jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

more jellyfin + nextcloud tweaking, microbin live

Browse Source
This commit is contained in:
Danilo Reyes 2024-06-14 15:42:41 -06:00
parent 36cb54390f
commit 2eefa0d223
8 changed files with 196 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/miniserver/configuration.nix
View File

@ -26,6 +26,19 @@
find-dup-episodes.enable = true;
update-dns.enable = true;
};
servers = {
jellyfin = {
enable = false;
enableCron = false;
};
nextcloud = {
enable = false;
enableCron = false;
};
collabora.enable = false;
go-vod.enable = false;
microbin.enable = true;
};
};
fonts.fontconfig.enable = true;
networking = {

2
hosts/miniserver/nginx.nix
View File

@ -25,7 +25,6 @@ let
# kavitaPort = config.services.kavita.port;
vaultPort = config.services.vaultwarden.config.ROCKET_PORT;
audiobookPort = config.services.audiobookshelf.port;
microbinPort = config.services.microbin.settings.MICROBIN_PORT;
in {
services.nginx = {
enable = true;
@ -66,7 +65,6 @@ in {
# "subs.${domain}" = proxy bazarrPort // { };
# "series.${domain}" = proxy sonarrPort // { };
"vault.${domain}" = proxy vaultPort // { };
"copy.${domain}" = proxy microbinPort // { };
"mealie.${domain}" = proxy mealiePort // { };
"tracker.${domain}" = proxy ryotPort // { };
"scrobble.${domain}" = proxy scrobblePort // { };

12
hosts/miniserver/servers.nix
View File

@ -63,18 +63,6 @@ in {
# mutableSettings = true;
# openFirewall = true;
# };
microbin = {
enable = true;
settings = {
MICROBIN_HIDE_LOGO = false;
MICROBIN_PORT = 8080;
MICROBIN_HIGHLIGHTSYNTAX = true;
MICROBIN_PRIVATE = true;
MICROBIN_QR = true;
MICROBIN_ENCRYPTION_CLIENT_SIDE = true;
MICROBIN_ENCRYPTION_SERVER_SIDE = true;
};
};
shiori = {
enable = true;
port = 4368;

50
modules/servers.nix
View File

@ -4,6 +4,31 @@ let
enable = true;
group = "piracy";
};
proxy = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
http2 = true;
};
proxyReverse = port:
proxy {
"/".proxyPass =
"http://${config.my.servers.settings.localhost}:${toString port}/";
};
proxyReverseArr = port:
proxy port // {
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_http_version 1.1;
'';
};
enableDocker = lib.any (opt: opt) [
config.my.servers.collabora.enable
config.my.servers.go-vod.enable
@ -12,11 +37,24 @@ in {
imports = [
(import ./servers/jellyfin.nix { inherit lib config pkgs serviceBase; })
(import ./servers/nextcloud.nix { inherit lib config pkgs serviceBase; })
(import ./servers/microbin.nix { inherit lib config proxyReverse; })
];
options.my.servers.settings = {
localhost = "127.0.0.1";
domain = "servidos.lat";
postgresSocket = "/run/postgresql";
localhost = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
description = "The localhost address.";
};
domain = lib.mkOption {
type = lib.types.str;
default = "servidos.lat";
description = "The domain name.";
};
postgresSocket = lib.mkOption {
type = lib.types.str;
default = "/run/postgresql";
description = "The PostgreSQL socket path.";
};
};
config = {
my.servers = {
@ -30,10 +68,9 @@ in {
};
collabora.enable = lib.mkDefault false;
go-vod.enable = lib.mkDefault false;
microbin.enable = lib.mkDefault false;
};
virtualisation = lib.mkIf enableDocker {
oci-containers.backend = "docker";
docker = {
virtualisation.docker = lib.mkIf enableDocker {
enable = true;
enableNvidia = true;
autoPrune = {
@ -43,5 +80,4 @@ in {
};
};
};
};
}

14
modules/servers/docker.nix
View File

@ -1,14 +0,0 @@
{ ... }: {
virtualization = {
oci-containers.backend = "docker";
docker = {
enable = true;
enableNvidia = true;
autoPrune = {
enable = true;
flags = [ "--all" ];
dates = "weekly";
};
};
};
}

4
modules/servers/jellyfin.nix
View File

@ -20,8 +20,7 @@ in {
map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; }
map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; }
'';
virtualHosts = {
"flix.${config.my.servers.settings.domain}" = {
virtualHosts."flix.${config.my.servers.settings.domain}" = {
forceSSL = true;
enableACME = true;
http2 = true;
@ -101,7 +100,6 @@ in {
};
};
};
};
systemd = lib.mkIf config.my.servers.jellyfin.enableCron {
services = {
sub-sync = let

29
modules/servers/microbin.nix Normal file
View File

@ -0,0 +1,29 @@
{ lib, config, proxyReverse, ... }:
let port = config.services.microbin.settings.MICROBIN_PORT;
in {
options.my.servers.microbin = {
enable = lib.mkEnableOption "enable";
enableCron = lib.mkEnableOption "enable";
};
config = lib.mkIf config.my.servers.microbin.enable {
services = {
microbin = {
enable = true;
settings = {
MICROBIN_HIDE_LOGO = false;
MICROBIN_PORT = 8080;
MICROBIN_HIGHLIGHTSYNTAX = true;
MICROBIN_PRIVATE = true;
MICROBIN_QR = true;
MICROBIN_ENCRYPTION_CLIENT_SIDE = true;
MICROBIN_ENCRYPTION_SERVER_SIDE = true;
};
};
nginx = {
enable = true;
virtualHosts."copy.${config.my.servers.settings.domain}" =
proxyReverse port // { };
};
};
};
}

5
modules/servers/nextcloud.nix
View File

@ -156,7 +156,9 @@ in {
};
};
};
virtualisation.oci-containers.containers = {
virtualisation.oci-containers = {
backend = "docker";
containers = {
go-vod = lib.mkIf config.my.servers.go-vod.enable {
autoStart = true;
image = "radialapps/go-vod";
@ -194,6 +196,7 @@ in {
extraOptions = [ "--cap-add" "MKNOD" ];
};
};
};
systemd = lib.mkIf config.my.servers.nextcloud.enableCron {
services = {
nextcloud-cron.path = [ pkgs.perl ];