jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

applied nixfmt (new version)

Browse Source
This commit is contained in:
Danilo Reyes
2024-09-22 14:45:24 -06:00
parent dd00fb4854
commit b514828594
89 changed files with 2091 additions and 1339 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
modules/apps.nix
View File

@@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./apps/art.nix
./apps/dictionaries.nix

46
modules/apps/art.nix
View File

@@ -1,25 +1,35 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my = {
apps.art.enable = lib.mkEnableOption "enable";
dev.gameDev.enable = lib.mkEnableOption "enable";
};
config = lib.mkIf config.my.apps.art.enable {
users.users.jawz.packages = (with pkgs; [
gimp # the coolest bestest art program to never exist
krita # art to your heart desire!
mypaint # not the best art program
mypaint-brushes # but it's got some
mypaint-brushes1 # nice damn brushes
# pureref # create inspiration/reference boards
blender # cgi animation and sculpting
# drawpile # arty party with friends!!
]) ++ (if config.my.dev.gameDev.enable then
with pkgs;
[
godot_4 # game development
# gdtoolkit # gdscript language server
]
else
[ ]);
users.users.jawz.packages =
(with pkgs; [
gimp # the coolest bestest art program to never exist
krita # art to your heart desire!
mypaint # not the best art program
mypaint-brushes # but it's got some
mypaint-brushes1 # nice damn brushes
# pureref # create inspiration/reference boards
blender # cgi animation and sculpting
# drawpile # arty party with friends!!
])
++ (
if config.my.dev.gameDev.enable then
with pkgs;
[
godot_4 # game development
# gdtoolkit # gdscript language server
]
else
[ ]
);
};
}

8
modules/apps/dictionaries.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.dictionaries.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.dictionaries.enable {
users.users.jawz.packages = with pkgs; [

8
modules/apps/fonts.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.fonts.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.fonts.enable {
users.users.jawz.packages = with pkgs; [

63
modules/apps/gaming.nix
View File

@@ -1,4 +1,11 @@
{ config, lib, pkgs, inputs, ... }: {
{
config,
lib,
pkgs,
inputs,
...
}:
{
imports = [ inputs.nix-gaming.nixosModules.platformOptimizations ];
options.my.apps.gaming.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.gaming.enable {
@@ -12,32 +19,34 @@
platformOptimizations.enable = true;
};
};
users.users.jawz.packages = let
polymc = pkgs.callPackage ../../pkgs/polymc/default.nix { };
citra-nightly =
pkgs.callPackage ../../pkgs/citra/default.nix { branch = "nightly"; };
in (with pkgs; [
shipwright # zelda OoT port
mangohud # fps & stats overlay
lutris # games launcher & emulator hub
cartridges # games launcher
gamemode # optimizes linux to have better gaming performance
heroic # install epic games
protonup-qt # update proton-ge
# minecraft # minecraft official launcher
ns-usbloader # load games into my switch
grapejuice # roblox manager
users.users.jawz.packages =
let
polymc = pkgs.callPackage ../../pkgs/polymc/default.nix { };
citra-nightly = pkgs.callPackage ../../pkgs/citra/default.nix { branch = "nightly"; };
in
(with pkgs; [
shipwright # zelda OoT port
mangohud # fps & stats overlay
lutris # games launcher & emulator hub
cartridges # games launcher
gamemode # optimizes linux to have better gaming performance
heroic # install epic games
protonup-qt # update proton-ge
# minecraft # minecraft official launcher
ns-usbloader # load games into my switch
grapejuice # roblox manager
# emulators
rpcs3 # ps3 emulator
pcsx2 # ps2 emulator
cemu # wii u emulator
dolphin-emu # wii emulator
snes9x-gtk # snes emulator
ryujinx # switch emulator
]) ++ [
citra-nightly # 3Ds emulator
polymc # minecraft launcher with mod support
];
# emulators
rpcs3 # ps3 emulator
pcsx2 # ps2 emulator
cemu # wii u emulator
dolphin-emu # wii emulator
snes9x-gtk # snes emulator
ryujinx # switch emulator
])
++ [
citra-nightly # 3Ds emulator
polymc # minecraft launcher with mod support
];
};
}

23
modules/apps/internet.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.internet.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.internet.enable {
programs = {
@@ -6,13 +12,19 @@
firefox = {
enable = true;
package = pkgs.librewolf; # fuck u firefox
languagePacks = [ "en-CA" "es-MX" "it" ];
languagePacks = [
"en-CA"
"es-MX"
"it"
];
};
};
services.psd.enable = true;
users.users.jawz.packages =
let vdhcoapp = pkgs.callPackage ../../pkgs/vdhcoapp/default.nix { };
in (with pkgs; [
let
vdhcoapp = pkgs.callPackage ../../pkgs/vdhcoapp/default.nix { };
in
(with pkgs; [
warp # transfer files with based ppl
brave # crypto-browser that at least somewhat integrates with gtk
nextcloud-client # self-hosted google-drive alternative
@@ -26,7 +38,8 @@
discord # :3
teamspeak5_client # ppl say they will use this...?
# hugo # website engine
]) ++ [
])
++ [
vdhcoapp # video download helper assistant
];
};

8
modules/apps/misc.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.misc.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.misc.enable {
users.users.jawz.packages = with pkgs; [

8
modules/apps/multimedia.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.multimedia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.multimedia.enable {
users.users.jawz.packages = with pkgs; [

8
modules/apps/office.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.office.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.office.enable {
environment.variables.CALIBRE_USE_SYSTEM_THEME = "1";

3
modules/dev.nix
View File

@@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./dev/sh.nix
./dev/nix.nix

8
modules/dev/docker.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.docker.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.docker.enable {
environment.variables.DOCKER_CONFIG = "\${XDG_CONFIG_HOME}/docker";

8
modules/dev/haskell.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.haskell.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.haskell.enable {
users.users.jawz.packages = with pkgs; [

21
modules/dev/javascript.nix
View File

@@ -1,16 +1,27 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.javascript.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.javascript.enable {
home-manager.users.jawz.xdg.configFile = {
"npm/npmrc".source = ../../dotfiles/npm/npmrc;
"configstore/update-notifier-npm-check.json".source =
../../dotfiles/npm/update-notifier-npm-check.json;
"configstore/update-notifier-npm-check.json".source = ../../dotfiles/npm/update-notifier-npm-check.json;
};
users.users.jawz.packages = with pkgs; [ nodejs nodePackages.pnpm ];
users.users.jawz.packages = with pkgs; [
nodejs
nodePackages.pnpm
];
environment.variables = {
NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc";
PNPM_HOME = "\${XDG_DATA_HOME}/pnpm";
PATH = [ "\${XDG_DATA_HOME}/npm/bin" "\${XDG_DATA_HOME}/pnpm" ];
PATH = [
"\${XDG_DATA_HOME}/npm/bin"
"\${XDG_DATA_HOME}/pnpm"
];
};
};
}

8
modules/dev/nix.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.nix.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.nix.enable {
users.users.jawz.packages = with pkgs; [

18
modules/dev/python.nix
View File

@@ -1,14 +1,19 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.python.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.python.enable {
home-manager.users.jawz.xdg.configFile."python/pythonrc".source =
../../dotfiles/pythonrc;
home-manager.users.jawz.xdg.configFile."python/pythonrc".source = ../../dotfiles/pythonrc;
environment.variables.PYTHONSTARTUP = "\${XDG_CONFIG_HOME}/python/pythonrc";
users.users.jawz.packages = with pkgs; [
pipenv # python development workflow for humans
nodePackages.pyright # LSP
(python3.withPackages (ps:
with ps; [
(python3.withPackages (
ps: with ps; [
black # Python code formatter
editorconfig # follow rules of contributin
flake8 # wraper for pyflakes, pycodestyle and mccabe
@@ -19,7 +24,8 @@
# nose # testing and running python scripts
# poetry # dependency management made easy
# pytest # framework for writing tests
]))
]
))
];
};
}

8
modules/dev/sh.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.sh.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.sh.enable {
users.users.jawz.packages = with pkgs; [

56
modules/emacs.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.emacs.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.emacs.enable {
home-manager.users.jawz = {
@@ -18,33 +24,35 @@
};
};
};
users.users.jawz.packages = (with pkgs; [
fd # modern find, faster searches
fzf # fuzzy finder! super cool and useful
ripgrep # modern grep
tree-sitter # code parsing based on symbols and shit, I do not get it
graphviz # graphs
tetex # export pdf
languagetool # proofreader for English
users.users.jawz.packages =
(with pkgs; [
fd # modern find, faster searches
fzf # fuzzy finder! super cool and useful
ripgrep # modern grep
tree-sitter # code parsing based on symbols and shit, I do not get it
graphviz # graphs
tetex # export pdf
languagetool # proofreader for English
# doom everywhere
xorg.xwininfo
xdotool
xclip
# doom everywhere
xorg.xwininfo
xdotool
xclip
# lsps
yaml-language-server
markdownlint-cli
]) ++ (with pkgs.nodePackages; [
vscode-json-languageserver
# linters
prettier
]);
# lsps
yaml-language-server
markdownlint-cli
])
++ (with pkgs.nodePackages; [
vscode-json-languageserver
# linters
prettier
]);
services.emacs = {
enable = true;
package = with pkgs;
((emacsPackagesFor emacs-gtk).emacsWithPackages
(epkgs: with epkgs; [ vterm ]));
package =
with pkgs;
((emacsPackagesFor emacs-gtk).emacsWithPackages (epkgs: with epkgs; [ vterm ]));
defaultEditor = true;
};
environment.variables.PATH = [ "\${XDG_CONFIG_HOME}/emacs/bin" ];

3
modules/scripts.nix
View File

@@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./scripts/download.nix
./scripts/ffmpeg4discord.nix

117
modules/scripts/base.nix
View File

@@ -1,59 +1,80 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.scripts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule {
options = {
enable = lib.mkEnableOption "Whether to enable this script";
install = lib.mkEnableOption "Whether to install the script package";
service = lib.mkEnableOption "Whether to enable the script service";
name = lib.mkOption {
type = lib.types.str;
description = "Name of the script.";
type = lib.types.attrsOf (
lib.types.submodule {
options = {
enable = lib.mkEnableOption "Whether to enable this script";
install = lib.mkEnableOption "Whether to install the script package";
service = lib.mkEnableOption "Whether to enable the script service";
name = lib.mkOption {
type = lib.types.str;
description = "Name of the script.";
};
timer = lib.mkOption {
type = lib.types.str;
default = "*:0";
description = "Systemd timer schedule.";
};
description = lib.mkOption {
type = lib.types.str;
description = "Description of the service.";
};
package = lib.mkOption {
type = lib.types.package;
description = "Package containing the executable script.";
};
};
timer = lib.mkOption {
type = lib.types.str;
default = "*:0";
description = "Systemd timer schedule.";
};
description = lib.mkOption {
type = lib.types.str;
description = "Description of the service.";
};
package = lib.mkOption {
type = lib.types.package;
description = "Package containing the executable script.";
};
};
});
}
);
default = { };
description = "Configuration for multiple scripts.";
};
config = lib.mkIf (lib.any (s: s.enable) (lib.attrValues config.my.scripts)) {
users.users.jawz.packages = lib.flatten (lib.mapAttrsToList (_name: script:
lib.optional (script.enable && script.install) script.package)
config.my.scripts);
users.users.jawz.packages = lib.flatten (
lib.mapAttrsToList (
_name: script: lib.optional (script.enable && script.install) script.package
) config.my.scripts
);
systemd.user.services = lib.mapAttrs' (name: script:
lib.nameValuePair "${script.name}"
(lib.mkIf (script.enable && script.service) {
restartIfChanged = true;
inherit (script) description;
wantedBy = [ "default.target" ];
path = [ pkgs.nix script.package ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${script.package}/bin/${script.name}";
};
})) config.my.scripts;
systemd.user.services = lib.mapAttrs' (
name: script:
lib.nameValuePair "${script.name}" (
lib.mkIf (script.enable && script.service) {
restartIfChanged = true;
inherit (script) description;
wantedBy = [ "default.target" ];
path = [
pkgs.nix
script.package
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${script.package}/bin/${script.name}";
};
}
)
) config.my.scripts;
systemd.user.timers = lib.mapAttrs' (name: script:
lib.nameValuePair "${script.name}"
(lib.mkIf (script.enable && script.service) {
enable = true;
inherit (script) description;
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = script.timer; };
})) config.my.scripts;
systemd.user.timers = lib.mapAttrs' (
name: script:
lib.nameValuePair "${script.name}" (
lib.mkIf (script.enable && script.service) {
enable = true;
inherit (script) description;
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = script.timer;
};
}
)
) config.my.scripts;
};
}

183
modules/scripts/download.nix
View File

@@ -1,90 +1,113 @@
{ pkgs, lib, config, ... }: {
{
pkgs,
lib,
config,
...
}:
{
imports = [ ./base.nix ];
options.my.units.download.enable = lib.mkEnableOption "enable";
config = let
download = with pkgs;
python3Packages.buildPythonApplication {
pname = "download";
version = "2.5";
src = ../../scripts/download/.;
build-system = with python3Packages; [ setuptools ];
dependencies = with python3Packages; [ pyyaml types-pyyaml yt-dlp ];
propagatedBuildInputs = [ gallery-dl ffmpeg ];
};
in {
home-manager.users.jawz = {
xdg.configFile."gallery-dl/config.json".source =
../../dotfiles/gallery-dl/config.json;
services.lorri.enable = true;
programs.bash = {
shellAliases = {
dl = "download -u jawz -i";
comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
config =
let
download =
with pkgs;
python3Packages.buildPythonApplication {
pname = "download";
version = "2.5";
src = ../../scripts/download/.;
build-system = with python3Packages; [ setuptools ];
dependencies = with python3Packages; [
pyyaml
types-pyyaml
yt-dlp
];
propagatedBuildInputs = [
gallery-dl
ffmpeg
];
};
initExtra = ''
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
'';
};
};
systemd.user = lib.mkIf config.my.units.download.enable {
services = let
mkDownloadService = desc: execStartCmd: {
restartIfChanged = true;
description = "Downloads ${desc}";
wantedBy = [ "default.target" ];
path = [ pkgs.bash download ];
serviceConfig = {
TimeoutStartSec = 2000;
TimeoutStopSec = 2000;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${download}/bin/download ${execStartCmd}";
in
{
home-manager.users.jawz = {
xdg.configFile."gallery-dl/config.json".source = ../../dotfiles/gallery-dl/config.json;
services.lorri.enable = true;
programs.bash = {
shellAliases = {
dl = "download -u jawz -i";
comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
};
initExtra = ''
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
'';
};
in {
tuhmayto = mkDownloadService "tuhmayto stuff" ''
-u jawz -i https://x.com/tuhmayto/media \
https://www.furaffinity.net/user/tuhmayto/'';
"download@" = mkDownloadService "post from multiple sources" "%I";
"instagram@" = mkDownloadService "post types from instagram"
"instagram -u jawz -t %I";
};
timers = let
downloadTimer = time: delay: {
enable = true;
description = "Downloads post types from different sites";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = time;
RandomizedDelaySec = delay;
Persistent = true;
systemd.user = lib.mkIf config.my.units.download.enable {
services =
let
mkDownloadService = desc: execStartCmd: {
restartIfChanged = true;
description = "Downloads ${desc}";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
download
];
serviceConfig = {
TimeoutStartSec = 2000;
TimeoutStopSec = 2000;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${download}/bin/download ${execStartCmd}";
};
};
in
{
tuhmayto = mkDownloadService "tuhmayto stuff" ''
-u jawz -i https://x.com/tuhmayto/media \
https://www.furaffinity.net/user/tuhmayto/'';
"download@" = mkDownloadService "post from multiple sources" "%I";
"instagram@" = mkDownloadService "post types from instagram" "instagram -u jawz -t %I";
};
};
in {
"instagram@stories" = downloadTimer "*-*-* 08:12:00" 120 // { };
"download@main" = downloadTimer "*-*-* 06,18:02:00" 30 // { };
"download@push" = downloadTimer "*:0/5" 30 // { };
"download@manga" = downloadTimer "Fri *-*-* 03:08:00" 30 // { };
# "download@kemono" = downloadTimer
# "*-*-1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31 18:06:00" 60 // { };
tuhmayto = {
enable = true;
description = "Downloads tuhmayto stuff";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
};
timers =
let
downloadTimer = time: delay: {
enable = true;
description = "Downloads post types from different sites";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = time;
RandomizedDelaySec = delay;
Persistent = true;
};
};
in
{
"instagram@stories" = downloadTimer "*-*-* 08:12:00" 120 // { };
"download@main" = downloadTimer "*-*-* 06,18:02:00" 30 // { };
"download@push" = downloadTimer "*:0/5" 30 // { };
"download@manga" = downloadTimer "Fri *-*-* 03:08:00" 30 // { };
# "download@kemono" = downloadTimer
# "*-*-1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31 18:06:00" 60 // { };
tuhmayto = {
enable = true;
description = "Downloads tuhmayto stuff";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
my.scripts.download = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "download";
package = download;
};
};
my.scripts.download = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "download";
package = download;
};
};
}

6
modules/scripts/ffmpeg4discord.nix
View File

@@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.ffmpeg4discord = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "ffmpeg4discord";
package = pkgs.writeScriptBin "ffmpeg4discord"
(builtins.readFile ../../scripts/ffmpeg4discord.py);
package = pkgs.writeScriptBin "ffmpeg4discord" (builtins.readFile ../../scripts/ffmpeg4discord.py);
};
}

6
modules/scripts/ffmpreg.nix
View File

@@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.ffmpreg = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "ffmpreg";
package = pkgs.writeScriptBin "ffmpreg"
(builtins.readFile ../../scripts/ffmpreg.sh);
package = pkgs.writeScriptBin "ffmpreg" (builtins.readFile ../../scripts/ffmpreg.sh);
};
}

8
modules/scripts/find-dup-episode.nix
View File

@@ -1,11 +1,13 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.find-dup-episodes = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "find-dup-episodes";
package = pkgs.writeScriptBin "find-dup-episodes"
(builtins.readFile ../../scripts/find-dup-episodes.sh);
package = pkgs.writeScriptBin "find-dup-episodes" (
builtins.readFile ../../scripts/find-dup-episodes.sh
);
};
}

6
modules/scripts/manage-library.nix
View File

@@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.manage-library = {
enable = lib.mkDefault false;
@@ -7,7 +8,6 @@
name = "manage-library";
timer = "00:30";
description = "scans the library directory and sorts files";
package = pkgs.writeScriptBin "manage-library"
(builtins.readFile ../../scripts/manage-library.sh);
package = pkgs.writeScriptBin "manage-library" (builtins.readFile ../../scripts/manage-library.sh);
};
}

6
modules/scripts/pika-list.nix
View File

@@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.pika-list = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "pika-list";
package = pkgs.writeScriptBin "pika-list"
(builtins.readFile ../../scripts/pika-list.sh);
package = pkgs.writeScriptBin "pika-list" (builtins.readFile ../../scripts/pika-list.sh);
};
}

6
modules/scripts/run.nix
View File

@@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.run = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "run";
package =
pkgs.writeScriptBin "run" (builtins.readFile ../../scripts/run.sh);
package = pkgs.writeScriptBin "run" (builtins.readFile ../../scripts/run.sh);
};
}

6
modules/scripts/split-dir.nix
View File

@@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.split-dir = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "split-dir";
package = pkgs.writeScriptBin "split-dir"
(builtins.readFile ../../scripts/split-dir.sh);
package = pkgs.writeScriptBin "split-dir" (builtins.readFile ../../scripts/split-dir.sh);
};
}

90
modules/scripts/stream-dl.nix
View File

@@ -1,47 +1,59 @@
{ pkgs, lib, config, ... }: {
{
pkgs,
lib,
config,
...
}:
{
imports = [ ./base.nix ];
options.my.units.stream-dl.enable = lib.mkEnableOption "enable";
config = let
stream-dl = pkgs.writeScriptBin "stream-dl"
(builtins.readFile ../../scripts/stream-dl.sh);
in {
systemd.user = lib.mkIf config.my.units.stream-dl.enable {
services."stream@" = {
description = "monitors a stream channel for online streams.";
restartIfChanged = true;
wantedBy = [ "default.target" ];
path = [ pkgs.nix stream-dl ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${stream-dl}/bin/stream-dl %I";
};
};
timers = let
streamTimer = {
enable = true;
config =
let
stream-dl = pkgs.writeScriptBin "stream-dl" (builtins.readFile ../../scripts/stream-dl.sh);
in
{
systemd.user = lib.mkIf config.my.units.stream-dl.enable {
services."stream@" = {
description = "monitors a stream channel for online streams.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5min";
OnUnitActiveSec = "65min";
RandomizedDelaySec = 30;
restartIfChanged = true;
wantedBy = [ "default.target" ];
path = [
pkgs.nix
stream-dl
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${stream-dl}/bin/stream-dl %I";
};
};
in {
"stream@johnneal911" = streamTimer // { };
"stream@uk2011boy" = streamTimer // { };
"stream@tommy9x6" = streamTimer // { };
"stream@brocollirob" = streamTimer // { };
"stream@tomayto\\x20picarto" = streamTimer // { };
timers =
let
streamTimer = {
enable = true;
description = "monitors a stream channel for online streams.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5min";
OnUnitActiveSec = "65min";
RandomizedDelaySec = 30;
};
};
in
{
"stream@johnneal911" = streamTimer // { };
"stream@uk2011boy" = streamTimer // { };
"stream@tommy9x6" = streamTimer // { };
"stream@brocollirob" = streamTimer // { };
"stream@tomayto\\x20picarto" = streamTimer // { };
};
};
my.scripts.stream-dl = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "stream-dl";
package = stream-dl;
};
};
my.scripts.stream-dl = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "stream-dl";
package = stream-dl;
};
};
}

6
modules/scripts/tasks.nix
View File

@@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.tasks = {
enable = lib.mkDefault false;
@@ -7,7 +8,6 @@
name = "tasks";
timer = "*:0/10";
description = "Runs a bunch of organizing tasks on selected directories";
package =
pkgs.writeScriptBin "tasks" (builtins.readFile ../../scripts/tasks.sh);
package = pkgs.writeScriptBin "tasks" (builtins.readFile ../../scripts/tasks.sh);
};
}

31
modules/scripts/update-dns.nix
View File

@@ -1,4 +1,10 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}:
{
imports = [ ./base.nix ];
config = {
sops.secrets = {
@@ -25,17 +31,18 @@
name = "update-dns";
timer = "*:0/30";
description = "Updates the IP of all my domains";
package = let
update-dns = pkgs.writeScriptBin "update-dns"
(builtins.readFile ../../scripts/update-dns.sh);
in pkgs.writeScriptBin "update-dns" ''
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p bash curl
set -a
source ${config.sops.secrets.dns.path}
set -a
${update-dns}/bin/update-dns
'';
package =
let
update-dns = pkgs.writeScriptBin "update-dns" (builtins.readFile ../../scripts/update-dns.sh);
in
pkgs.writeScriptBin "update-dns" ''
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p bash curl
set -a
source ${config.sops.secrets.dns.path}
set -a
${update-dns}/bin/update-dns
'';
};
};
}

120
modules/servers.nix
View File

@@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
setup = import ./servers/base.nix { inherit lib config; };
proxy = locations: {
@@ -7,12 +12,11 @@ let
enableACME = true;
http2 = true;
};
proxyReverse = port:
proxy {
"/".proxyPass = "http://${config.my.localhost}:${toString port}/";
};
proxyReverseArr = port:
proxyReverse port // {
proxyReverse = port: proxy { "/".proxyPass = "http://${config.my.localhost}:${toString port}/"; };
proxyReverseArr =
port:
proxyReverse port
// {
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -35,17 +39,46 @@ let
config.my.servers.metube.enable
config.my.servers.go-vod.enable
];
in {
in
{
imports = [
./servers/adguardhome.nix
./servers/paperless.nix
./servers/postgres.nix
(import ./servers/audiobookshelf.nix { inherit lib config proxy setup; })
(import ./servers/audiobookshelf.nix {
inherit
lib
config
proxy
setup
;
})
(import ./servers/bazarr.nix { inherit lib config proxyReverse; })
(import ./servers/flame.nix { inherit lib config proxyReverse; })
(import ./servers/homepage.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/jellyfin.nix { inherit lib config pkgs setup; })
(import ./servers/kavita.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/homepage.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/jellyfin.nix {
inherit
lib
config
pkgs
setup
;
})
(import ./servers/kavita.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/lidarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/maloja.nix { inherit lib config proxyReverse; })
(import ./servers/mealie.nix { inherit lib config proxyReverse; })
@@ -54,14 +87,49 @@ in {
(import ./servers/multi-scrobbler.nix { inherit lib config proxyReverse; })
(import ./servers/nextcloud.nix { inherit lib config pkgs; })
(import ./servers/prowlarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/qbittorrent.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/sabnzbd.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/qbittorrent.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/sabnzbd.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/radarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/ryot.nix { inherit lib config proxyReverse; })
(import ./servers/shiori.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/shiori.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/sonarr.nix { inherit lib config proxyReverse; })
(import ./servers/vaultwarden.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/firefly-iii.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/vaultwarden.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/firefly-iii.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
];
options.my = {
localhost = lib.mkOption {
@@ -173,11 +241,17 @@ in {
clientMaxBodySize = "4096m";
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
};
networking.firewall = let ports = [ 80 443 ];
in {
enable = true;
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
networking.firewall =
let
ports = [
80
443
];
in
{
enable = true;
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
};
}

3
modules/servers/adguardhome.nix
View File

@@ -1,4 +1,5 @@
{ lib, config, ... }: {
{ lib, config, ... }:
{
options.my.servers.adguardhome.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.adguardhome.enable {
services.adguardhome = {

17
modules/servers/audiobookshelf.nix
View File

@@ -1,8 +1,15 @@
{ lib, config, proxy, setup, ... }:
let cfg = config.my.servers.audiobookshelf;
in {
options.my.servers.audiobookshelf =
setup.mkOptions "audiobookshelf" "audiobooks" 5687;
{
lib,
config,
proxy,
setup,
...
}:
let
cfg = config.my.servers.audiobookshelf;
in
{
options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687;
config = lib.mkIf config.my.servers.audiobookshelf.enable {
services = {
audiobookshelf = {

5
modules/servers/base.nix
View File

@@ -24,4 +24,7 @@ let
default = "http://${config.my.localhost}:${toString port}";
};
};
in { inherit mkOptions; }
in
{
inherit mkOptions;
}

8
modules/servers/bazarr.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.bazarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.bazarr.enable {
services = {

40
modules/servers/firefly-iii.nix
View File

@@ -1,26 +1,26 @@
{ lib, config, ... }: {
{ lib, config, ... }:
{
options.my.servers.firefly-iii.enable = lib.mkEnableOption "enable";
config = lib.mkIf (config.my.servers.firefly-iii.enable
&& config.my.servers.postgres.enable) {
sops.secrets.firefly-iii-keyfile = {
owner = config.users.users.firefly-iii.name;
inherit (config.users.users.firefly-iii) group;
config = lib.mkIf (config.my.servers.firefly-iii.enable && config.my.servers.postgres.enable) {
sops.secrets.firefly-iii-keyfile = {
owner = config.users.users.firefly-iii.name;
inherit (config.users.users.firefly-iii) group;
};
services = {
nginx.virtualHosts."${config.services.firefly-iii.virtualHost}" = {
forceSSL = true;
enableACME = true;
};
services = {
nginx.virtualHosts."${config.services.firefly-iii.virtualHost}" = {
forceSSL = true;
enableACME = true;
};
firefly-iii = {
enable = true;
virtualHost = "money.servidos.lat";
enableNginx = true;
settings = {
APP_KEY_FILE = config.sops.secrets.firefly-iii-keyfile.path;
DB_HOST = config.my.postgresSocket;
DB_CONNECTION = "pgsql";
};
firefly-iii = {
enable = true;
virtualHost = "money.servidos.lat";
enableNginx = true;
settings = {
APP_KEY_FILE = config.sops.secrets.firefly-iii-keyfile.path;
DB_HOST = config.my.postgresSocket;
DB_CONNECTION = "pgsql";
};
};
};
};
}

13
modules/servers/flame.nix
View File

@@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 5005;
portSecret = 5007;
in {
in
{
options.my.servers = {
flame.enable = lib.mkEnableOption "enable";
flameSecret.enable = lib.mkEnableOption "enable";
@@ -40,8 +46,7 @@ in {
};
services.nginx = {
virtualHosts."start.${config.my.domain}" = proxyReverse port // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" =
proxyReverse portSecret // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" = proxyReverse portSecret // { };
};
};
}

19
modules/servers/homepage.nix
View File

@@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 8082;
services = import ./homepage/services.nix { inherit config lib; };
in {
in
{
options.my.servers.homepage.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.homepage.enable {
sops.secrets.homepage.sopsFile = ../../secrets/env.yaml;
@@ -22,8 +28,7 @@ in {
columns = 4;
};
};
background =
"https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80";
background = "https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80";
};
widgets = [
{
@@ -37,7 +42,11 @@ in {
}
{
search = {
provider = [ "brave" "bing" "google" ];
provider = [
"brave"
"bing"
"google"
];
target = "_blank";
showSearchSuggestions = true;
};

293
modules/servers/homepage/services.nix
View File

@@ -1,4 +1,5 @@
{ config, lib, ... }: {
{ config, lib, ... }:
{
audiobookshelf = lib.mkIf config.my.servers.audiobookshelf.enable {
icon = "${config.my.servers.audiobookshelf.name}.png";
href = config.my.servers.audiobookshelf.url;
@@ -8,149 +9,171 @@
key = "{{HOMEPAGE_VAR_AUDIOBOOKSHELF}}";
};
};
jellyfin = let
name = "jellyfin";
url = "https://flix.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = true;
enableNowPlaying = false;
jellyfin =
let
name = "jellyfin";
url = "https://flix.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = true;
enableNowPlaying = false;
};
};
};
"now playing" = let
name = "jellyfin";
url = "https://flix.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = false;
enableNowPlaying = true;
showEpisodeNumber = true;
expandOneStreamToTwoRows = true;
"now playing" =
let
name = "jellyfin";
url = "https://flix.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = false;
enableNowPlaying = true;
showEpisodeNumber = true;
expandOneStreamToTwoRows = true;
};
};
};
sonarr = let
name = "sonarr";
url = "https://series.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SONARR}}";
enableQueue = true;
sonarr =
let
name = "sonarr";
url = "https://series.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SONARR}}";
enableQueue = true;
};
};
};
radarr = let
name = "radarr";
url = "https://movies.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_RADARR}}";
enableQueue = true;
radarr =
let
name = "radarr";
url = "https://movies.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_RADARR}}";
enableQueue = true;
};
};
};
lidarr = let
name = "lidarr";
url = "https://music.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_LIDARR}}";
lidarr =
let
name = "lidarr";
url = "https://music.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_LIDARR}}";
};
};
};
prowlarr = let
name = "prowlarr";
url = "https://indexer.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_PROWLARR}}";
prowlarr =
let
name = "prowlarr";
url = "https://indexer.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_PROWLARR}}";
};
};
};
bazarr = let
name = "bazarr";
url = "https://subs.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_BAZARR}}";
bazarr =
let
name = "bazarr";
url = "https://subs.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_BAZARR}}";
};
};
};
kavita = let
name = "kavita";
url = "https://library.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
username = "{{HOMEPAGE_VAR_KAVITA_USERNAME}}";
password = "{{HOMEPAGE_VAR_KAVITA_PASSWORD}}";
kavita =
let
name = "kavita";
url = "https://library.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
username = "{{HOMEPAGE_VAR_KAVITA_USERNAME}}";
password = "{{HOMEPAGE_VAR_KAVITA_PASSWORD}}";
};
};
};
"qbittorrent server" = let
name = "qbittorrent";
url = "https://vnfx2cojmt7dwzcfmi73.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.69:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
"qbittorrent server" =
let
name = "qbittorrent";
url = "https://vnfx2cojmt7dwzcfmi73.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.69:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
};
};
};
"qbittorrent miniserver" = let
name = "qbittorrent";
url = "https://xfwmrle6h6skqujbeizw.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.100:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
"qbittorrent miniserver" =
let
name = "qbittorrent";
url = "https://xfwmrle6h6skqujbeizw.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.100:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
};
};
};
sabnzbd = let
name = "sabnzbd";
url = "https://HSoeJdGRd2Orj0n31UGI.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SABNZBD}}";
sabnzbd =
let
name = "sabnzbd";
url = "https://HSoeJdGRd2Orj0n31UGI.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SABNZBD}}";
};
};
};
}

23
modules/servers/jellyfin.nix
View File

@@ -1,8 +1,13 @@
{ lib, config, pkgs, setup, ... }:
{
lib,
config,
pkgs,
setup,
...
}:
let
cfg = config.my.servers.jellyfin;
sub-sync = pkgs.writeScriptBin "sub-sync"
(builtins.readFile ../../scripts/sub-sync.sh);
sub-sync = pkgs.writeScriptBin "sub-sync" (builtins.readFile ../../scripts/sub-sync.sh);
sub-sync-path = [
pkgs.nix
pkgs.bash
@@ -14,11 +19,13 @@ let
pkgs.gum
sub-sync
];
in {
in
{
options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096;
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.jellyfin-ffmpeg ]
++ (if cfg.enableCron then sub-sync-path else [ ]);
environment.systemPackages = [
pkgs.jellyfin-ffmpeg
] ++ (if cfg.enableCron then sub-sync-path else [ ]);
services = {
jellyfin = {
enable = true;
@@ -131,7 +138,9 @@ in {
enable = true;
description = "syncronizes subtitles downloaded & modified today";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "20:00"; };
timerConfig = {
OnCalendar = "20:00";
};
};
};
};

11
modules/servers/kavita.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.kavita.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.kavita.enable {
sops.secrets.kavita-token = {
@@ -15,8 +21,7 @@
enable = true;
tokenKeyFile = config.sops.secrets.kavita-token.path;
};
nginx.virtualHosts."library.${config.my.domain}" =
proxyReverse config.services.kavita.port // { };
nginx.virtualHosts."library.${config.my.domain}" = proxyReverse config.services.kavita.port // { };
};
};
}

10
modules/servers/lidarr.nix
View File

@@ -1,8 +1,14 @@
{ lib, config, proxyReverseArr, ... }:
{
lib,
config,
proxyReverseArr,
...
}:
let
port = 8686;
url = "music.${config.my.domain}";
in {
in
{
options.my.servers.lidarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.lidarr.enable {
virtualisation.oci-containers.containers.lidarr = {

10
modules/servers/maloja.nix
View File

@@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 42010;
url = "maloja.${config.my.domain}";
in {
in
{
options.my.servers.maloja.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.maloja.enable {
sops.secrets.maloja.sopsFile = ../../secrets/env.yaml;

10
modules/servers/mealie.nix
View File

@@ -1,9 +1,15 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 9925;
domain = "mealie.${config.my.domain}";
url = "https://${domain}";
in {
in
{
options.my.servers.mealie.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.mealie.enable {
sops.secrets.mealie.sopsFile = ../../secrets/env.yaml;

16
modules/servers/metube.nix
View File

@@ -1,6 +1,13 @@
{ lib, config, proxyReverse, ... }:
let port = 8881;
in {
{
lib,
config,
proxyReverse,
...
}:
let
port = 8881;
in
{
options.my.servers.metube.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.metube.enable {
virtualisation.oci-containers.containers.metube = {
@@ -15,7 +22,6 @@ in {
YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}'';
};
};
services.nginx.virtualHosts."bajameesta.${config.my.domain}" =
proxyReverse port // { };
services.nginx.virtualHosts."bajameesta.${config.my.domain}" = proxyReverse port // { };
};
}

8
modules/servers/microbin.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.microbin = {
enable = lib.mkEnableOption "enable";
enableCron = lib.mkEnableOption "enable";

13
modules/servers/multi-scrobbler.nix
View File

@@ -1,9 +1,15 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 9078;
domain = "scrobble.${config.my.domain}";
url = "https://${domain}";
in {
in
{
options.my.servers.multi-scrobbler.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.multi-scrobbler.enable {
sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml;
@@ -16,8 +22,7 @@ in {
PUID = "1000";
PGID = "100";
BASE_URL = url;
DEEZER_REDIRECT_URI =
"http://${config.my.miniserver-ip}:${toString port}/deezer/callback";
DEEZER_REDIRECT_URI = "http://${config.my.miniserver-ip}:${toString port}/deezer/callback";
MALOJA_URL = "http://maloja:42010";
WS_ENABLE = "true";
};

416
modules/servers/nextcloud.nix
View File

@@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
inherit (config.my) localhost;
collaboraPort = 9980;
@@ -13,7 +18,8 @@ let
proxy_set_header Host $host;
proxy_read_timeout 36000s;
'';
in {
in
{
options.my.servers = {
nextcloud = {
enable = lib.mkEnableOption "enable";
@@ -22,224 +28,236 @@ in {
collabora.enable = lib.mkEnableOption "enable";
go-vod.enable = lib.mkEnableOption "enable";
};
config = lib.mkIf
(config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) {
sops.secrets = {
smtp-password = { };
nextcloud-adminpass = {
owner = config.users.users.nextcloud.name;
inherit (config.users.users.nextcloud) group;
};
config = lib.mkIf (config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) {
sops.secrets = {
smtp-password = { };
nextcloud-adminpass = {
owner = config.users.users.nextcloud.name;
inherit (config.users.users.nextcloud) group;
};
nixpkgs.config.permittedInsecurePackages =
[ "nodejs-14.21.3" "openssl-1.1.1v" ];
users.users.nextcloud = {
isSystemUser = true;
extraGroups = [ "render" ];
packages = with pkgs; [
mediainfo
nodejs
perl
(python3.withPackages (ps: with ps; [ tensorflow ]))
(perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool";
version = "12.70";
src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4=";
};
})
];
};
nixpkgs.config.permittedInsecurePackages = [
"nodejs-14.21.3"
"openssl-1.1.1v"
];
users.users.nextcloud = {
isSystemUser = true;
extraGroups = [ "render" ];
packages = with pkgs; [
mediainfo
nodejs
perl
(python3.withPackages (ps: with ps; [ tensorflow ]))
(perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool";
version = "12.70";
src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4=";
};
})
];
};
programs.msmtp = {
enable = true;
accounts.default = {
auth = true;
host = "smtp.gmail.com";
port = 587;
tls = true;
from = config.my.smtpemail;
user = config.my.smtpemail;
passwordeval = "cat ${config.sops.secrets.smtp-password.path}";
};
programs.msmtp = {
};
services = {
nextcloud = {
enable = true;
accounts.default = {
auth = true;
host = "smtp.gmail.com";
port = 587;
tls = true;
from = config.my.smtpemail;
user = config.my.smtpemail;
passwordeval = "cat ${config.sops.secrets.smtp-password.path}";
https = true;
package = pkgs.nextcloud29;
appstoreEnable = true;
configureRedis = true;
extraAppsEnable = true;
enableImagemagick = true;
maxUploadSize = "16G";
hostName = url;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar;
};
};
services = {
nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud29;
appstoreEnable = true;
configureRedis = true;
extraAppsEnable = true;
enableImagemagick = true;
maxUploadSize = "16G";
hostName = url;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar;
};
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "pgsql";
dbhost = config.my.postgresSocket;
dbtableprefix = "oc_";
dbname = "nextcloud";
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "256M";
"opcache.max_accelerated_files" = "10000";
"opcache.huge_code_pages" = "1";
"opcache.enable_file_override" = "1";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "60";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
preview_max_x = 512;
preview_max_y = 512;
short_open_tag = "Off";
};
settings = {
log_type = "file";
log_level = 3;
trusted_proxies = [ "192.168.1.100" ];
trusted_domains = [ "cloud.rotehaare.art" "danilo-reyes.com" ];
forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ];
overwrite_protocol = "https";
default_phone_region = "MX";
allow_local_remote_servers = true;
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"memories.exiftool" =
"/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
];
};
# phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ];
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "pgsql";
dbhost = config.my.postgresSocket;
dbtableprefix = "oc_";
dbname = "nextcloud";
};
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
};
"collabora.${config.my.domain}" =
lib.mkIf config.my.servers.collabora.enable {
forceSSL = true;
enableACME = true;
http2 = true;
locations = {
# static files
"^~ /loleaflet" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
};
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "256M";
"opcache.max_accelerated_files" = "10000";
"opcache.huge_code_pages" = "1";
"opcache.enable_file_override" = "1";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "60";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
preview_max_x = 512;
preview_max_y = 512;
short_open_tag = "Off";
};
};
virtualisation.oci-containers.containers = {
go-vod = lib.mkIf config.my.servers.go-vod.enable {
autoStart = true;
image = "radialapps/go-vod";
environment = {
TZ = "America/Mexico_City";
NEXTCLOUD_HOST = "https://${config.services.nextcloud.hostName}";
NVIDIA_VISIBLE_DEVICES = "all";
};
volumes = [ "ncdata:/var/www/html:ro" ];
extraOptions = [
"--device=/dev/dri" # VA-API (omit for NVENC)
settings = {
log_type = "file";
log_level = 3;
trusted_proxies = [ "192.168.1.100" ];
trusted_domains = [
"cloud.rotehaare.art"
"danilo-reyes.com"
];
forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ];
overwrite_protocol = "https";
default_phone_region = "MX";
allow_local_remote_servers = true;
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"memories.exiftool" = "/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
];
};
collabora = lib.mkIf config.my.servers.collabora.enable {
autoStart = true;
image = "collabora/code";
imageFile = pkgs.dockerTools.pullImage {
imageName = "collabora/code";
imageDigest =
"sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f";
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs=";
# phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ];
};
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
ports = [ "9980:9980" ];
environment = {
TZ = "America/Mexico_City";
domain = "cloud.servidos.lat";
aliasgroup1 = "cloud.servidos.lat:443";
aliasgroup2 = "cloud.rotehaare.art:443";
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
extra_params = ''
--o:ssl.enable=false
--o:ssl.termination=true
'';
};
"collabora.${config.my.domain}" = lib.mkIf config.my.servers.collabora.enable {
forceSSL = true;
enableACME = true;
http2 = true;
locations = {
# static files
"^~ /loleaflet" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
};
extraOptions = [ "--cap-add" "MKNOD" ];
};
};
systemd = lib.mkIf config.my.servers.nextcloud.enableCron {
services = {
nextcloud-cron.path = [ pkgs.perl ];
nextcloud-cronjob = let
nextcloud-cronjob = pkgs.writeScriptBin "nextcloud-cronjob"
(builtins.readFile ../../scripts/nextcloud-cronjob.sh);
in {
};
virtualisation.oci-containers.containers = {
go-vod = lib.mkIf config.my.servers.go-vod.enable {
autoStart = true;
image = "radialapps/go-vod";
environment = {
TZ = "America/Mexico_City";
NEXTCLOUD_HOST = "https://${config.services.nextcloud.hostName}";
NVIDIA_VISIBLE_DEVICES = "all";
};
volumes = [ "ncdata:/var/www/html:ro" ];
extraOptions = [
"--device=/dev/dri" # VA-API (omit for NVENC)
];
};
collabora = lib.mkIf config.my.servers.collabora.enable {
autoStart = true;
image = "collabora/code";
imageFile = pkgs.dockerTools.pullImage {
imageName = "collabora/code";
imageDigest = "sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f";
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs=";
};
ports = [ "9980:9980" ];
environment = {
TZ = "America/Mexico_City";
domain = "cloud.servidos.lat";
aliasgroup1 = "cloud.servidos.lat:443";
aliasgroup2 = "cloud.rotehaare.art:443";
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
extra_params = ''
--o:ssl.enable=false
--o:ssl.termination=true
'';
};
extraOptions = [
"--cap-add"
"MKNOD"
];
};
};
systemd = lib.mkIf config.my.servers.nextcloud.enableCron {
services = {
nextcloud-cron.path = [ pkgs.perl ];
nextcloud-cronjob =
let
nextcloud-cronjob = pkgs.writeScriptBin "nextcloud-cronjob" (
builtins.readFile ../../scripts/nextcloud-cronjob.sh
);
in
{
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bash nextcloud-cronjob ];
path = [
pkgs.bash
nextcloud-cronjob
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${nextcloud-cronjob}/bin/nextcloud-cronjob";
};
};
};
timers.nextcloud-cronjob = {
enable = true;
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
};
timers.nextcloud-cronjob = {
enable = true;
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
}

50
modules/servers/paperless.nix
View File

@@ -1,29 +1,31 @@
{ lib, config, ... }: {
{ lib, config, ... }:
{
options.my.servers.paperless.enable = lib.mkEnableOption "enable";
config = lib.mkIf
(config.my.servers.paperless.enable && config.my.servers.postgres.enable) {
services.paperless = {
enable = true;
address = "0.0.0.0";
consumptionDirIsPublic = true;
consumptionDir = "/mnt/pool/scans/";
settings = {
PAPERLESS_DBENGINE = "postgress";
PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBHOST = config.my.postgresSocket;
PAPERLESS_CONSUMER_IGNORE_PATTERN =
builtins.toJSON [ ".DS_STORE/*" "desktop.ini" ];
PAPERLESS_TIME_ZONE = "America/Mexico_City";
PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
optimize = 1;
pdfa_image_compression = "lossless";
};
config = lib.mkIf (config.my.servers.paperless.enable && config.my.servers.postgres.enable) {
services.paperless = {
enable = true;
address = "0.0.0.0";
consumptionDirIsPublic = true;
consumptionDir = "/mnt/pool/scans/";
settings = {
PAPERLESS_DBENGINE = "postgress";
PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBHOST = config.my.postgresSocket;
PAPERLESS_CONSUMER_IGNORE_PATTERN = builtins.toJSON [
".DS_STORE/*"
"desktop.ini"
];
PAPERLESS_TIME_ZONE = "America/Mexico_City";
PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
optimize = 1;
pdfa_image_compression = "lossless";
};
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ config.services.paperless.port ];
allowedUDPPorts = [ config.services.paperless.port ];
};
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ config.services.paperless.port ];
allowedUDPPorts = [ config.services.paperless.port ];
};
};
}

16
modules/servers/postgres.nix
View File

@@ -1,8 +1,15 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
upgrade-pg-cluster =
let newPostgres = pkgs.postgresql_16.withPackages (_pp: [ ]);
in pkgs.writeScriptBin "upgrade-pg-cluster" ''
let
newPostgres = pkgs.postgresql_16.withPackages (_pp: [ ]);
in
pkgs.writeScriptBin "upgrade-pg-cluster" ''
set -eux
systemctl stop postgresql
export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}"
@@ -26,7 +33,8 @@ let
"shiori"
"firefly-iii"
];
in {
in
{
options.my.servers.postgres.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.postgres.enable {
environment.systemPackages = [ upgrade-pg-cluster ];

11
modules/servers/prowlarr.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverseArr, ... }: {
{
lib,
config,
proxyReverseArr,
...
}:
{
options.my.servers.prowlarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.prowlarr.enable {
users.users.prowlarr = {
@@ -7,8 +13,7 @@
};
services = {
prowlarr.enable = true;
nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696
// { };
nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696 // { };
};
virtualisation.oci-containers.containers.flaresolverr = {
autoStart = true;

56
modules/servers/qbittorrent.nix
View File

@@ -1,7 +1,18 @@
{ lib, config, pkgs, proxyReverse, ... }:
{
lib,
config,
pkgs,
proxyReverse,
...
}:
let
port = 9091;
ports = [ port 51411 51412 51413 ];
ports = [
port
51411
51412
51413
];
bencodepy = pkgs.python3Packages.buildPythonPackage {
pname = "bencodepy";
version = "0.9.5";
@@ -15,7 +26,8 @@ let
};
build-system = with pkgs.python3Packages; [ setuptools ];
};
qbit_manage_env = pkgs.python3.withPackages (ps:
qbit_manage_env = pkgs.python3.withPackages (
ps:
[
ps.croniter
ps.gitpython
@@ -26,17 +38,19 @@ let
ps.retrying
ps.ruamel-yaml
ps.schedule
] ++ [ bencodepy ]);
in {
]
++ [ bencodepy ]
);
in
{
options.my.servers = {
qbittorrent.enable = lib.mkEnableOption "enable";
unpackerr.enable = lib.mkEnableOption "enable";
};
config = lib.mkIf config.my.servers.qbittorrent.enable {
home-manager.users.jawz.xdg.configFile."unpackerr.conf" =
lib.mkIf config.my.servers.unpackerr.enable {
source = ../../dotfiles/unpackerr.conf;
};
lib.mkIf config.my.servers.unpackerr.enable
{ source = ../../dotfiles/unpackerr.conf; };
systemd = {
packages = [ pkgs.qbittorrent-nox ];
services = {
@@ -52,13 +66,15 @@ in {
restartIfChanged = true;
description = "Tidy up my torrents";
wantedBy = [ "default.target" ];
serviceConfig = let env = "/home/jawz/Development/Git/qbit_manage";
in {
Restart = "on-failure";
RestartSec = 30;
ExecStart =
"${qbit_manage_env}/bin/python ${env}/qbit_manage.py -r -c ${env}/config.yml";
};
serviceConfig =
let
env = "/home/jawz/Development/Git/qbit_manage";
in
{
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${qbit_manage_env}/bin/python ${env}/qbit_manage.py -r -c ${env}/config.yml";
};
};
unpackerr = lib.mkIf config.my.servers.unpackerr.enable {
enable = true;
@@ -68,8 +84,7 @@ in {
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart =
"${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
ExecStart = "${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
};
};
};
@@ -77,12 +92,13 @@ in {
enable = true;
description = "Tidy up my torrents";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
proxyReverse port // { };
services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" = proxyReverse port // { };
networking.firewall = {
allowedTCPPorts = ports;
allowedUDPPorts = ports;

11
modules/servers/radarr.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverseArr, ... }: {
{
lib,
config,
proxyReverseArr,
...
}:
{
options.my.servers.radarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.radarr.enable {
services = {
@@ -6,8 +12,7 @@
enable = true;
group = "piracy";
};
nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878
// { };
nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 // { };
};
};
}

52
modules/servers/ryot.nix
View File

@@ -1,31 +1,35 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 8765;
url = "tracker.${config.my.domain}";
in {
in
{
options.my.servers.ryot.enable = lib.mkEnableOption "enable";
config = lib.mkIf
(config.my.servers.ryot.enable && config.my.servers.postgres.enable) {
sops.secrets.ryot.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.ryot = {
image = "ghcr.io/ignisda/ryot:v7.0.0";
ports = [ "${toString port}:8000" ];
environmentFiles = [ config.sops.secrets.ryot.path ];
environment = {
RUST_LOG = "ryot=debug,sea_orm=debug";
TZ = "America/Mexico_City";
DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
FRONTEND_INSECURE_COOKIES = "true";
};
volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
labels = {
"flame.type" = "application";
"flame.name" = "Ryot";
"flame.url" = url;
"flame.icon" = "radar";
};
config = lib.mkIf (config.my.servers.ryot.enable && config.my.servers.postgres.enable) {
sops.secrets.ryot.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.ryot = {
image = "ghcr.io/ignisda/ryot:v7.0.0";
ports = [ "${toString port}:8000" ];
environmentFiles = [ config.sops.secrets.ryot.path ];
environment = {
RUST_LOG = "ryot=debug,sea_orm=debug";
TZ = "America/Mexico_City";
DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
FRONTEND_INSECURE_COOKIES = "true";
};
volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
labels = {
"flame.type" = "application";
"flame.name" = "Ryot";
"flame.url" = url;
"flame.icon" = "radar";
};
services.nginx.virtualHosts."tracker.${config.my.domain}" =
proxyReverse port // { };
};
services.nginx.virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
};
}

11
modules/servers/sabnzbd.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.sabnzbd.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.sabnzbd.enable {
services = {
@@ -7,8 +13,7 @@
group = "piracy";
openFirewall = true;
};
nginx.virtualHosts."HSoeJdGRd2Orj0n31UGI.${config.my.domain}" =
proxyReverse 3399 // { };
nginx.virtualHosts."HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = proxyReverse 3399 // { };
};
};
}

34
modules/servers/shiori.nix
View File

@@ -1,20 +1,26 @@
{ lib, config, pkgs, proxyReverse, ... }: {
{
lib,
config,
pkgs,
proxyReverse,
...
}:
{
disabledModules = [ "services/web-apps/shiori.nix" ];
imports = [ ../../pkgs/shiori/shiori-service.nix ];
options.my.servers.shiori.enable = lib.mkEnableOption "enable";
config = lib.mkIf
(config.my.servers.shiori.enable && config.my.servers.postgres.enable) {
sops.secrets.shiori.sopsFile = ../../secrets/env.yaml;
services = {
shiori = {
enable = true;
port = 4368;
package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
};
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
config = lib.mkIf (config.my.servers.shiori.enable && config.my.servers.postgres.enable) {
sops.secrets.shiori.sopsFile = ../../secrets/env.yaml;
services = {
shiori = {
enable = true;
port = 4368;
package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
};
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
};
};
}

11
modules/servers/sonarr.nix
View File

@@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.sonarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.sonarr.enable {
services = {
@@ -6,8 +12,7 @@
enable = true;
group = "piracy";
};
nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989
// { };
nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989 // { };
};
};
}

53
modules/servers/vaultwarden.nix
View File

@@ -1,29 +1,34 @@
{ lib, config, pkgs, proxyReverse, ... }: {
{
lib,
config,
pkgs,
proxyReverse,
...
}:
{
options.my.servers.vaultwarden.enable = lib.mkEnableOption "enable";
config = lib.mkIf (config.my.servers.vaultwarden.enable
&& config.my.servers.postgres.enable) {
sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml;
services = {
vaultwarden = {
enable = true;
dbBackend = "postgresql";
package = pkgs.vaultwarden;
environmentFile = config.sops.secrets.vaultwarden.path;
config = {
ROCKET_ADDRESS = "${config.my.localhost}";
ROCKET_PORT = 8222;
WEBSOCKET_PORT = 8333;
DATABASE_URL =
"postgresql:///vaultwarden?host=${config.my.postgresSocket}";
ENABLE_DB_WAL = false;
WEBSOCKET_ENABLED = true;
SHOW_PASSWORD_HINT = false;
EXTENDED_LOGGING = true;
LOG_LEVEL = "warn";
};
config = lib.mkIf (config.my.servers.vaultwarden.enable && config.my.servers.postgres.enable) {
sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml;
services = {
vaultwarden = {
enable = true;
dbBackend = "postgresql";
package = pkgs.vaultwarden;
environmentFile = config.sops.secrets.vaultwarden.path;
config = {
ROCKET_ADDRESS = "${config.my.localhost}";
ROCKET_PORT = 8222;
WEBSOCKET_PORT = 8333;
DATABASE_URL = "postgresql:///vaultwarden?host=${config.my.postgresSocket}";
ENABLE_DB_WAL = false;
WEBSOCKET_ENABLED = true;
SHOW_PASSWORD_HINT = false;
EXTENDED_LOGGING = true;
LOG_LEVEL = "warn";
};
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
};
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
};
};
}

3
modules/services.nix
View File

@@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./services/network.nix
./services/nvidia.nix

3
modules/services/network.nix
View File

@@ -1,4 +1,5 @@
{ config, lib, ... }: {
{ config, lib, ... }:
{
options.my.services.network.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.network.enable {
networking = {

11
modules/services/nvidia.nix
View File

@@ -1,8 +1,13 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.services.nvidia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.nvidia.enable {
boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation")
[ "nvidia-drm.fbdev=1" ];
boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation") [ "nvidia-drm.fbdev=1" ];
services.xserver.videoDrivers = [ "nvidia" ];
hardware = {
opengl = {

16
modules/services/printing.nix
View File

@@ -1,6 +1,16 @@
{ config, lib, pkgs, ... }:
let printingDrivers = [ pkgs.hplip pkgs.hplipWithPlugin ];
in {
{
config,
lib,
pkgs,
...
}:
let
printingDrivers = [
pkgs.hplip
pkgs.hplipWithPlugin
];
in
{
options.my.services.printing.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.printing.enable {
users.users.jawz.packages = [ pkgs.gnome.simple-scan ];

8
modules/services/sound.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, inputs, ... }: {
{
config,
lib,
inputs,
...
}:
{
imports = [ inputs.nix-gaming.nixosModules.pipewireLowLatency ];
options.my.services.sound.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.sound.enable {

9
modules/shell.nix
View File

@@ -1,5 +1,10 @@
{ lib, ... }: {
imports = [ ./shell/exercism.nix ./shell/multimedia.nix ./shell/tools.nix ];
{ lib, ... }:
{
imports = [
./shell/exercism.nix
./shell/multimedia.nix
./shell/tools.nix
];
my.shell = {
exercism.enable = lib.mkDefault false;
multimedia.enable = lib.mkDefault false;

8
modules/shell/exercism.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.shell.exercism.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.exercism.enable {
users.users.jawz.packages = with pkgs; [

46
modules/shell/multimedia.nix
View File

@@ -1,23 +1,31 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.shell.multimedia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.multimedia.enable {
users.users.jawz.packages = (with pkgs; [
gallery-dl # similar to yt-dlp but for most image gallery websites
yt-dlp # downloads videos from most video websites
ffmpeg # not ffmpreg, the coolest video conversion tool!
imagemagick # photoshop what??
]) ++ [
(pkgs.python3Packages.buildPythonApplication rec {
pname = "ffpb";
version = "0.4.1";
src = pkgs.python3Packages.fetchPypi {
inherit pname version;
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
};
doCheck = false;
buildInputs = [ pkgs.python3Packages.setuptools ];
propagatedBuildInputs = [ pkgs.python3Packages.tqdm ];
})
];
users.users.jawz.packages =
(with pkgs; [
gallery-dl # similar to yt-dlp but for most image gallery websites
yt-dlp # downloads videos from most video websites
ffmpeg # not ffmpreg, the coolest video conversion tool!
imagemagick # photoshop what??
])
++ [
(pkgs.python3Packages.buildPythonApplication rec {
pname = "ffpb";
version = "0.4.1";
src = pkgs.python3Packages.fetchPypi {
inherit pname version;
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
};
doCheck = false;
buildInputs = [ pkgs.python3Packages.setuptools ];
propagatedBuildInputs = [ pkgs.python3Packages.tqdm ];
})
];
};
}

8
modules/shell/tools.nix
View File

@@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.shell.tools.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.tools.enable {
home-manager.users.jawz = {