tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tigor:258e7dcf882d02064975c0a2fe56245f713b901e
Branches Tags
tigor:main
..
compare: tigor:ac74529d9183252fc27220f175c029e16a534f52
Branches Tags
tigor:main

No commits in common. "258e7dcf882d02064975c0a2fe56245f713b901e" and "ac74529d9183252fc27220f175c029e16a534f52" have entirely different histories.
258e7dcf88 ... ac74529d91

14 changed files with 3 additions and 442 deletions
Show stats Expand all files Collapse all files

33
options/podman.nix
View file

@ -1,7 +1,4 @@
{ config, lib, ... }: { lib, ... }:
let
inherit (lib) mkOption mkEnableOption types;
in
{ {
options.profile.podman = { options.profile.podman = {
enable = lib.mkEnableOption "podman"; enable = lib.mkEnableOption "podman";
@ -12,33 +9,5 @@ in
redmage.enable = lib.mkEnableOption "redmage podman"; redmage.enable = lib.mkEnableOption "redmage podman";
redmage-demo.enable = lib.mkEnableOption "redmage-demo podman"; redmage-demo.enable = lib.mkEnableOption "redmage-demo podman";
qbittorrent.enable = lib.mkEnableOption "qbittorrent podman"; qbittorrent.enable = lib.mkEnableOption "qbittorrent podman";
servarr = {
enable = mkEnableOption "servarr group";
qbittorrent.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
real-debrid-manager.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
prowlarr.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
radarr.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
sonarr.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
bazarr.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
};
}; };
} }

7
options/programs.nix
View file

@ -76,12 +76,5 @@
zathura.enable = lib.mkEnableOption "zathura"; zathura.enable = lib.mkEnableOption "zathura";
floorp.enable = lib.mkEnableOption "floorp"; floorp.enable = lib.mkEnableOption "floorp";
}; };
programs = {
yazi.enable = lib.mkOption {
type = lib.types.bool;
default = true;
};
};
}; };
} }

1
profiles/homeserver.nix
View file

@ -31,7 +31,6 @@
redmage.enable = true; redmage.enable = true;
redmage-demo.enable = true; redmage-demo.enable = true;
qbittorrent.enable = true; qbittorrent.enable = true;
servarr.enable = true;
}; };
docker = { docker = {

1
system/modules/default.nix
View file

@ -20,6 +20,5 @@
./steam.nix ./steam.nix
./sudo.nix ./sudo.nix
./vial.nix ./vial.nix
./yazi.nix
]; ];
} }

5
system/modules/openssh.nix
View file

@ -11,7 +11,6 @@ in
enable = true; enable = true;
settings = { settings = {
PasswordAuthentication = false; PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
UseDns = true; UseDns = true;
X11Forwarding = false; X11Forwarding = false;
PermitRootLogin = "no"; PermitRootLogin = "no";
@ -30,8 +29,8 @@ in
bantime = "24h"; # Ban IPs for one day on the first ban bantime = "24h"; # Ban IPs for one day on the first ban
bantime-increment = { bantime-increment = {
enable = true; # Enable increment of bantime after each violation enable = true; # Enable increment of bantime after each violation
# formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)"; formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
multipliers = "1 2 4 8 16 32 64"; # multipliers = "1 2 4 8 16 32 64";
maxtime = "168h"; # Do not ban for more than 1 week maxtime = "168h"; # Do not ban for more than 1 week
overalljails = true; # Calculate the bantime based on all the violations overalljails = true; # Calculate the bantime based on all the violations
}; };

63
system/modules/yazi.nix
View file

@ -1,63 +0,0 @@
{ config, lib, ... }:
let
cfg = config.profile.programs.yazi;
inherit (lib) mkIf;
in
{
config = mkIf cfg.enable {
programs.yazi = {
enable = true;
settings = {
# https://yazi-rs.github.io/docs/configuration/yazi
yazi = {
manager = {
# 1/8 width for parent, 4/8 width for current, 3/8 width for preview
ratio = [ 1 4 3 ];
sort_by = "natural";
sort_sensitive = false;
sort_dir_first = true;
linemode = "permissions";
show_hidden = true;
show_symlink = true;
scrolloff = 5;
};
opener = {
edit = [
{ run = ''nvim "$@"''; block = true; desc = "Edit in Neovim"; }
];
play = [
{ run = ''mpv "$@"''; orphan = true; desc = "Play in MPV"; }
];
open = [
{ run = ''xdg-open "$@"''; desc = "Open"; }
];
};
open = {
rules = [
{
mime = "text/*";
use = "edit";
}
{
mime = "video/*";
use = "play";
}
{
mime = "application/json";
use = "edit";
}
# Multiple openers for a single rule
{
name = "*.html";
use = [ "open" "edit" ];
}
];
append_rules = [
{ name = "*"; use = "open"; }
];
};
};
};
};
};
}

1
system/podman/default.nix
View file

@ -47,6 +47,5 @@ in
./redmage.nix ./redmage.nix
./suwayomi.nix ./suwayomi.nix
./ytptube.nix ./ytptube.nix
./servarr
]; ];
} }

50
system/podman/servarr/bazarr.nix
View file

@ -1,50 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
bazarr = podman.servarr.bazarr;
name = "bazarr";
ip = "10.88.2.6";
image = "lscr.io/linuxserver/${name}:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/${name}";
mediaVolume = "${root}/data";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && bazarr.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:6767
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume}
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolume}:/config"
"${mediaVolume}:/data"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

11
system/podman/servarr/default.nix
View file

@ -1,11 +0,0 @@
{ ... }:
{
imports = [
# ./real-debrid-manager.nix
./qbittorrent.nix
./sonarr.nix
./prowlarr.nix
./bazarr.nix
./radarr.nix
];
}

68
system/podman/servarr/prowlarr.nix
View file

@ -1,68 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
prowlarr = podman.servarr.prowlarr;
name = "prowlarr";
name-flaresolverr = "${name}-flaresolverr";
ip = "10.88.2.4";
ip-flaresolverr = "10.88.2.5";
image = "lscr.io/linuxserver/prowlarr:latest";
image-flaresolverr = "ghcr.io/flaresolverr/flaresolverr:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/prowlarr";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && prowlarr.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:9696
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume}
chown ${uid}:${gid} ${configVolume}
'';
virtualisation.oci-containers.containers.${name-flaresolverr} = {
image = image-flaresolverr;
hostname = name-flaresolverr;
autoStart = true;
environment = {
TZ = "Asia/Jakarta";
};
extraOptions = [
"--ip=${ip-flaresolverr}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolume}:/config"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

56
system/podman/servarr/qbittorrent.nix
View file

@ -1,56 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
qbittorrent = podman.servarr.qbittorrent;
name = "qbittorrent-servarr";
ip = "10.88.2.2";
image = "lscr.io/linuxserver/qbittorrent:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/qbittorrent";
mediaVolume = "${root}/data/torrents";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && qbittorrent.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:8080
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume} ${mediaVolume}
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
WEBUI_PORT = "8080";
TORRENTING_PORT = "6882";
};
volumes = [
"${configVolume}:/config"
"${mediaVolume}:/data/torrents"
];
ports = [
"6882:6882"
"6882:6882/udp"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

50
system/podman/servarr/radarr.nix
View file

@ -1,50 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
name = "radarr";
radarr = podman.servarr.${name};
ip = "10.88.2.7";
image = "lscr.io/linuxserver/${name}:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/${name}";
mediaVolume = "${root}/data";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && radarr.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:7878
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume} ${mediaVolume}
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolume}:/config"
"${mediaVolume}:/data"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

49
system/podman/servarr/real-debrid-manager.nix
View file

@ -1,49 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
cfg = podman.servarr.real-debrid-manager;
name = "real-debrid-manager";
ip = "10.88.2.1";
image = "docker.io/hyperbunny77/realdebridmanager:latest";
volume = "/nas/mediaserver/servarr/real-debrid-manager";
domain = "rdm.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && cfg.enable) {
services.caddy.${domain}.extraConfig = ''
reverse_proxy ${ip}:5000
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${volume}/{config,downloads,watch}
chown -R ${uid}:${gid} ${volume}/{config,downloads,watch}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
user = "${uid}:${gid}";
enviroment = {
TZ = "Asia/Jakarta";
rdmport = "5000";
};
volumes = [
"${volume}/config:/config"
"${volume}/downloads:/downloads"
"${volume}/watch:/watch"
];
extraOptions = [
"--network=podman"
"--ip=${ip}"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

50
system/podman/servarr/sonarr.nix
View file

@ -1,50 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
sonarr = podman.servarr.sonarr;
name = "sonarr";
ip = "10.88.2.3";
image = "lscr.io/linuxserver/sonarr:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/sonarr";
mediaVolume = "${root}/data";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && sonarr.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:8989
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume} ${mediaVolume}
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolume}:/config"
"${mediaVolume}:/data"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}