC[AES256_GCM,data:hH3cTyHeFMTH5zYpCWyM1uqLta/uzQcLc5HPSdsR52Skh89/5h51vC666g0JuVm/sXh3gv6XQ1AGidPMAmx60qmHjiWE/LRli7xDwKk3p4mldC7RC2FrR0JPmfhDzXIo7VL60PCq4CPWevyRpAWMEMgnc3Z/IzmfDObUsvU+rg0=,iv:CrL4uqV8keGMw+tuqvkNrpKoM0qqr1vsdhESPUb+Hig=,tag:O2NKejf2dpkrkTzX1IfQcA==,type:str]
+    lastmodified: "2025-09-19T10:22:44Z"
+    mac: ENC[AES256_GCM,data:aJcXcdCR9nKbiaGEcGIQxr0kW7D8p2OzC2YDh18AFinWhdUSUDh6B8vkHR3ScIgUOYWc70/vSVsn3+M5JmtH3+mKMwMwSKF2plhicSBGdRELkeeowy6tCZGOVUvRsBhUpynd86qxxvWbJO4Q6mCSNbBQ/cr8493OZWenzB/fedQ=,iv:UqgIWA4ZK3cVn0iepeBPF8KuNREuGKNnijo/oGd4/q0=,tag:CT2uFz+flsZyNAM6SnhveA==,type:str]
     unencrypted_suffix: _unencrypted
     version: 3.10.2

From 10c138960ae4060e5e2292b5ffb50a6ceb550141 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Fri, 19 Sep 2025 12:25:33 +0200
Subject: [PATCH 2/4] feat: adds syncplay server

---
 modules/services/syncplay.nix | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 modules/services/syncplay.nix

diff --git a/modules/services/syncplay.nix b/modules/services/syncplay.nix
new file mode 100644
index 0000000..447e4a7
--- /dev/null
+++ b/modules/services/syncplay.nix
@@ -0,0 +1,7 @@
+{ config, ... }:
+{
+  services.syncplay = {
+    enable = true;
+    passwordFile = config.sops.secrets.syncplay.path;
+  };
+}

From a642fb41df9e518d1968591a7f85f819619e9c95 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Fri, 19 Sep 2025 12:31:13 +0200
Subject: [PATCH 3/4] fix: mumble server works now and supports 192kb/s :)

---
 modules/services/mumble.nix | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/services/mumble.nix b/modules/services/mumble.nix
index eaa0836..febfefc 100644
--- a/modules/services/mumble.nix
+++ b/modules/services/mumble.nix
@@ -2,6 +2,7 @@
 {
   services.murmur = {
     enable = true;
-    openFirewall = false;
+    openFirewall = true;
+    bandwidth = 192000;
   };
 }

From 7a84a849ecb673659a72eb27b52beb0f0b559918 Mon Sep 17 00:00:00 2001
From: Ahwx <ahwx@ahwx.org>
Date: Fri, 19 Sep 2025 12:37:52 +0200
Subject: [PATCH 4/4] fix: allow firewall port for syncplay

---
 modules/services/syncplay.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/services/syncplay.nix b/modules/services/syncplay.nix
index 447e4a7..ca4551b 100644
--- a/modules/services/syncplay.nix
+++ b/modules/services/syncplay.nix
@@ -4,4 +4,5 @@
     enable = true;
     passwordFile = config.sops.secrets.syncplay.path;
   };
+  networking.firewall.allowedTCPPorts = [ 8999 ];
 }