tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: tigor:dbe6e325656d4ba78c28dc5bc644689ef9f1bd5a
Branches Tags
tigor:main
..
compare: tigor:258e7dcf882d02064975c0a2fe56245f713b901e
Branches Tags
tigor:main

No commits in common. "dbe6e325656d4ba78c28dc5bc644689ef9f1bd5a" and "258e7dcf882d02064975c0a2fe56245f713b901e" have entirely different histories.
dbe6e32565 ... 258e7dcf88

11 changed files with 20 additions and 232 deletions
Show stats Expand all files Collapse all files

8
options/podman.nix
View file

@ -39,14 +39,6 @@ in
type = types.bool; type = types.bool;
default = config.profile.podman.servarr.enable; default = config.profile.podman.servarr.enable;
}; };
recyclarr.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
rdtclient.enable = mkOption {
type = types.bool;
default = config.profile.podman.servarr.enable;
};
}; };
}; };
} }

8
options/services.nix
View file

@ -1,6 +1,6 @@
{ config, lib, ... }: { lib, ... }:
let let
inherit (lib) mkEnableOption mkOption types; inherit (lib) mkEnableOption;
in in
{ {
options.profile.services = { options.profile.services = {
@ -14,10 +14,6 @@ in
openvpn.enable = mkEnableOption "openvpn"; openvpn.enable = mkEnableOption "openvpn";
stubby.enable = mkEnableOption "stubby"; stubby.enable = mkEnableOption "stubby";
jellyfin.enable = mkEnableOption "jellyfin"; jellyfin.enable = mkEnableOption "jellyfin";
jellyfin.jellyseerr.enable = mkOption {
type = types.bool;
default = config.profile.services.jellyfin.enable;
};
rust-motd.enable = mkEnableOption "rust-motd"; rust-motd.enable = mkEnableOption "rust-motd";
wireguard.enable = mkEnableOption "wireguard"; wireguard.enable = mkEnableOption "wireguard";
photoprism.enable = mkEnableOption "photoprism"; photoprism.enable = mkEnableOption "photoprism";

2
profiles/castle.nix
View file

@ -40,7 +40,7 @@ in
DP-2 = [ 8 9 10 ]; DP-2 = [ 8 9 10 ];
}; };
pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ]; pyprland.wallpaper-dirs = [ "/nas/redmage/images/windows" ];
wallust.alpha = 90; wallust.alpha = 80;
swayosd.display = "DP-1"; swayosd.display = "DP-1";
dunst.monitor = "1"; dunst.monitor = "1";
}; };

3
profiles/homeserver.nix
View file

@ -32,9 +32,6 @@
redmage-demo.enable = true; redmage-demo.enable = true;
qbittorrent.enable = true; qbittorrent.enable = true;
servarr.enable = true; servarr.enable = true;
servarr.recyclarr.enable = false;
servarr.real-debrid-manager.enable = false;
servarr.rdtclient.enable = true;
}; };
docker = { docker = {

25
secrets/servarr.yaml
View file

@ -1,25 +0,0 @@
servarr:
api_keys:
sonarr: ENC[AES256_GCM,data:nm0L0hVqehTiwqx5JScyRHdw4P3vqI4GUARzdDR1lxI=,iv:UE2f2tB/a6QRDEVOvJntE+J2bJ0xLLVvS6XvNz5WWLQ=,tag:jsKFuKYmHotslk53rm1poA==,type:str]
sonarr-anime: ENC[AES256_GCM,data:9RqHLCZ+uwv9a4MTCrXdT0SYFmXBswskV1vpXqwVjAM=,iv:OregkJGVXKuS9hIopgPmbYSBfZKot1Z4FmenQvfqZS0=,tag:j0zjTJ6aDRejvmBtIK/dCA==,type:str]
radarr: ENC[AES256_GCM,data:8ZqFXPubFTdUuNC0Neb/GQrBiWCfFBcc+kLEhmr04vY=,iv:IiVw1I9ugCKklqK16kY0R0BCmGzeFwSi1Ra8mSk87zU=,tag:IrFnI2adhitmpZB1T+ntDw==,type:str]
sops:
kms: []
gcp_kms: []
azure_kv: []
hc_vault: []
age:
- recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvcjY3WTZGRUFKWm5BcGR2
dWJ2TVZSY1phcitycnpDbG81UDg2M3dXbVJ3ClhlaG0rc1pNZWt6OXNWbEVaaUZu
S0xHSWlkVzBPdVFXZGJzZXF5RmpiZkEKLS0tIFovUS9kVXRzUlZYU2NyRXZYb1Zj
Sy91VlVMaTlGOW05bWRnMWo5Zm9FdkEK62c/Q2sBqL/m5FwBTglbHYVsN9X+iCvM
qtSsp6dVasPz//eXR7jIvvdwls/Sz64b2Ty8UIUEZCT/kI8E2/j0MQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-06-26T07:20:32Z"
mac: ENC[AES256_GCM,data:1hTsxSMKPQYToJMgDuLBffer8T/Uh8rw5y4uHk72BqpnCmrm2pVVQb2S3Pq+Fw2icw0BdmYmNTolA1651B4NT/6v6Z4mM10gu4BYlpeNWzPxRpVV52cLc+zD2acBvFxSvqOxPL+6lfAFRJHaUi2Wn0RKzt94RKNdgrRmhIYYDW4=,iv:oioh+NI8OMeeTEF0xLte4zkYwv26AlFj1IOYVoFfdAg=,tag:FwKFlcCoAd4d5yStJ4P5Xg==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.8.1

3
system/podman/servarr/default.nix
View file

@ -1,12 +1,11 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./real-debrid-manager.nix # ./real-debrid-manager.nix
./qbittorrent.nix ./qbittorrent.nix
./sonarr.nix ./sonarr.nix
./prowlarr.nix ./prowlarr.nix
./bazarr.nix ./bazarr.nix
./radarr.nix ./radarr.nix
./rdtclient.nix
]; ];
} }

51
system/podman/servarr/rdtclient.nix
View file

@ -1,51 +0,0 @@
{ config, lib, ... }:
let
podman = config.profile.podman;
name = "rdtclient";
cfg = podman.servarr.${name};
ip = "10.88.2.1";
image = "docker.io/rogerfar/rdtclient:latest";
root = "/nas/mediaserver/servarr";
volumeConfig = "${root}/${name}";
mediaVolume = "${root}/data/torrents";
domain = "${name}.tigor.web.id";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && cfg.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy ${ip}:6500
'';
system.activationScripts."podman-${name}" = ''
mkdir -p ${volumeConfig} ${mediaVolume}
chown ${uid}:${gid} ${volumeConfig} ${mediaVolume}
'';
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
# user = "${uid}:${gid}";
environment = {
TZ = "Asia/Jakarta";
PUID = uid;
PGID = gid;
};
volumes = [
"${volumeConfig}:/data/db"
"${mediaVolume}:/data/torrents"
];
extraOptions = [
"--network=podman"
"--ip=${ip}"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

29
system/podman/servarr/real-debrid-manager.nix
View file

@ -1,29 +1,26 @@
{ config, lib, ... }: { config, lib, ... }:
let let
podman = config.profile.podman; podman = config.profile.podman;
cfg = podman.servarr.real-debrid-manager;
name = "real-debrid-manager"; name = "real-debrid-manager";
real-debrid-manager = podman.servarr.${name}; ip = "10.88.2.1";
ip = "10.88.2.99"; image = "docker.io/hyperbunny77/realdebridmanager:latest";
image = "docker.io/hyperbunny77/realdebridmanager:2022.06.27"; volume = "/nas/mediaserver/servarr/real-debrid-manager";
root = "/nas/mediaserver/servarr"; domain = "rdm.tigor.web.id";
configVolume = "${root}/real-debrid-manager";
mediaVolume = "${root}/data/torrents";
watchVolume = "${mediaVolume}/watch";
domain = "${name}.tigor.web.id";
user = config.profile.user; user = config.profile.user;
uid = toString user.uid; uid = toString user.uid;
gid = toString user.gid; gid = toString user.gid;
inherit (lib) mkIf; inherit (lib) mkIf;
in in
{ {
config = mkIf (podman.enable && real-debrid-manager.enable) { config = mkIf (podman.enable && cfg.enable) {
services.caddy.virtualHosts.${domain}.extraConfig = '' services.caddy.${domain}.extraConfig = ''
reverse_proxy ${ip}:5000 reverse_proxy ${ip}:5000
''; '';
system.activationScripts."podman-${name}" = '' system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume} ${mediaVolume} ${watchVolume} mkdir -p ${volume}/{config,downloads,watch}
chown ${uid}:${gid} ${configVolume} ${mediaVolume} ${watchVolume} chown -R ${uid}:${gid} ${volume}/{config,downloads,watch}
''; '';
virtualisation.oci-containers.containers.${name} = { virtualisation.oci-containers.containers.${name} = {
@ -31,14 +28,14 @@ in
hostname = name; hostname = name;
autoStart = true; autoStart = true;
user = "${uid}:${gid}"; user = "${uid}:${gid}";
environment = { enviroment = {
TZ = "Asia/Jakarta"; TZ = "Asia/Jakarta";
rdmport = "5000"; rdmport = "5000";
}; };
volumes = [ volumes = [
"${configVolume}:/config" "${volume}/config:/config"
"${mediaVolume}:/data/torrents" "${volume}/downloads:/downloads"
"${watchVolume}:/watch" "${volume}/watch:/watch"
]; ];
extraOptions = [ extraOptions = [
"--network=podman" "--network=podman"

77
system/podman/servarr/recyclarr.nix
View file

@ -1,77 +0,0 @@
{ config, lib, pkgs, ... }:
let
podman = config.profile.podman;
name = "recyclarr";
recyclarr = podman.servarr.${name};
ip = "10.88.2.100";
image = "ghcr.io/recyclarr/recyclarr:latest";
root = "/nas/mediaserver/servarr";
configVolume = "${root}/${name}";
user = config.profile.user;
uid = toString user.uid;
gid = toString user.gid;
inherit (lib) mkIf;
in
{
config = mkIf (podman.enable && recyclarr.enable) {
system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume}
chown ${uid}:${gid} ${configVolume}
'';
sops.secrets =
let
opts = { sopsFile = ../../../secrets/servarr.yaml; };
in
{
"servarr/api_keys/sonarr" = opts;
"servarr/api_keys/sonarr-anime" = opts;
"servarr/api_keys/radarr" = opts;
};
sops.templates."recyclarr/recylarr.yml" = {
owner = user.name;
path = "${configVolume}/recyclarr.yml";
content = builtins.readFile ((pkgs.formats.yaml { }).generate "recyclarr.yml" {
sonarr = {
tv = {
base_url = "http://sonarr:8989";
api_key = config.sops.placeholders."servarr/api_keys/sonarr";
quality_definition.type = "series";
release_profiles = [
{
trash_ids = [ ];
}
];
};
anime = {
base_url = "http://sonarr-anime:8989";
api_key = config.sops.placeholders."servarr/api_keys/sonarr-anime";
quality_definition.type = "anime";
};
};
});
};
virtualisation.oci-containers.containers.${name} = {
inherit image;
hostname = name;
autoStart = true;
user = "${uid}:${gid}";
environment = {
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolume}:/config"
];
extraOptions = [
"--ip=${ip}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
};
}

36
system/podman/servarr/sonarr.nix
View file

@ -3,16 +3,12 @@ let
podman = config.profile.podman; podman = config.profile.podman;
sonarr = podman.servarr.sonarr; sonarr = podman.servarr.sonarr;
name = "sonarr"; name = "sonarr";
name-anime = "${name}-anime";
ip = "10.88.2.3"; ip = "10.88.2.3";
ip-anime = "10.88.2.33";
image = "lscr.io/linuxserver/sonarr:latest"; image = "lscr.io/linuxserver/sonarr:latest";
root = "/nas/mediaserver/servarr"; root = "/nas/mediaserver/servarr";
configVolume = "${root}/${name}"; configVolume = "${root}/sonarr";
configVolumeAnime = "${root}/${name-anime}";
mediaVolume = "${root}/data"; mediaVolume = "${root}/data";
domain = "${name}.tigor.web.id"; domain = "${name}.tigor.web.id";
domain-anime = "${name-anime}.tigor.web.id";
user = config.profile.user; user = config.profile.user;
uid = toString user.uid; uid = toString user.uid;
gid = toString user.gid; gid = toString user.gid;
@ -24,13 +20,9 @@ in
reverse_proxy ${ip}:8989 reverse_proxy ${ip}:8989
''; '';
services.caddy.virtualHosts.${domain-anime}.extraConfig = ''
reverse_proxy ${ip-anime}:8989
'';
system.activationScripts."podman-${name}" = '' system.activationScripts."podman-${name}" = ''
mkdir -p ${configVolume} ${mediaVolume} ${configVolumeAnime} mkdir -p ${configVolume} ${mediaVolume}
chown ${uid}:${gid} ${mediaVolume} ${configVolume} ${configVolumeAnime} chown ${uid}:${gid} ${mediaVolume} ${configVolume}
''; '';
virtualisation.oci-containers.containers.${name} = { virtualisation.oci-containers.containers.${name} = {
@ -54,27 +46,5 @@ in
"io.containers.autoupdate" = "registry"; "io.containers.autoupdate" = "registry";
}; };
}; };
virtualisation.oci-containers.containers.${name-anime} = {
inherit image;
hostname = name-anime;
autoStart = true;
environment = {
PUID = uid;
PGID = gid;
TZ = "Asia/Jakarta";
};
volumes = [
"${configVolumeAnime}:/config"
"${mediaVolume}:/data"
];
extraOptions = [
"--ip=${ip-anime}"
"--network=podman"
];
labels = {
"io.containers.autoupdate" = "registry";
};
};
}; };
} }

10
system/services/jellyfin.nix
View file

@ -3,7 +3,6 @@ let
cfg = config.profile.services.jellyfin; cfg = config.profile.services.jellyfin;
dataDir = "/nas/mediaserver/jellyfin"; dataDir = "/nas/mediaserver/jellyfin";
domain = "jellyfin.tigor.web.id"; domain = "jellyfin.tigor.web.id";
domain-jellyseerr = "media.tigor.web.id";
inherit (lib) mkIf; inherit (lib) mkIf;
username = config.profile.user.name; username = config.profile.user.name;
in in
@ -18,18 +17,9 @@ in
services.caddy.virtualHosts.${domain}.extraConfig = '' services.caddy.virtualHosts.${domain}.extraConfig = ''
reverse_proxy 0.0.0.0:8096 reverse_proxy 0.0.0.0:8096
''; '';
services.caddy.virtualHosts.${domain-jellyseerr} = mkIf cfg.jellyseerr.enable {
extraConfig = ''
reverse_proxy 0.0.0.0:5055
'';
};
services.jellyfin = { services.jellyfin = {
enable = true; enable = true;
inherit dataDir; inherit dataDir;
}; };
services.jellyseerr = mkIf cfg.jellyseerr.enable {
enable = true;
};
}; };
} }