diff --git a/hosts/miniserver/docker.nix b/hosts/miniserver/docker.nix index fffe105..8c83f43 100644 --- a/hosts/miniserver/docker.nix +++ b/hosts/miniserver/docker.nix @@ -118,42 +118,6 @@ PASSWORD = "RkawpqMc8lR56QyU7JSfiLhG"; }; }; - flame-nsfw = { - autoStart = true; - image = "pawelmalak/flame"; - ports = [ "5007:5005" ]; - volumes = [ "/var/lib/docker-configs/flame-nsfw:/app/data" ]; - environment = { - TZ = "America/Mexico_City"; - PUID = "1000"; - PGID = "100"; - PASSWORD = "RkawpqMc8lR56QyU7JSfiLhG"; - }; - }; - # lidarr = { - # autoStart = true; - # image = "lscr.io/linuxserver/lidarr:latest"; - # ports = [ "8686:8686" ]; - # environment = { - # TZ = "America/Mexico_City"; - # PUID = "1000"; - # PGID = "100"; - # }; - # volumes = [ - # "/mnt/pool/multimedia:/data" - # "/mnt/pool/multimedia/media/Music:/music" - # "/mnt/pool/multimedia/media/MusicVideos:/music-videos" - # "/var/lib/docker-configs/lidarr/files:/config" - # "/var/lib/docker-configs/lidarr/custom-services.d:/custom-services.d" - # "/var/lib/docker-configs/lidarr/custom-cont-init.d:/custom-cont-init.d" - # ]; - # labels = { - # "flame.type" = "application"; - # "flame.name" = "Lidarr"; - # "flame.url" = "music.servidos.lat"; - # "flame.icon" = "music"; - # }; - # }; mealie = { autoStart = true; image = "ghcr.io/mealie-recipes/mealie:v1.4.0"; @@ -183,6 +147,18 @@ "flame.icon" = "fridge"; }; }; + flame-nsfw = { + autoStart = true; + image = "pawelmalak/flame"; + ports = [ "5007:5005" ]; + volumes = [ "/var/lib/docker-configs/flame-nsfw:/app/data" ]; + environment = { + TZ = "America/Mexico_City"; + PUID = "1000"; + PGID = "100"; + PASSWORD = "RkawpqMc8lR56QyU7JSfiLhG"; + }; + }; }; }; }; diff --git a/hosts/miniserver/nginx.nix b/hosts/miniserver/nginx.nix index 451b0a7..33f97e4 100644 --- a/hosts/miniserver/nginx.nix +++ b/hosts/miniserver/nginx.nix @@ -10,18 +10,13 @@ let shioriPort = 4368; flamePort = 5005; secretFlamePort = 5007; - # lidarrPort = 8686; qbitPort = 9091; - # prowlarrPort = 9696; - # radarrPort = 7878; - # sonarrPort = 8989; mealiePort = 9925; ryotPort = 8765; scrobblePort = 9078; malojaPort = 42010; darkwirePort = 3001; metatubePort = 8881; - # bazarrPort = config.services.bazarr.listenPort; # kavitaPort = config.services.kavita.port; vaultPort = config.services.vaultwarden.config.ROCKET_PORT; audiobookPort = config.services.audiobookshelf.port; @@ -57,13 +52,8 @@ in { # ''; # }; in { - # "movies.${domain}" = proxyArr radarrPort // { }; - # "indexer.${domain}" = proxyArr prowlarrPort // { }; - # "music.${domain}" = proxyArr lidarrPort // { }; # "library.${domain}" = proxy kavitaPort // { }; "start.${domain}" = proxy flamePort // { }; - # "subs.${domain}" = proxy bazarrPort // { }; - # "series.${domain}" = proxy sonarrPort // { }; "vault.${domain}" = proxy vaultPort // { }; "mealie.${domain}" = proxy mealiePort // { }; "tracker.${domain}" = proxy ryotPort // { }; diff --git a/hosts/miniserver/servers.nix b/hosts/miniserver/servers.nix index 723ed5c..641f0a1 100644 --- a/hosts/miniserver/servers.nix +++ b/hosts/miniserver/servers.nix @@ -3,11 +3,7 @@ let localhost = "127.0.0.1"; postgresSocket = "/run/postgresql"; in { - disabledModules = [ "services/web-apps/shiori.nix" ]; - imports = [ ./nginx.nix ../../pkgs/shiori/shiori-service.nix ]; - nixpkgs.config = { - permittedInsecurePackages = [ "nodejs-14.21.3" "openssl-1.1.1v" ]; - }; + imports = [ ./nginx.nix ]; environment.systemPackages = [ # Upgrades postgres (let @@ -41,11 +37,10 @@ in { ]; users.users = let base = { isSystemUser = true; }; in { - # # prowlarr = base // { group = "piracy"; }; - # # kavita = base // { - # # group = "kavita"; - # # extraGroups = [ "piracy" ]; - # # }; + # kavita = base // { + # group = "kavita"; + # extraGroups = [ "piracy" ]; + # }; }; services = let base = { @@ -53,23 +48,12 @@ in { group = "piracy"; }; in { - # sonarr = base // { package = pkgs.sonarr; }; - # radarr = base // { package = pkgs.radarr; }; - # bazarr = base // { }; - # prowlarr.enable = true; # jira.enable = true; # adguardhome = { # enable = true; # mutableSettings = true; # openFirewall = true; # }; - shiori = { - enable = true; - port = 4368; - package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { }; - httpSecretKey = "password"; - databaseUrl = "postgres:///shiori?host=${postgresSocket}"; - }; # audiobookshelf = { # enable = true; # group = "piracy"; diff --git a/modules/servers.nix b/modules/servers.nix index 4473cc6..bd36dc0 100644 --- a/modules/servers.nix +++ b/modules/servers.nix @@ -12,8 +12,7 @@ let }; proxyReverse = port: proxy { - "/".proxyPass = - "http://${config.my.servers.settings.localhost}:${toString port}/"; + "/".proxyPass = "http://${config.my.localhost}:${toString port}/"; }; proxyReverseArr = port: proxy port // { @@ -38,8 +37,20 @@ in { (import ./servers/jellyfin.nix { inherit lib config pkgs serviceBase; }) (import ./servers/nextcloud.nix { inherit lib config pkgs serviceBase; }) (import ./servers/microbin.nix { inherit lib config proxyReverse; }) + (import ./servers/shiori.nix { inherit lib config pkgs proxyReverse; }) + (import ./servers/sonarr.nix { + inherit lib config serviceBase proxyReverse; + }) + (import ./servers/bazarr.nix { + inherit lib config serviceBase proxyReverse; + }) + (import ./servers/radarr.nix { + inherit lib config serviceBase proxyReverseArr; + }) + (import ./servers/prowlarr.nix { inherit lib config proxyReverseArr; }) + (import ./servers/lidarr.nix { inherit lib config proxyReverseArr; }) ]; - options.my.servers.settings = { + options.my = { localhost = lib.mkOption { type = lib.types.str; default = "127.0.0.1"; @@ -69,6 +80,12 @@ in { collabora.enable = lib.mkDefault false; go-vod.enable = lib.mkDefault false; microbin.enable = lib.mkDefault false; + shiori.enable = lib.mkDefault false; + sonarr.enable = lib.mkDefault false; + bazarr.enable = lib.mkDefault false; + radarr.enable = lib.mkDefault false; + lidarr.enable = lib.mkDefault false; + prowlarr.enable = lib.mkDefault false; }; virtualisation.docker = lib.mkIf enableDocker { enable = true; diff --git a/modules/servers/bazarr.nix b/modules/servers/bazarr.nix new file mode 100644 index 0000000..2e542db --- /dev/null +++ b/modules/servers/bazarr.nix @@ -0,0 +1,13 @@ +{ lib, config, serviceBase, proxyReverse, ... }: { + options.my.servers.bazarr.enable = lib.mkEnableOption "enable"; + config = lib.mkIf config.my.servers.bazarr.enable { + services = { + bazarr = serviceBase // { }; + nginx = { + enable = true; + virtualHosts."subs.${config.my.domain}" = + proxyReverse config.services.bazarr.listenPort // { }; + }; + }; + }; +} diff --git a/modules/servers/jellyfin.nix b/modules/servers/jellyfin.nix index 50c9783..06c2022 100644 --- a/modules/servers/jellyfin.nix +++ b/modules/servers/jellyfin.nix @@ -1,6 +1,6 @@ { lib, config, pkgs, serviceBase, ... }: let - localhost = config.my.servers.settings.localhost; + localhost = config.my.localhost; port = 8096; in { options.my.servers.jellyfin = { @@ -20,7 +20,7 @@ in { map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; } map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; } ''; - virtualHosts."flix.${config.my.servers.settings.domain}" = { + virtualHosts."flix.${config.my.domain}" = { forceSSL = true; enableACME = true; http2 = true; diff --git a/modules/servers/lidarr.nix b/modules/servers/lidarr.nix new file mode 100644 index 0000000..47e2998 --- /dev/null +++ b/modules/servers/lidarr.nix @@ -0,0 +1,39 @@ +{ lib, config, proxyReverseArr, ... }: { + options.my.servers.lidarr.enable = lib.mkEnableOption "enable"; + config = lib.mkIf config.my.servers.lidarr.enable { + virtualisation.oci-containers = { + backend = "docker"; + containers.lidarr = { + autoStart = true; + image = "lscr.io/linuxserver/lidarr:latest"; + ports = [ "8686:8686" ]; + environment = { + TZ = "America/Mexico_City"; + PUID = "1000"; + PGID = "100"; + }; + volumes = [ + "/mnt/pool/multimedia:/data" + "/mnt/pool/multimedia/media/Music:/music" + "/mnt/pool/multimedia/media/MusicVideos:/music-videos" + "/var/lib/docker-configs/lidarr/files:/config" + "/var/lib/docker-configs/lidarr/custom-services.d:/custom-services.d" + "/var/lib/docker-configs/lidarr/custom-cont-init.d:/custom-cont-init.d" + ]; + labels = { + "flame.type" = "application"; + "flame.name" = "Lidarr"; + "flame.url" = "music.servidos.lat"; + "flame.icon" = "music"; + }; + }; + }; + services = { + lidarr.enable = true; + nginx = { + enable = true; + virtualHosts."music.${config.my.domain}" = proxyReverseArr 8686 // { }; + }; + }; + }; +} diff --git a/modules/servers/microbin.nix b/modules/servers/microbin.nix index fdf57c5..c71518d 100644 --- a/modules/servers/microbin.nix +++ b/modules/servers/microbin.nix @@ -1,6 +1,4 @@ -{ lib, config, proxyReverse, ... }: -let port = config.services.microbin.settings.MICROBIN_PORT; -in { +{ lib, config, proxyReverse, ... }: { options.my.servers.microbin = { enable = lib.mkEnableOption "enable"; enableCron = lib.mkEnableOption "enable"; @@ -21,8 +19,8 @@ in { }; nginx = { enable = true; - virtualHosts."copy.${config.my.servers.settings.domain}" = - proxyReverse port // { }; + virtualHosts."copy.${config.my.domain}" = + proxyReverse config.services.microbin.settings.MICROBIN_PORT // { }; }; }; }; diff --git a/modules/servers/nextcloud.nix b/modules/servers/nextcloud.nix index c6a8eab..4028ade 100644 --- a/modules/servers/nextcloud.nix +++ b/modules/servers/nextcloud.nix @@ -1,6 +1,6 @@ { lib, config, pkgs, serviceBase, ... }: let - localhost = config.my.servers.settings.localhost; + localhost = config.my.localhost; collaboraPort = 9980; in { options.my.servers = { @@ -13,6 +13,8 @@ in { }; config = lib.mkIf (config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) { + nixpkgs.config.permittedInsecurePackages = + [ "nodejs-14.21.3" "openssl-1.1.1v" ]; environment.systemPackages = with pkgs; [ mediainfo dlib ]; users.users.nextcloud = { isSystemUser = true; @@ -61,7 +63,7 @@ in { adminpassFile = "${pkgs.writeText "adminpass" "Overlying-Hatchback-Charting-Encounter-Deface-Gallantly7"}"; dbtype = "pgsql"; - dbhost = config.my.servers.settings.postgresSocket; + dbhost = config.my.postgresSocket; dbtableprefix = "oc_"; dbname = "nextcloud"; }; @@ -124,7 +126,7 @@ in { { }; }; }; - "collabora.${config.my.servers.settings.domain}" = let + "collabora.${config.my.domain}" = let localUrl = "http://${localhost}:${toString collaboraPort}"; proxySettings = { proxyPass = localUrl; diff --git a/modules/servers/prowlarr.nix b/modules/servers/prowlarr.nix new file mode 100644 index 0000000..420f924 --- /dev/null +++ b/modules/servers/prowlarr.nix @@ -0,0 +1,17 @@ +{ lib, config, proxyReverseArr, ... }: { + options.my.servers.prowlarr.enable = lib.mkEnableOption "enable"; + config = lib.mkIf config.my.servers.prowlarr.enable { + users.users.prowlarr = { + group = "piracy"; + isSystemUser = true; + }; + services = { + prowlarr.enable = true; + nginx = { + enable = true; + virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696 + // { }; + }; + }; + }; +} diff --git a/modules/servers/radarr.nix b/modules/servers/radarr.nix new file mode 100644 index 0000000..3dfb7a7 --- /dev/null +++ b/modules/servers/radarr.nix @@ -0,0 +1,12 @@ +{ lib, config, serviceBase, proxyReverseArr, ... }: { + options.my.servers.radarr.enable = lib.mkEnableOption "enable"; + config = lib.mkIf config.my.servers.radarr.enable { + services = { + radarr = serviceBase // { }; + nginx = { + enable = true; + virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 // { }; + }; + }; + }; +} diff --git a/modules/servers/shiori.nix b/modules/servers/shiori.nix new file mode 100644 index 0000000..7e99c23 --- /dev/null +++ b/modules/servers/shiori.nix @@ -0,0 +1,22 @@ +{ lib, config, pkgs, proxyReverse, ... }: { + disabledModules = [ "services/web-apps/shiori.nix" ]; + imports = [ ../../pkgs/shiori/shiori-service.nix ]; + options.my.servers.shiori.enable = lib.mkEnableOption "enable"; + config = lib.mkIf config.my.servers.shiori.enable { + services = { + shiori = { + enable = true; + port = 4368; + package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { }; + httpSecretKey = "password"; + databaseUrl = + "postgres:///shiori?host=${config.my.postgresSocket}"; + }; + nginx = { + enable = true; + virtualHosts."copy.${config.my.domain}" = + proxyReverse config.my.servers.shiori.port // { }; + }; + }; + }; +} diff --git a/modules/servers/sonarr.nix b/modules/servers/sonarr.nix new file mode 100644 index 0000000..a5479a3 --- /dev/null +++ b/modules/servers/sonarr.nix @@ -0,0 +1,12 @@ +{ lib, config, serviceBase, proxyReverse, ... }: { + options.my.servers.sonarr.enable = lib.mkEnableOption "enable"; + config = lib.mkIf config.my.servers.sonarr.enable { + services = { + sonarr = serviceBase // { }; + nginx = { + enable = true; + virtualHosts."series.${config.my.domain}" = proxyReverse 8989 // { }; + }; + }; + }; +}