summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--modules/config/pulseaudio.nix3
-rw-r--r--modules/misc/ids.nix1
-rw-r--r--modules/module-list.nix1
-rw-r--r--modules/security/rtkit.nix39
4 files changed, 44 insertions, 0 deletions
diff --git a/modules/config/pulseaudio.nix b/modules/config/pulseaudio.nix
index 0d0dd829782..35b7cbb0158 100644
--- a/modules/config/pulseaudio.nix
+++ b/modules/config/pulseaudio.nix
@@ -48,6 +48,9 @@ with pkgs.lib;
         }
       ];
 
+    # Allow PulseAudio to get realtime priority using rtkit.
+    security.rtkit.enable = true;
+      
   };
 
 }
diff --git a/modules/misc/ids.nix b/modules/misc/ids.nix
index 02c9cefc315..4181cd53ef8 100644
--- a/modules/misc/ids.nix
+++ b/modules/misc/ids.nix
@@ -63,6 +63,7 @@ in
     fourStore = 42;
     fourStoreEndpoint = 43;
     virtuoso = 44;
+    rtkit = 45;
 
     # When adding a uid, make sure it doesn't match an existing gid.
 
diff --git a/modules/module-list.nix b/modules/module-list.nix
index c2c8d4ee7ab..77acac42802 100644
--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@@ -45,6 +45,7 @@
   ./security/pam_usb.nix
   ./security/policykit.nix
   ./security/polkit.nix
+  ./security/rtkit.nix
   ./security/setuid-wrappers.nix
   ./security/sudo.nix
   ./services/amqp/rabbitmq.nix
diff --git a/modules/security/rtkit.nix b/modules/security/rtkit.nix
new file mode 100644
index 00000000000..060ff87f9ea
--- /dev/null
+++ b/modules/security/rtkit.nix
@@ -0,0 +1,39 @@
+# A module for ‘rtkit’, a DBus system service that hands out realtime
+# scheduling priority to processes that ask for it.
+
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+{
+
+  options = {
+  
+    security.rtkit.enable = mkOption {
+      default = false;
+      description = ''
+        Whether to enable the RealtimeKit system service, which hands
+        out realtime scheduling priority to user processes on
+        demand. For example, the PulseAudio server uses this to
+        acquire realtime priority.
+      '';
+    };
+
+  };
+  
+
+  config = mkIf config.security.rtkit.enable {
+
+    environment.systemPackages = [ pkgs.rtkit ];
+
+    services.dbus.packages = [ pkgs.rtkit ];
+
+    users.extraUsers = singleton
+      { name = "rtkit";
+        uid = config.ids.uids.rtkit;
+        description = "RealtimeKit daemon";
+      };
+
+  };
+
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-19 19:01:19 +0000