nixos: added yazi as global tui file manager

options/podman.nix

@@ -1,4 +1,7 @@
-{ lib, ... }:
+{ config, lib, ... }:
+let
+  inherit (lib) mkOption mkEnableOption types;
+in
 {
   options.profile.podman = {
     enable = lib.mkEnableOption "podman";
@@ -9,5 +12,33 @@
     redmage.enable = lib.mkEnableOption "redmage podman";
     redmage-demo.enable = lib.mkEnableOption "redmage-demo podman";
     qbittorrent.enable = lib.mkEnableOption "qbittorrent podman";
+
+    servarr = {
+      enable = mkEnableOption "servarr group";
+      qbittorrent.enable = mkOption {
+        type = types.bool;
+        default = config.profile.podman.servarr.enable;
+      };
+      real-debrid-manager.enable = mkOption {
+        type = types.bool;
+        default = config.profile.podman.servarr.enable;
+      };
+      prowlarr.enable = mkOption {
+        type = types.bool;
+        default = config.profile.podman.servarr.enable;
+      };
+      radarr.enable = mkOption {
+        type = types.bool;
+        default = config.profile.podman.servarr.enable;
+      };
+      sonarr.enable = mkOption {
+        type = types.bool;
+        default = config.profile.podman.servarr.enable;
+      };
+      bazarr.enable = mkOption {
+        type = types.bool;
+        default = config.profile.podman.servarr.enable;
+      };
+    };
   };
 }

options/programs.nix

@@ -76,5 +76,12 @@
       zathura.enable = lib.mkEnableOption "zathura";
       floorp.enable = lib.mkEnableOption "floorp";
     };
+
+    programs = {
+      yazi.enable = lib.mkOption {
+        type = lib.types.bool;
+        default = true;
+      };
+    };
   };
 }

profiles/homeserver.nix

@@ -31,6 +31,7 @@
       redmage.enable = true;
       redmage-demo.enable = true;
       qbittorrent.enable = true;
+      servarr.enable = true;
     };
 
     docker = {

system/modules/default.nix

@@ -20,5 +20,6 @@
     ./steam.nix
     ./sudo.nix
     ./vial.nix
+    ./yazi.nix
   ];
 }

system/modules/openssh.nix

@@ -11,6 +11,7 @@ in
       enable = true;
       settings = {
         PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
         UseDns = true;
         X11Forwarding = false;
         PermitRootLogin = "no";
@@ -29,8 +30,8 @@ in
       bantime = "24h"; # Ban IPs for one day on the first ban
       bantime-increment = {
         enable = true; # Enable increment of bantime after each violation
-        formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
+        # formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
-        # multipliers = "1 2 4 8 16 32 64";
+        multipliers = "1 2 4 8 16 32 64";
         maxtime = "168h"; # Do not ban for more than 1 week
         overalljails = true; # Calculate the bantime based on all the violations
       };

system/modules/yazi.nix

@@ -0,0 +1,63 @@
+{ config, lib, ... }:
+let
+  cfg = config.profile.programs.yazi;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf cfg.enable {
+    programs.yazi = {
+      enable = true;
+      settings = {
+        # https://yazi-rs.github.io/docs/configuration/yazi
+        yazi = {
+          manager = {
+            # 1/8 width for parent, 4/8 width for current, 3/8 width for preview
+            ratio = [ 1 4 3 ];
+            sort_by = "natural";
+            sort_sensitive = false;
+            sort_dir_first = true;
+            linemode = "permissions";
+            show_hidden = true;
+            show_symlink = true;
+            scrolloff = 5;
+          };
+          opener = {
+            edit = [
+              { run = ''nvim "$@"''; block = true; desc = "Edit in Neovim"; }
+            ];
+            play = [
+              { run = ''mpv "$@"''; orphan = true; desc = "Play in MPV"; }
+            ];
+            open = [
+              { run = ''xdg-open "$@"''; desc = "Open"; }
+            ];
+          };
+          open = {
+            rules = [
+              {
+                mime = "text/*";
+                use = "edit";
+              }
+              {
+                mime = "video/*";
+                use = "play";
+              }
+              {
+                mime = "application/json";
+                use = "edit";
+              }
+              # Multiple openers for a single rule
+              {
+                name = "*.html";
+                use = [ "open" "edit" ];
+              }
+            ];
+            append_rules = [
+              { name = "*"; use = "open"; }
+            ];
+          };
+        };
+      };
+    };
+  };
+}

system/podman/default.nix

@@ -47,5 +47,6 @@ in
     ./redmage.nix
     ./suwayomi.nix
     ./ytptube.nix
+    ./servarr
   ];
 }

system/podman/servarr/bazarr.nix

@@ -0,0 +1,50 @@
+{ config, lib, ... }:
+let
+  podman = config.profile.podman;
+  bazarr = podman.servarr.bazarr;
+  name = "bazarr";
+  ip = "10.88.2.6";
+  image = "lscr.io/linuxserver/${name}:latest";
+  root = "/nas/mediaserver/servarr";
+  configVolume = "${root}/${name}";
+  mediaVolume = "${root}/data";
+  domain = "${name}.tigor.web.id";
+  user = config.profile.user;
+  uid = toString user.uid;
+  gid = toString user.gid;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf (podman.enable && bazarr.enable) {
+    services.caddy.virtualHosts.${domain}.extraConfig = ''
+      reverse_proxy ${ip}:6767
+    '';
+
+    system.activationScripts."podman-${name}" = ''
+      mkdir -p ${configVolume}
+      chown ${uid}:${gid} ${mediaVolume} ${configVolume}
+    '';
+
+    virtualisation.oci-containers.containers.${name} = {
+      inherit image;
+      hostname = name;
+      autoStart = true;
+      environment = {
+        PUID = uid;
+        PGID = gid;
+        TZ = "Asia/Jakarta";
+      };
+      volumes = [
+        "${configVolume}:/config"
+        "${mediaVolume}:/data"
+      ];
+      extraOptions = [
+        "--ip=${ip}"
+        "--network=podman"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+  };
+}

system/podman/servarr/default.nix

@@ -0,0 +1,11 @@
+{ ... }:
+{
+  imports = [
+    # ./real-debrid-manager.nix
+    ./qbittorrent.nix
+    ./sonarr.nix
+    ./prowlarr.nix
+    ./bazarr.nix
+    ./radarr.nix
+  ];
+}

system/podman/servarr/prowlarr.nix

@@ -0,0 +1,68 @@
+{ config, lib, ... }:
+let
+  podman = config.profile.podman;
+  prowlarr = podman.servarr.prowlarr;
+  name = "prowlarr";
+  name-flaresolverr = "${name}-flaresolverr";
+  ip = "10.88.2.4";
+  ip-flaresolverr = "10.88.2.5";
+  image = "lscr.io/linuxserver/prowlarr:latest";
+  image-flaresolverr = "ghcr.io/flaresolverr/flaresolverr:latest";
+  root = "/nas/mediaserver/servarr";
+  configVolume = "${root}/prowlarr";
+  domain = "${name}.tigor.web.id";
+  user = config.profile.user;
+  uid = toString user.uid;
+  gid = toString user.gid;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf (podman.enable && prowlarr.enable) {
+    services.caddy.virtualHosts.${domain}.extraConfig = ''
+      reverse_proxy ${ip}:9696
+    '';
+
+    system.activationScripts."podman-${name}" = ''
+      mkdir -p ${configVolume}
+      chown ${uid}:${gid} ${configVolume}
+    '';
+
+    virtualisation.oci-containers.containers.${name-flaresolverr} = {
+      image = image-flaresolverr;
+      hostname = name-flaresolverr;
+      autoStart = true;
+      environment = {
+        TZ = "Asia/Jakarta";
+      };
+      extraOptions = [
+        "--ip=${ip-flaresolverr}"
+        "--network=podman"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+
+    virtualisation.oci-containers.containers.${name} = {
+      inherit image;
+      hostname = name;
+      autoStart = true;
+      environment = {
+        PUID = uid;
+        PGID = gid;
+        TZ = "Asia/Jakarta";
+      };
+      volumes = [
+        "${configVolume}:/config"
+      ];
+      extraOptions = [
+        "--ip=${ip}"
+        "--network=podman"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+  };
+}
+

system/podman/servarr/qbittorrent.nix

@@ -0,0 +1,56 @@
+{ config, lib, ... }:
+let
+  podman = config.profile.podman;
+  qbittorrent = podman.servarr.qbittorrent;
+  name = "qbittorrent-servarr";
+  ip = "10.88.2.2";
+  image = "lscr.io/linuxserver/qbittorrent:latest";
+  root = "/nas/mediaserver/servarr";
+  configVolume = "${root}/qbittorrent";
+  mediaVolume = "${root}/data/torrents";
+  domain = "${name}.tigor.web.id";
+  user = config.profile.user;
+  uid = toString user.uid;
+  gid = toString user.gid;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf (podman.enable && qbittorrent.enable) {
+    services.caddy.virtualHosts.${domain}.extraConfig = ''
+      reverse_proxy ${ip}:8080
+    '';
+
+    system.activationScripts."podman-${name}" = ''
+      mkdir -p ${configVolume} ${mediaVolume}
+      chown ${uid}:${gid} ${mediaVolume} ${configVolume}
+    '';
+
+    virtualisation.oci-containers.containers.${name} = {
+      inherit image;
+      hostname = name;
+      autoStart = true;
+      environment = {
+        PUID = uid;
+        PGID = gid;
+        TZ = "Asia/Jakarta";
+        WEBUI_PORT = "8080";
+        TORRENTING_PORT = "6882";
+      };
+      volumes = [
+        "${configVolume}:/config"
+        "${mediaVolume}:/data/torrents"
+      ];
+      ports = [
+        "6882:6882"
+        "6882:6882/udp"
+      ];
+      extraOptions = [
+        "--ip=${ip}"
+        "--network=podman"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+  };
+}

system/podman/servarr/radarr.nix

@@ -0,0 +1,50 @@
+{ config, lib, ... }:
+let
+  podman = config.profile.podman;
+  name = "radarr";
+  radarr = podman.servarr.${name};
+  ip = "10.88.2.7";
+  image = "lscr.io/linuxserver/${name}:latest";
+  root = "/nas/mediaserver/servarr";
+  configVolume = "${root}/${name}";
+  mediaVolume = "${root}/data";
+  domain = "${name}.tigor.web.id";
+  user = config.profile.user;
+  uid = toString user.uid;
+  gid = toString user.gid;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf (podman.enable && radarr.enable) {
+    services.caddy.virtualHosts.${domain}.extraConfig = ''
+      reverse_proxy ${ip}:7878
+    '';
+
+    system.activationScripts."podman-${name}" = ''
+      mkdir -p ${configVolume} ${mediaVolume}
+      chown ${uid}:${gid} ${mediaVolume} ${configVolume}
+    '';
+
+    virtualisation.oci-containers.containers.${name} = {
+      inherit image;
+      hostname = name;
+      autoStart = true;
+      environment = {
+        PUID = uid;
+        PGID = gid;
+        TZ = "Asia/Jakarta";
+      };
+      volumes = [
+        "${configVolume}:/config"
+        "${mediaVolume}:/data"
+      ];
+      extraOptions = [
+        "--ip=${ip}"
+        "--network=podman"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+  };
+}

system/podman/servarr/real-debrid-manager.nix

@@ -0,0 +1,49 @@
+{ config, lib, ... }:
+let
+  podman = config.profile.podman;
+  cfg = podman.servarr.real-debrid-manager;
+  name = "real-debrid-manager";
+  ip = "10.88.2.1";
+  image = "docker.io/hyperbunny77/realdebridmanager:latest";
+  volume = "/nas/mediaserver/servarr/real-debrid-manager";
+  domain = "rdm.tigor.web.id";
+  user = config.profile.user;
+  uid = toString user.uid;
+  gid = toString user.gid;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf (podman.enable && cfg.enable) {
+    services.caddy.${domain}.extraConfig = ''
+      reverse_proxy ${ip}:5000
+    '';
+
+    system.activationScripts."podman-${name}" = ''
+      mkdir -p ${volume}/{config,downloads,watch}
+      chown -R ${uid}:${gid} ${volume}/{config,downloads,watch}
+    '';
+
+    virtualisation.oci-containers.containers.${name} = {
+      inherit image;
+      hostname = name;
+      autoStart = true;
+      user = "${uid}:${gid}";
+      enviroment = {
+        TZ = "Asia/Jakarta";
+        rdmport = "5000";
+      };
+      volumes = [
+        "${volume}/config:/config"
+        "${volume}/downloads:/downloads"
+        "${volume}/watch:/watch"
+      ];
+      extraOptions = [
+        "--network=podman"
+        "--ip=${ip}"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+  };
+}

system/podman/servarr/sonarr.nix

@@ -0,0 +1,50 @@
+{ config, lib, ... }:
+let
+  podman = config.profile.podman;
+  sonarr = podman.servarr.sonarr;
+  name = "sonarr";
+  ip = "10.88.2.3";
+  image = "lscr.io/linuxserver/sonarr:latest";
+  root = "/nas/mediaserver/servarr";
+  configVolume = "${root}/sonarr";
+  mediaVolume = "${root}/data";
+  domain = "${name}.tigor.web.id";
+  user = config.profile.user;
+  uid = toString user.uid;
+  gid = toString user.gid;
+  inherit (lib) mkIf;
+in
+{
+  config = mkIf (podman.enable && sonarr.enable) {
+    services.caddy.virtualHosts.${domain}.extraConfig = ''
+      reverse_proxy ${ip}:8989
+    '';
+
+    system.activationScripts."podman-${name}" = ''
+      mkdir -p ${configVolume} ${mediaVolume}
+      chown ${uid}:${gid} ${mediaVolume} ${configVolume}
+    '';
+
+    virtualisation.oci-containers.containers.${name} = {
+      inherit image;
+      hostname = name;
+      autoStart = true;
+      environment = {
+        PUID = uid;
+        PGID = gid;
+        TZ = "Asia/Jakarta";
+      };
+      volumes = [
+        "${configVolume}:/config"
+        "${mediaVolume}:/data"
+      ];
+      extraOptions = [
+        "--ip=${ip}"
+        "--network=podman"
+      ];
+      labels = {
+        "io.containers.autoupdate" = "registry";
+      };
+    };
+  };
+}