Compare commits
6 commits
ac74529d91
...
258e7dcf88
Author | SHA1 | Date | |
---|---|---|---|
Tigor Hutasuhut | 258e7dcf88 | ||
Tigor Hutasuhut | 07feb5d83d | ||
Tigor Hutasuhut | b25d36a626 | ||
Tigor Hutasuhut | 7ae5099bc9 | ||
Tigor Hutasuhut | 8aea0d6f44 | ||
Tigor Hutasuhut | 1356d52050 |
|
@ -1,4 +1,7 @@
|
|||
{ lib, ... }:
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
inherit (lib) mkOption mkEnableOption types;
|
||||
in
|
||||
{
|
||||
options.profile.podman = {
|
||||
enable = lib.mkEnableOption "podman";
|
||||
|
@ -9,5 +12,33 @@
|
|||
redmage.enable = lib.mkEnableOption "redmage podman";
|
||||
redmage-demo.enable = lib.mkEnableOption "redmage-demo podman";
|
||||
qbittorrent.enable = lib.mkEnableOption "qbittorrent podman";
|
||||
|
||||
servarr = {
|
||||
enable = mkEnableOption "servarr group";
|
||||
qbittorrent.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = config.profile.podman.servarr.enable;
|
||||
};
|
||||
real-debrid-manager.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = config.profile.podman.servarr.enable;
|
||||
};
|
||||
prowlarr.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = config.profile.podman.servarr.enable;
|
||||
};
|
||||
radarr.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = config.profile.podman.servarr.enable;
|
||||
};
|
||||
sonarr.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = config.profile.podman.servarr.enable;
|
||||
};
|
||||
bazarr.enable = mkOption {
|
||||
type = types.bool;
|
||||
default = config.profile.podman.servarr.enable;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -76,5 +76,12 @@
|
|||
zathura.enable = lib.mkEnableOption "zathura";
|
||||
floorp.enable = lib.mkEnableOption "floorp";
|
||||
};
|
||||
|
||||
programs = {
|
||||
yazi.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -31,6 +31,7 @@
|
|||
redmage.enable = true;
|
||||
redmage-demo.enable = true;
|
||||
qbittorrent.enable = true;
|
||||
servarr.enable = true;
|
||||
};
|
||||
|
||||
docker = {
|
||||
|
|
|
@ -20,5 +20,6 @@
|
|||
./steam.nix
|
||||
./sudo.nix
|
||||
./vial.nix
|
||||
./yazi.nix
|
||||
];
|
||||
}
|
||||
|
|
|
@ -11,6 +11,7 @@ in
|
|||
enable = true;
|
||||
settings = {
|
||||
PasswordAuthentication = false;
|
||||
KbdInteractiveAuthentication = false;
|
||||
UseDns = true;
|
||||
X11Forwarding = false;
|
||||
PermitRootLogin = "no";
|
||||
|
@ -29,8 +30,8 @@ in
|
|||
bantime = "24h"; # Ban IPs for one day on the first ban
|
||||
bantime-increment = {
|
||||
enable = true; # Enable increment of bantime after each violation
|
||||
formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
|
||||
# multipliers = "1 2 4 8 16 32 64";
|
||||
# formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
|
||||
multipliers = "1 2 4 8 16 32 64";
|
||||
maxtime = "168h"; # Do not ban for more than 1 week
|
||||
overalljails = true; # Calculate the bantime based on all the violations
|
||||
};
|
||||
|
|
63
system/modules/yazi.nix
Normal file
63
system/modules/yazi.nix
Normal file
|
@ -0,0 +1,63 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.profile.programs.yazi;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf cfg.enable {
|
||||
programs.yazi = {
|
||||
enable = true;
|
||||
settings = {
|
||||
# https://yazi-rs.github.io/docs/configuration/yazi
|
||||
yazi = {
|
||||
manager = {
|
||||
# 1/8 width for parent, 4/8 width for current, 3/8 width for preview
|
||||
ratio = [ 1 4 3 ];
|
||||
sort_by = "natural";
|
||||
sort_sensitive = false;
|
||||
sort_dir_first = true;
|
||||
linemode = "permissions";
|
||||
show_hidden = true;
|
||||
show_symlink = true;
|
||||
scrolloff = 5;
|
||||
};
|
||||
opener = {
|
||||
edit = [
|
||||
{ run = ''nvim "$@"''; block = true; desc = "Edit in Neovim"; }
|
||||
];
|
||||
play = [
|
||||
{ run = ''mpv "$@"''; orphan = true; desc = "Play in MPV"; }
|
||||
];
|
||||
open = [
|
||||
{ run = ''xdg-open "$@"''; desc = "Open"; }
|
||||
];
|
||||
};
|
||||
open = {
|
||||
rules = [
|
||||
{
|
||||
mime = "text/*";
|
||||
use = "edit";
|
||||
}
|
||||
{
|
||||
mime = "video/*";
|
||||
use = "play";
|
||||
}
|
||||
{
|
||||
mime = "application/json";
|
||||
use = "edit";
|
||||
}
|
||||
# Multiple openers for a single rule
|
||||
{
|
||||
name = "*.html";
|
||||
use = [ "open" "edit" ];
|
||||
}
|
||||
];
|
||||
append_rules = [
|
||||
{ name = "*"; use = "open"; }
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -47,5 +47,6 @@ in
|
|||
./redmage.nix
|
||||
./suwayomi.nix
|
||||
./ytptube.nix
|
||||
./servarr
|
||||
];
|
||||
}
|
||||
|
|
50
system/podman/servarr/bazarr.nix
Normal file
50
system/podman/servarr/bazarr.nix
Normal file
|
@ -0,0 +1,50 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
podman = config.profile.podman;
|
||||
bazarr = podman.servarr.bazarr;
|
||||
name = "bazarr";
|
||||
ip = "10.88.2.6";
|
||||
image = "lscr.io/linuxserver/${name}:latest";
|
||||
root = "/nas/mediaserver/servarr";
|
||||
configVolume = "${root}/${name}";
|
||||
mediaVolume = "${root}/data";
|
||||
domain = "${name}.tigor.web.id";
|
||||
user = config.profile.user;
|
||||
uid = toString user.uid;
|
||||
gid = toString user.gid;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf (podman.enable && bazarr.enable) {
|
||||
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||
reverse_proxy ${ip}:6767
|
||||
'';
|
||||
|
||||
system.activationScripts."podman-${name}" = ''
|
||||
mkdir -p ${configVolume}
|
||||
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.${name} = {
|
||||
inherit image;
|
||||
hostname = name;
|
||||
autoStart = true;
|
||||
environment = {
|
||||
PUID = uid;
|
||||
PGID = gid;
|
||||
TZ = "Asia/Jakarta";
|
||||
};
|
||||
volumes = [
|
||||
"${configVolume}:/config"
|
||||
"${mediaVolume}:/data"
|
||||
];
|
||||
extraOptions = [
|
||||
"--ip=${ip}"
|
||||
"--network=podman"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
11
system/podman/servarr/default.nix
Normal file
11
system/podman/servarr/default.nix
Normal file
|
@ -0,0 +1,11 @@
|
|||
{ ... }:
|
||||
{
|
||||
imports = [
|
||||
# ./real-debrid-manager.nix
|
||||
./qbittorrent.nix
|
||||
./sonarr.nix
|
||||
./prowlarr.nix
|
||||
./bazarr.nix
|
||||
./radarr.nix
|
||||
];
|
||||
}
|
68
system/podman/servarr/prowlarr.nix
Normal file
68
system/podman/servarr/prowlarr.nix
Normal file
|
@ -0,0 +1,68 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
podman = config.profile.podman;
|
||||
prowlarr = podman.servarr.prowlarr;
|
||||
name = "prowlarr";
|
||||
name-flaresolverr = "${name}-flaresolverr";
|
||||
ip = "10.88.2.4";
|
||||
ip-flaresolverr = "10.88.2.5";
|
||||
image = "lscr.io/linuxserver/prowlarr:latest";
|
||||
image-flaresolverr = "ghcr.io/flaresolverr/flaresolverr:latest";
|
||||
root = "/nas/mediaserver/servarr";
|
||||
configVolume = "${root}/prowlarr";
|
||||
domain = "${name}.tigor.web.id";
|
||||
user = config.profile.user;
|
||||
uid = toString user.uid;
|
||||
gid = toString user.gid;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf (podman.enable && prowlarr.enable) {
|
||||
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||
reverse_proxy ${ip}:9696
|
||||
'';
|
||||
|
||||
system.activationScripts."podman-${name}" = ''
|
||||
mkdir -p ${configVolume}
|
||||
chown ${uid}:${gid} ${configVolume}
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.${name-flaresolverr} = {
|
||||
image = image-flaresolverr;
|
||||
hostname = name-flaresolverr;
|
||||
autoStart = true;
|
||||
environment = {
|
||||
TZ = "Asia/Jakarta";
|
||||
};
|
||||
extraOptions = [
|
||||
"--ip=${ip-flaresolverr}"
|
||||
"--network=podman"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
|
||||
virtualisation.oci-containers.containers.${name} = {
|
||||
inherit image;
|
||||
hostname = name;
|
||||
autoStart = true;
|
||||
environment = {
|
||||
PUID = uid;
|
||||
PGID = gid;
|
||||
TZ = "Asia/Jakarta";
|
||||
};
|
||||
volumes = [
|
||||
"${configVolume}:/config"
|
||||
];
|
||||
extraOptions = [
|
||||
"--ip=${ip}"
|
||||
"--network=podman"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
56
system/podman/servarr/qbittorrent.nix
Normal file
56
system/podman/servarr/qbittorrent.nix
Normal file
|
@ -0,0 +1,56 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
podman = config.profile.podman;
|
||||
qbittorrent = podman.servarr.qbittorrent;
|
||||
name = "qbittorrent-servarr";
|
||||
ip = "10.88.2.2";
|
||||
image = "lscr.io/linuxserver/qbittorrent:latest";
|
||||
root = "/nas/mediaserver/servarr";
|
||||
configVolume = "${root}/qbittorrent";
|
||||
mediaVolume = "${root}/data/torrents";
|
||||
domain = "${name}.tigor.web.id";
|
||||
user = config.profile.user;
|
||||
uid = toString user.uid;
|
||||
gid = toString user.gid;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf (podman.enable && qbittorrent.enable) {
|
||||
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||
reverse_proxy ${ip}:8080
|
||||
'';
|
||||
|
||||
system.activationScripts."podman-${name}" = ''
|
||||
mkdir -p ${configVolume} ${mediaVolume}
|
||||
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.${name} = {
|
||||
inherit image;
|
||||
hostname = name;
|
||||
autoStart = true;
|
||||
environment = {
|
||||
PUID = uid;
|
||||
PGID = gid;
|
||||
TZ = "Asia/Jakarta";
|
||||
WEBUI_PORT = "8080";
|
||||
TORRENTING_PORT = "6882";
|
||||
};
|
||||
volumes = [
|
||||
"${configVolume}:/config"
|
||||
"${mediaVolume}:/data/torrents"
|
||||
];
|
||||
ports = [
|
||||
"6882:6882"
|
||||
"6882:6882/udp"
|
||||
];
|
||||
extraOptions = [
|
||||
"--ip=${ip}"
|
||||
"--network=podman"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
50
system/podman/servarr/radarr.nix
Normal file
50
system/podman/servarr/radarr.nix
Normal file
|
@ -0,0 +1,50 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
podman = config.profile.podman;
|
||||
name = "radarr";
|
||||
radarr = podman.servarr.${name};
|
||||
ip = "10.88.2.7";
|
||||
image = "lscr.io/linuxserver/${name}:latest";
|
||||
root = "/nas/mediaserver/servarr";
|
||||
configVolume = "${root}/${name}";
|
||||
mediaVolume = "${root}/data";
|
||||
domain = "${name}.tigor.web.id";
|
||||
user = config.profile.user;
|
||||
uid = toString user.uid;
|
||||
gid = toString user.gid;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf (podman.enable && radarr.enable) {
|
||||
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||
reverse_proxy ${ip}:7878
|
||||
'';
|
||||
|
||||
system.activationScripts."podman-${name}" = ''
|
||||
mkdir -p ${configVolume} ${mediaVolume}
|
||||
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.${name} = {
|
||||
inherit image;
|
||||
hostname = name;
|
||||
autoStart = true;
|
||||
environment = {
|
||||
PUID = uid;
|
||||
PGID = gid;
|
||||
TZ = "Asia/Jakarta";
|
||||
};
|
||||
volumes = [
|
||||
"${configVolume}:/config"
|
||||
"${mediaVolume}:/data"
|
||||
];
|
||||
extraOptions = [
|
||||
"--ip=${ip}"
|
||||
"--network=podman"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
49
system/podman/servarr/real-debrid-manager.nix
Normal file
49
system/podman/servarr/real-debrid-manager.nix
Normal file
|
@ -0,0 +1,49 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
podman = config.profile.podman;
|
||||
cfg = podman.servarr.real-debrid-manager;
|
||||
name = "real-debrid-manager";
|
||||
ip = "10.88.2.1";
|
||||
image = "docker.io/hyperbunny77/realdebridmanager:latest";
|
||||
volume = "/nas/mediaserver/servarr/real-debrid-manager";
|
||||
domain = "rdm.tigor.web.id";
|
||||
user = config.profile.user;
|
||||
uid = toString user.uid;
|
||||
gid = toString user.gid;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf (podman.enable && cfg.enable) {
|
||||
services.caddy.${domain}.extraConfig = ''
|
||||
reverse_proxy ${ip}:5000
|
||||
'';
|
||||
|
||||
system.activationScripts."podman-${name}" = ''
|
||||
mkdir -p ${volume}/{config,downloads,watch}
|
||||
chown -R ${uid}:${gid} ${volume}/{config,downloads,watch}
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.${name} = {
|
||||
inherit image;
|
||||
hostname = name;
|
||||
autoStart = true;
|
||||
user = "${uid}:${gid}";
|
||||
enviroment = {
|
||||
TZ = "Asia/Jakarta";
|
||||
rdmport = "5000";
|
||||
};
|
||||
volumes = [
|
||||
"${volume}/config:/config"
|
||||
"${volume}/downloads:/downloads"
|
||||
"${volume}/watch:/watch"
|
||||
];
|
||||
extraOptions = [
|
||||
"--network=podman"
|
||||
"--ip=${ip}"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
50
system/podman/servarr/sonarr.nix
Normal file
50
system/podman/servarr/sonarr.nix
Normal file
|
@ -0,0 +1,50 @@
|
|||
{ config, lib, ... }:
|
||||
let
|
||||
podman = config.profile.podman;
|
||||
sonarr = podman.servarr.sonarr;
|
||||
name = "sonarr";
|
||||
ip = "10.88.2.3";
|
||||
image = "lscr.io/linuxserver/sonarr:latest";
|
||||
root = "/nas/mediaserver/servarr";
|
||||
configVolume = "${root}/sonarr";
|
||||
mediaVolume = "${root}/data";
|
||||
domain = "${name}.tigor.web.id";
|
||||
user = config.profile.user;
|
||||
uid = toString user.uid;
|
||||
gid = toString user.gid;
|
||||
inherit (lib) mkIf;
|
||||
in
|
||||
{
|
||||
config = mkIf (podman.enable && sonarr.enable) {
|
||||
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
||||
reverse_proxy ${ip}:8989
|
||||
'';
|
||||
|
||||
system.activationScripts."podman-${name}" = ''
|
||||
mkdir -p ${configVolume} ${mediaVolume}
|
||||
chown ${uid}:${gid} ${mediaVolume} ${configVolume}
|
||||
'';
|
||||
|
||||
virtualisation.oci-containers.containers.${name} = {
|
||||
inherit image;
|
||||
hostname = name;
|
||||
autoStart = true;
|
||||
environment = {
|
||||
PUID = uid;
|
||||
PGID = gid;
|
||||
TZ = "Asia/Jakarta";
|
||||
};
|
||||
volumes = [
|
||||
"${configVolume}:/config"
|
||||
"${mediaVolume}:/data"
|
||||
];
|
||||
extraOptions = [
|
||||
"--ip=${ip}"
|
||||
"--network=podman"
|
||||
];
|
||||
labels = {
|
||||
"io.containers.autoupdate" = "registry";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue