Compare commits
5 commits
258e7dcf88
...
dbe6e32565
Author | SHA1 | Date | |
---|---|---|---|
Tigor Hutasuhut | dbe6e32565 | ||
Tigor Hutasuhut | 7997bca8f0 | ||
Tigor Hutasuhut | a772664b8e | ||
Tigor Hutasuhut | 1eb35f34a1 | ||
Tigor Hutasuhut | 92cb15265c |
|
@ -39,6 +39,14 @@ in
|
||||||
type = types.bool;
|
type = types.bool;
|
||||||
default = config.profile.podman.servarr.enable;
|
default = config.profile.podman.servarr.enable;
|
||||||
};
|
};
|
||||||
|
recyclarr.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = config.profile.podman.servarr.enable;
|
||||||
|
};
|
||||||
|
rdtclient.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = config.profile.podman.servarr.enable;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ lib, ... }:
|
{ config, lib, ... }:
|
||||||
let
|
let
|
||||||
inherit (lib) mkEnableOption;
|
inherit (lib) mkEnableOption mkOption types;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
options.profile.services = {
|
options.profile.services = {
|
||||||
|
@ -14,6 +14,10 @@ in
|
||||||
openvpn.enable = mkEnableOption "openvpn";
|
openvpn.enable = mkEnableOption "openvpn";
|
||||||
stubby.enable = mkEnableOption "stubby";
|
stubby.enable = mkEnableOption "stubby";
|
||||||
jellyfin.enable = mkEnableOption "jellyfin";
|
jellyfin.enable = mkEnableOption "jellyfin";
|
||||||
|
jellyfin.jellyseerr.enable = mkOption {
|
||||||
|
type = types.bool;
|
||||||
|
default = config.profile.services.jellyfin.enable;
|
||||||
|
};
|
||||||
rust-motd.enable = mkEnableOption "rust-motd";
|
rust-motd.enable = mkEnableOption "rust-motd";
|
||||||
wireguard.enable = mkEnableOption "wireguard";
|
wireguard.enable = mkEnableOption "wireguard";
|
||||||
photoprism.enable = mkEnableOption "photoprism";
|
photoprism.enable = mkEnableOption "photoprism";
|
||||||
|
|
|
@ -40,7 +40,7 @@ in
|
||||||
DP-2 = [ 8 9 10 ];
|
DP-2 = [ 8 9 10 ];
|
||||||
};
|
};
|
||||||
pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ];
|
pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ];
|
||||||
wallust.alpha = 80;
|
wallust.alpha = 90;
|
||||||
swayosd.display = "DP-1";
|
swayosd.display = "DP-1";
|
||||||
dunst.monitor = "1";
|
dunst.monitor = "1";
|
||||||
};
|
};
|
||||||
|
|
|
@ -32,6 +32,9 @@
|
||||||
redmage-demo.enable = true;
|
redmage-demo.enable = true;
|
||||||
qbittorrent.enable = true;
|
qbittorrent.enable = true;
|
||||||
servarr.enable = true;
|
servarr.enable = true;
|
||||||
|
servarr.recyclarr.enable = false;
|
||||||
|
servarr.real-debrid-manager.enable = false;
|
||||||
|
servarr.rdtclient.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
docker = {
|
docker = {
|
||||||
|
|
25
secrets/servarr.yaml
Normal file
25
secrets/servarr.yaml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
servarr:
|
||||||
|
api_keys:
|
||||||
|
sonarr: ENC[AES256_GCM,data:nm0L0hVqehTiwqx5JScyRHdw4P3vqI4GUARzdDR1lxI=,iv:UE2f2tB/a6QRDEVOvJntE+J2bJ0xLLVvS6XvNz5WWLQ=,tag:jsKFuKYmHotslk53rm1poA==,type:str]
|
||||||
|
sonarr-anime: ENC[AES256_GCM,data:9RqHLCZ+uwv9a4MTCrXdT0SYFmXBswskV1vpXqwVjAM=,iv:OregkJGVXKuS9hIopgPmbYSBfZKot1Z4FmenQvfqZS0=,tag:j0zjTJ6aDRejvmBtIK/dCA==,type:str]
|
||||||
|
radarr: ENC[AES256_GCM,data:8ZqFXPubFTdUuNC0Neb/GQrBiWCfFBcc+kLEhmr04vY=,iv:IiVw1I9ugCKklqK16kY0R0BCmGzeFwSi1Ra8mSk87zU=,tag:IrFnI2adhitmpZB1T+ntDw==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvcjY3WTZGRUFKWm5BcGR2
|
||||||
|
dWJ2TVZSY1phcitycnpDbG81UDg2M3dXbVJ3ClhlaG0rc1pNZWt6OXNWbEVaaUZu
|
||||||
|
S0xHSWlkVzBPdVFXZGJzZXF5RmpiZkEKLS0tIFovUS9kVXRzUlZYU2NyRXZYb1Zj
|
||||||
|
Sy91VlVMaTlGOW05bWRnMWo5Zm9FdkEK62c/Q2sBqL/m5FwBTglbHYVsN9X+iCvM
|
||||||
|
qtSsp6dVasPz//eXR7jIvvdwls/Sz64b2Ty8UIUEZCT/kI8E2/j0MQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-06-26T07:20:32Z"
|
||||||
|
mac: ENC[AES256_GCM,data:1hTsxSMKPQYToJMgDuLBffer8T/Uh8rw5y4uHk72BqpnCmrm2pVVQb2S3Pq+Fw2icw0BdmYmNTolA1651B4NT/6v6Z4mM10gu4BYlpeNWzPxRpVV52cLc+zD2acBvFxSvqOxPL+6lfAFRJHaUi2Wn0RKzt94RKNdgrRmhIYYDW4=,iv:oioh+NI8OMeeTEF0xLte4zkYwv26AlFj1IOYVoFfdAg=,tag:FwKFlcCoAd4d5yStJ4P5Xg==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.8.1
|
|
@ -1,11 +1,12 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
# ./real-debrid-manager.nix
|
./real-debrid-manager.nix
|
||||||
./qbittorrent.nix
|
./qbittorrent.nix
|
||||||
./sonarr.nix
|
./sonarr.nix
|
||||||
./prowlarr.nix
|
./prowlarr.nix
|
||||||
./bazarr.nix
|
./bazarr.nix
|
||||||
./radarr.nix
|
./radarr.nix
|
||||||
|
./rdtclient.nix
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
51
system/podman/servarr/rdtclient.nix
Normal file
51
system/podman/servarr/rdtclient.nix
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
{ config, lib, ... }:
|
||||||
|
let
|
||||||
|
podman = config.profile.podman;
|
||||||
|
name = "rdtclient";
|
||||||
|
cfg = podman.servarr.${name};
|
||||||
|
ip = "10.88.2.1";
|
||||||
|
image = "docker.io/rogerfar/rdtclient:latest";
|
||||||
|
root = "/nas/mediaserver/servarr";
|
||||||
|
volumeConfig = "${root}/${name}";
|
||||||
|
mediaVolume = "${root}/data/torrents";
|
||||||
|
domain = "${name}.tigor.web.id";
|
||||||
|
user = config.profile.user;
|
||||||
|
uid = toString user.uid;
|
||||||
|
gid = toString user.gid;
|
||||||
|
inherit (lib) mkIf;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
config = mkIf (podman.enable && cfg.enable) {
|
||||||
|
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||||
|
reverse_proxy ${ip}:6500
|
||||||
|
'';
|
||||||
|
|
||||||
|
system.activationScripts."podman-${name}" = ''
|
||||||
|
mkdir -p ${volumeConfig} ${mediaVolume}
|
||||||
|
chown ${uid}:${gid} ${volumeConfig} ${mediaVolume}
|
||||||
|
'';
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.${name} = {
|
||||||
|
inherit image;
|
||||||
|
hostname = name;
|
||||||
|
autoStart = true;
|
||||||
|
# user = "${uid}:${gid}";
|
||||||
|
environment = {
|
||||||
|
TZ = "Asia/Jakarta";
|
||||||
|
PUID = uid;
|
||||||
|
PGID = gid;
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"${volumeConfig}:/data/db"
|
||||||
|
"${mediaVolume}:/data/torrents"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--network=podman"
|
||||||
|
"--ip=${ip}"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
"io.containers.autoupdate" = "registry";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -1,26 +1,29 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let
|
let
|
||||||
podman = config.profile.podman;
|
podman = config.profile.podman;
|
||||||
cfg = podman.servarr.real-debrid-manager;
|
|
||||||
name = "real-debrid-manager";
|
name = "real-debrid-manager";
|
||||||
ip = "10.88.2.1";
|
real-debrid-manager = podman.servarr.${name};
|
||||||
image = "docker.io/hyperbunny77/realdebridmanager:latest";
|
ip = "10.88.2.99";
|
||||||
volume = "/nas/mediaserver/servarr/real-debrid-manager";
|
image = "docker.io/hyperbunny77/realdebridmanager:2022.06.27";
|
||||||
domain = "rdm.tigor.web.id";
|
root = "/nas/mediaserver/servarr";
|
||||||
|
configVolume = "${root}/real-debrid-manager";
|
||||||
|
mediaVolume = "${root}/data/torrents";
|
||||||
|
watchVolume = "${mediaVolume}/watch";
|
||||||
|
domain = "${name}.tigor.web.id";
|
||||||
user = config.profile.user;
|
user = config.profile.user;
|
||||||
uid = toString user.uid;
|
uid = toString user.uid;
|
||||||
gid = toString user.gid;
|
gid = toString user.gid;
|
||||||
inherit (lib) mkIf;
|
inherit (lib) mkIf;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
config = mkIf (podman.enable && cfg.enable) {
|
config = mkIf (podman.enable && real-debrid-manager.enable) {
|
||||||
services.caddy.${domain}.extraConfig = ''
|
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||||
reverse_proxy ${ip}:5000
|
reverse_proxy ${ip}:5000
|
||||||
'';
|
'';
|
||||||
|
|
||||||
system.activationScripts."podman-${name}" = ''
|
system.activationScripts."podman-${name}" = ''
|
||||||
mkdir -p ${volume}/{config,downloads,watch}
|
mkdir -p ${configVolume} ${mediaVolume} ${watchVolume}
|
||||||
chown -R ${uid}:${gid} ${volume}/{config,downloads,watch}
|
chown ${uid}:${gid} ${configVolume} ${mediaVolume} ${watchVolume}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
virtualisation.oci-containers.containers.${name} = {
|
virtualisation.oci-containers.containers.${name} = {
|
||||||
|
@ -28,14 +31,14 @@ in
|
||||||
hostname = name;
|
hostname = name;
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
user = "${uid}:${gid}";
|
user = "${uid}:${gid}";
|
||||||
enviroment = {
|
environment = {
|
||||||
TZ = "Asia/Jakarta";
|
TZ = "Asia/Jakarta";
|
||||||
rdmport = "5000";
|
rdmport = "5000";
|
||||||
};
|
};
|
||||||
volumes = [
|
volumes = [
|
||||||
"${volume}/config:/config"
|
"${configVolume}:/config"
|
||||||
"${volume}/downloads:/downloads"
|
"${mediaVolume}:/data/torrents"
|
||||||
"${volume}/watch:/watch"
|
"${watchVolume}:/watch"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=podman"
|
"--network=podman"
|
||||||
|
|
77
system/podman/servarr/recyclarr.nix
Normal file
77
system/podman/servarr/recyclarr.nix
Normal file
|
@ -0,0 +1,77 @@
|
||||||
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
podman = config.profile.podman;
|
||||||
|
name = "recyclarr";
|
||||||
|
recyclarr = podman.servarr.${name};
|
||||||
|
ip = "10.88.2.100";
|
||||||
|
image = "ghcr.io/recyclarr/recyclarr:latest";
|
||||||
|
root = "/nas/mediaserver/servarr";
|
||||||
|
configVolume = "${root}/${name}";
|
||||||
|
user = config.profile.user;
|
||||||
|
uid = toString user.uid;
|
||||||
|
gid = toString user.gid;
|
||||||
|
inherit (lib) mkIf;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
config = mkIf (podman.enable && recyclarr.enable) {
|
||||||
|
|
||||||
|
system.activationScripts."podman-${name}" = ''
|
||||||
|
mkdir -p ${configVolume}
|
||||||
|
chown ${uid}:${gid} ${configVolume}
|
||||||
|
'';
|
||||||
|
|
||||||
|
sops.secrets =
|
||||||
|
let
|
||||||
|
opts = { sopsFile = ../../../secrets/servarr.yaml; };
|
||||||
|
in
|
||||||
|
{
|
||||||
|
"servarr/api_keys/sonarr" = opts;
|
||||||
|
"servarr/api_keys/sonarr-anime" = opts;
|
||||||
|
"servarr/api_keys/radarr" = opts;
|
||||||
|
};
|
||||||
|
|
||||||
|
sops.templates."recyclarr/recylarr.yml" = {
|
||||||
|
owner = user.name;
|
||||||
|
path = "${configVolume}/recyclarr.yml";
|
||||||
|
content = builtins.readFile ((pkgs.formats.yaml { }).generate "recyclarr.yml" {
|
||||||
|
sonarr = {
|
||||||
|
tv = {
|
||||||
|
base_url = "http://sonarr:8989";
|
||||||
|
api_key = config.sops.placeholders."servarr/api_keys/sonarr";
|
||||||
|
quality_definition.type = "series";
|
||||||
|
release_profiles = [
|
||||||
|
{
|
||||||
|
trash_ids = [ ];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
anime = {
|
||||||
|
base_url = "http://sonarr-anime:8989";
|
||||||
|
api_key = config.sops.placeholders."servarr/api_keys/sonarr-anime";
|
||||||
|
quality_definition.type = "anime";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
});
|
||||||
|
};
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.${name} = {
|
||||||
|
inherit image;
|
||||||
|
hostname = name;
|
||||||
|
autoStart = true;
|
||||||
|
user = "${uid}:${gid}";
|
||||||
|
environment = {
|
||||||
|
TZ = "Asia/Jakarta";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"${configVolume}:/config"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--ip=${ip}"
|
||||||
|
"--network=podman"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
"io.containers.autoupdate" = "registry";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -3,12 +3,16 @@ let
|
||||||
podman = config.profile.podman;
|
podman = config.profile.podman;
|
||||||
sonarr = podman.servarr.sonarr;
|
sonarr = podman.servarr.sonarr;
|
||||||
name = "sonarr";
|
name = "sonarr";
|
||||||
|
name-anime = "${name}-anime";
|
||||||
ip = "10.88.2.3";
|
ip = "10.88.2.3";
|
||||||
|
ip-anime = "10.88.2.33";
|
||||||
image = "lscr.io/linuxserver/sonarr:latest";
|
image = "lscr.io/linuxserver/sonarr:latest";
|
||||||
root = "/nas/mediaserver/servarr";
|
root = "/nas/mediaserver/servarr";
|
||||||
configVolume = "${root}/sonarr";
|
configVolume = "${root}/${name}";
|
||||||
|
configVolumeAnime = "${root}/${name-anime}";
|
||||||
mediaVolume = "${root}/data";
|
mediaVolume = "${root}/data";
|
||||||
domain = "${name}.tigor.web.id";
|
domain = "${name}.tigor.web.id";
|
||||||
|
domain-anime = "${name-anime}.tigor.web.id";
|
||||||
user = config.profile.user;
|
user = config.profile.user;
|
||||||
uid = toString user.uid;
|
uid = toString user.uid;
|
||||||
gid = toString user.gid;
|
gid = toString user.gid;
|
||||||
|
@ -20,9 +24,13 @@ in
|
||||||
reverse_proxy ${ip}:8989
|
reverse_proxy ${ip}:8989
|
||||||
'';
|
'';
|
||||||
|
|
||||||
|
services.caddy.virtualHosts.${domain-anime}.extraConfig = ''
|
||||||
|
reverse_proxy ${ip-anime}:8989
|
||||||
|
'';
|
||||||
|
|
||||||
system.activationScripts."podman-${name}" = ''
|
system.activationScripts."podman-${name}" = ''
|
||||||
mkdir -p ${configVolume} ${mediaVolume}
|
mkdir -p ${configVolume} ${mediaVolume} ${configVolumeAnime}
|
||||||
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
|
chown ${uid}:${gid} ${mediaVolume} ${configVolume} ${configVolumeAnime}
|
||||||
'';
|
'';
|
||||||
|
|
||||||
virtualisation.oci-containers.containers.${name} = {
|
virtualisation.oci-containers.containers.${name} = {
|
||||||
|
@ -46,5 +54,27 @@ in
|
||||||
"io.containers.autoupdate" = "registry";
|
"io.containers.autoupdate" = "registry";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
virtualisation.oci-containers.containers.${name-anime} = {
|
||||||
|
inherit image;
|
||||||
|
hostname = name-anime;
|
||||||
|
autoStart = true;
|
||||||
|
environment = {
|
||||||
|
PUID = uid;
|
||||||
|
PGID = gid;
|
||||||
|
TZ = "Asia/Jakarta";
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"${configVolumeAnime}:/config"
|
||||||
|
"${mediaVolume}:/data"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--ip=${ip-anime}"
|
||||||
|
"--network=podman"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
"io.containers.autoupdate" = "registry";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,6 +3,7 @@ let
|
||||||
cfg = config.profile.services.jellyfin;
|
cfg = config.profile.services.jellyfin;
|
||||||
dataDir = "/nas/mediaserver/jellyfin";
|
dataDir = "/nas/mediaserver/jellyfin";
|
||||||
domain = "jellyfin.tigor.web.id";
|
domain = "jellyfin.tigor.web.id";
|
||||||
|
domain-jellyseerr = "media.tigor.web.id";
|
||||||
inherit (lib) mkIf;
|
inherit (lib) mkIf;
|
||||||
username = config.profile.user.name;
|
username = config.profile.user.name;
|
||||||
in
|
in
|
||||||
|
@ -17,9 +18,18 @@ in
|
||||||
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||||
reverse_proxy 0.0.0.0:8096
|
reverse_proxy 0.0.0.0:8096
|
||||||
'';
|
'';
|
||||||
|
services.caddy.virtualHosts.${domain-jellyseerr} = mkIf cfg.jellyseerr.enable {
|
||||||
|
extraConfig = ''
|
||||||
|
reverse_proxy 0.0.0.0:5055
|
||||||
|
'';
|
||||||
|
};
|
||||||
services.jellyfin = {
|
services.jellyfin = {
|
||||||
enable = true;
|
enable = true;
|
||||||
inherit dataDir;
|
inherit dataDir;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.jellyseerr = mkIf cfg.jellyseerr.enable {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue