tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tigor:258e7dcf882d02064975c0a2fe56245f713b901e
Branches Tags
tigor:main
...
compare: tigor:dbe6e325656d4ba78c28dc5bc644689ef9f1bd5a
Branches Tags
tigor:main

5 commits
258e7dcf88 ... dbe6e32565

Author SHA1 Message Date
Tigor Hutasuhut dbe6e32565 castle: update wallust alpha to 90 2024-06-27 16:04:01 +07:00
Tigor Hutasuhut 7997bca8f0 servarr: added rdtclient 2024-06-26 19:25:28 +07:00
Tigor Hutasuhut a772664b8e servarr: enabled jellyseerr service 2024-06-26 16:34:41 +07:00
Tigor Hutasuhut 1eb35f34a1 servarr: added recyclar but disabled because of how advanced it is 2024-06-26 14:59:47 +07:00
Tigor Hutasuhut 92cb15265c sonarr: added anime instance 2024-06-26 13:26:44 +07:00
11 changed files with 232 additions and 20 deletions
Show stats Expand all files Collapse all files

8
options/podman.nix
View file

@ -39,6 +39,14 @@ in
type = types.bool; type = types.bool;
default = config.profile.podman.servarr.enable; default = config.profile.podman.servarr.enable;
}; };
recyclarr.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
rdtclient.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
}; };
}; };
} }

8
options/services.nix
View file

@ -1,6 +1,6 @@
{ lib, ... }: { config, lib, ... }:
let let
inherit (lib) mkEnableOption; inherit (lib) mkEnableOption mkOption types;
in in
{ {
options.profile.services = { options.profile.services = {
@ -14,6 +14,10 @@ in
openvpn.enable = mkEnableOption "openvpn"; openvpn.enable = mkEnableOption "openvpn";
stubby.enable = mkEnableOption "stubby"; stubby.enable = mkEnableOption "stubby";
jellyfin.enable = mkEnableOption "jellyfin"; jellyfin.enable = mkEnableOption "jellyfin";
jellyfin.jellyseerr.enable = mkOption {
type = types.bool;
default = config.profile.services.jellyfin.enable;
};
rust-motd.enable = mkEnableOption "rust-motd"; rust-motd.enable = mkEnableOption "rust-motd";
wireguard.enable = mkEnableOption "wireguard"; wireguard.enable = mkEnableOption "wireguard";
photoprism.enable = mkEnableOption "photoprism"; photoprism.enable = mkEnableOption "photoprism";

2
profiles/castle.nix
View file

@ -40,7 +40,7 @@ in
DP-2 = [ 8 9 10 ]; DP-2 = [ 8 9 10 ];
}; };
pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ]; pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ];
wallust.alpha = 80; wallust.alpha = 90;
swayosd.display = "DP-1"; swayosd.display = "DP-1";
dunst.monitor = "1"; dunst.monitor = "1";
}; };

3
profiles/homeserver.nix
View file

@ -32,6 +32,9 @@
redmage-demo.enable = true; redmage-demo.enable = true;
qbittorrent.enable = true; qbittorrent.enable = true;
servarr.enable = true; servarr.enable = true;
servarr.recyclarr.enable = false;
servarr.real-debrid-manager.enable = false;
servarr.rdtclient.enable = true;
}; };
docker = { docker = {

25
secrets/servarr.yaml Normal file
View file

@ -0,0 +1,25 @@
servarr:
api_keys:
sonarr: ENC[AES256_GCM,data:nm0L0hVqehTiwqx5JScyRHdw4P3vqI4GUARzdDR1lxI=,iv:UE2f2tB/a6QRDEVOvJntE+J2bJ0xLLVvS6XvNz5WWLQ=,tag:jsKFuKYmHotslk53rm1poA==,type:str]
sonarr-anime: ENC[AES256_GCM,data:9RqHLCZ+uwv9a4MTCrXdT0SYFmXBswskV1vpXqwVjAM=,iv:OregkJGVXKuS9hIopgPmbYSBfZKot1Z4FmenQvfqZS0=,tag:j0zjTJ6aDRejvmBtIK/dCA==,type:str]
radarr: ENC[AES256_GCM,data:8ZqFXPubFTdUuNC0Neb/GQrBiWCfFBcc+kLEhmr04vY=,iv:IiVw1I9ugCKklqK16kY0R0BCmGzeFwSi1Ra8mSk87zU=,tag:IrFnI2adhitmpZB1T+ntDw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvcjY3WTZGRUFKWm5BcGR2
dWJ2TVZSY1phcitycnpDbG81UDg2M3dXbVJ3ClhlaG0rc1pNZWt6OXNWbEVaaUZu
S0xHSWlkVzBPdVFXZGJzZXF5RmpiZkEKLS0tIFovUS9kVXRzUlZYU2NyRXZYb1Zj
Sy91VlVMaTlGOW05bWRnMWo5Zm9FdkEK62c/Q2sBqL/m5FwBTglbHYVsN9X+iCvM
qtSsp6dVasPz//eXR7jIvvdwls/Sz64b2Ty8UIUEZCT/kI8E2/j0MQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-26T07:20:32Z"
mac: ENC[AES256_GCM,data:1hTsxSMKPQYToJMgDuLBffer8T/Uh8rw5y4uHk72BqpnCmrm2pVVQb2S3Pq+Fw2icw0BdmYmNTolA1651B4NT/6v6Z4mM10gu4BYlpeNWzPxRpVV52cLc+zD2acBvFxSvqOxPL+6lfAFRJHaUi2Wn0RKzt94RKNdgrRmhIYYDW4=,iv:oioh+NI8OMeeTEF0xLte4zkYwv26AlFj1IOYVoFfdAg=,tag:FwKFlcCoAd4d5yStJ4P5Xg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

3
system/podman/servarr/default.nix
View file

@ -1,11 +1,12 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
# ./real-debrid-manager.nix ./real-debrid-manager.nix
./qbittorrent.nix ./qbittorrent.nix
./sonarr.nix ./sonarr.nix
./prowlarr.nix ./prowlarr.nix
./bazarr.nix ./bazarr.nix
./radarr.nix ./radarr.nix
./rdtclient.nix
]; ];
} }

51
system/podman/servarr/rdtclient.nix Normal file
View file

@ -0,0 +1,51 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
name = "rdtclient";
cfg = podman.servarr.${name};
ip = "10.88.2.1";
image = "docker.io/rogerfar/rdtclient:latest";
root = "/nas/mediaserver/servarr";
volumeConfig = "${root}/${name}";
mediaVolume = "${root}/data/torrents";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && cfg.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:6500
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${volumeConfig} ${mediaVolume}
chown ${uid}:${gid} ${volumeConfig} ${mediaVolume}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
# user = "${uid}:${gid}";
environment = {
TZ = "Asia/Jakarta";
PUID = uid;
PGID = gid;
};
volumes = [
"${volumeConfig}:/data/db"
"${mediaVolume}:/data/torrents"
];
extraOptions = [
"--network=podman"
"--ip=${ip}"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

29
system/podman/servarr/real-debrid-manager.nix
View file

@ -1,26 +1,29 @@
{ config, lib, ... }: { config, lib, ... }:
let let
podman = config.profile.podman; podman = config.profile.podman;
cfg = podman.servarr.real-debrid-manager;
name = "real-debrid-manager"; name = "real-debrid-manager";
ip = "10.88.2.1"; real-debrid-manager = podman.servarr.${name};
image = "docker.io/hyperbunny77/realdebridmanager:latest"; ip = "10.88.2.99";
volume = "/nas/mediaserver/servarr/real-debrid-manager"; image = "docker.io/hyperbunny77/realdebridmanager:2022.06.27";
domain = "rdm.tigor.web.id"; root = "/nas/mediaserver/servarr";
configVolume = "${root}/real-debrid-manager";
mediaVolume = "${root}/data/torrents";
watchVolume = "${mediaVolume}/watch";
domain = "${name}.tigor.web.id";
user = config.profile.user; user = config.profile.user;
uid = toString user.uid; uid = toString user.uid;
gid = toString user.gid; gid = toString user.gid;
inherit (lib) mkIf; inherit (lib) mkIf;
in in
{ {
config = mkIf (podman.enable && cfg.enable) { config = mkIf (podman.enable && real-debrid-manager.enable) {
services.caddy.${domain}.extraConfig = '' services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:5000 reverse_proxy ${ip}:5000
''; '';
system.activationScripts."podman-${name}" = '' system.activationScripts."podman-${name}" = ''
mkdir -p ${volume}/{config,downloads,watch} mkdir -p ${configVolume} ${mediaVolume} ${watchVolume}
chown -R ${uid}:${gid} ${volume}/{config,downloads,watch} chown ${uid}:${gid} ${configVolume} ${mediaVolume} ${watchVolume}
''; '';
virtualisation.oci-containers.containers.${name} = { virtualisation.oci-containers.containers.${name} = {
@ -28,14 +31,14 @@ in
hostname = name; hostname = name;
autoStart = true; autoStart = true;
user = "${uid}:${gid}"; user = "${uid}:${gid}";
enviroment = { environment = {
TZ = "Asia/Jakarta"; TZ = "Asia/Jakarta";
rdmport = "5000"; rdmport = "5000";
}; };
volumes = [ volumes = [
"${volume}/config:/config" "${configVolume}:/config"
"${volume}/downloads:/downloads" "${mediaVolume}:/data/torrents"
"${volume}/watch:/watch" "${watchVolume}:/watch"
]; ];
extraOptions = [ extraOptions = [
"--network=podman" "--network=podman"

77
system/podman/servarr/recyclarr.nix Normal file
View file

@ -0,0 +1,77 @@
{ config, lib, pkgs, ... }:
let
podman = config.profile.podman;
name = "recyclarr";
recyclarr = podman.servarr.${name};
ip = "10.88.2.100";
image = "ghcr.io/recyclarr/recyclarr:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/${name}";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && recyclarr.enable) {
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume}
chown ${uid}:${gid} ${configVolume}
'';
sops.secrets =
let
opts = { sopsFile = ../../../secrets/servarr.yaml; };
in
{
"servarr/api_keys/sonarr" = opts;
"servarr/api_keys/sonarr-anime" = opts;
"servarr/api_keys/radarr" = opts;
};
sops.templates."recyclarr/recylarr.yml" = {
owner = user.name;
path = "${configVolume}/recyclarr.yml";
content = builtins.readFile ((pkgs.formats.yaml { }).generate "recyclarr.yml" {
sonarr = {
tv = {
base_url = "http://sonarr:8989";
api_key = config.sops.placeholders."servarr/api_keys/sonarr";
quality_definition.type = "series";
release_profiles = [
{
trash_ids = [ ];
}
];
};
anime = {
base_url = "http://sonarr-anime:8989";
api_key = config.sops.placeholders."servarr/api_keys/sonarr-anime";
quality_definition.type = "anime";
};
};
});
};
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
user = "${uid}:${gid}";
environment = {
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolume}:/config"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

36
system/podman/servarr/sonarr.nix
View file

@ -3,12 +3,16 @@ let
podman = config.profile.podman; podman = config.profile.podman;
sonarr = podman.servarr.sonarr; sonarr = podman.servarr.sonarr;
name = "sonarr"; name = "sonarr";
name-anime = "${name}-anime";
ip = "10.88.2.3"; ip = "10.88.2.3";
ip-anime = "10.88.2.33";
image = "lscr.io/linuxserver/sonarr:latest"; image = "lscr.io/linuxserver/sonarr:latest";
root = "/nas/mediaserver/servarr"; root = "/nas/mediaserver/servarr";
configVolume = "${root}/sonarr"; configVolume = "${root}/${name}";
configVolumeAnime = "${root}/${name-anime}";
mediaVolume = "${root}/data"; mediaVolume = "${root}/data";
domain = "${name}.tigor.web.id"; domain = "${name}.tigor.web.id";
domain-anime = "${name-anime}.tigor.web.id";
user = config.profile.user; user = config.profile.user;
uid = toString user.uid; uid = toString user.uid;
gid = toString user.gid; gid = toString user.gid;
@ -20,9 +24,13 @@ in
reverse_proxy ${ip}:8989 reverse_proxy ${ip}:8989
''; '';
services.caddy.virtualHosts.${domain-anime}.extraConfig = ''
reverse_proxy ${ip-anime}:8989
'';
system.activationScripts."podman-${name}" = '' system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume} ${mediaVolume} mkdir -p ${configVolume} ${mediaVolume} ${configVolumeAnime}
chown ${uid}:${gid} ${mediaVolume} ${configVolume} chown ${uid}:${gid} ${mediaVolume} ${configVolume} ${configVolumeAnime}
''; '';
virtualisation.oci-containers.containers.${name} = { virtualisation.oci-containers.containers.${name} = {
@ -46,5 +54,27 @@ in
"io.containers.autoupdate" = "registry"; "io.containers.autoupdate" = "registry";
}; };
}; };
virtualisation.oci-containers.containers.${name-anime} = {
inherit image;
hostname = name-anime;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolumeAnime}:/config"
"${mediaVolume}:/data"
];
extraOptions = [
"--ip=${ip-anime}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
}; };
} }

10
system/services/jellyfin.nix
View file

@ -3,6 +3,7 @@ let
cfg = config.profile.services.jellyfin; cfg = config.profile.services.jellyfin;
dataDir = "/nas/mediaserver/jellyfin"; dataDir = "/nas/mediaserver/jellyfin";
domain = "jellyfin.tigor.web.id"; domain = "jellyfin.tigor.web.id";
domain-jellyseerr = "media.tigor.web.id";
inherit (lib) mkIf; inherit (lib) mkIf;
username = config.profile.user.name; username = config.profile.user.name;
in in
@ -17,9 +18,18 @@ in
services.caddy.virtualHosts.${domain}.extraConfig = '' services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy 0.0.0.0:8096 reverse_proxy 0.0.0.0:8096
''; '';
services.caddy.virtualHosts.${domain-jellyseerr} = mkIf cfg.jellyseerr.enable {
extraConfig = ''
reverse_proxy 0.0.0.0:5055
'';
};
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
inherit dataDir; inherit dataDir;
}; };
services.jellyseerr = mkIf cfg.jellyseerr.enable {
enable = true;
};
}; };
} }