From de81b95a77bfa0b13e843dc5dca303c7d38efdd9 Mon Sep 17 00:00:00 2001
From: Danilo Reyes <CaptainJawZ@protonmail.com>
Date: Fri, 5 Jul 2024 22:22:42 -0600
Subject: [PATCH] homepage: jellyfin init

---
 modules/servers/audiobookshelf.nix    |  2 +-
 modules/servers/base.nix              | 10 ++--
 modules/servers/homepage.nix          | 18 +++----
 modules/servers/homepage/services.nix | 25 ++++++++++
 modules/servers/jellyfin.nix          | 72 ++++++++++++---------------
 secrets/env.yaml                      |  6 +--
 6 files changed, 76 insertions(+), 57 deletions(-)
 create mode 100644 modules/servers/homepage/services.nix

diff --git a/modules/servers/audiobookshelf.nix b/modules/servers/audiobookshelf.nix
index e0f5e20..689a283 100644
--- a/modules/servers/audiobookshelf.nix
+++ b/modules/servers/audiobookshelf.nix
@@ -2,7 +2,7 @@
 let cfg = config.my.servers.audiobookshelf;
 in {
   options.my.servers.audiobookshelf =
-    setup.mkServerOptions "audiobookshelf" "audiobooks" 5687;
+    setup.mkOptions "audiobookshelf" "audiobooks" 5687;
   config = lib.mkIf config.my.servers.audiobookshelf.enable {
     services = {
       audiobookshelf = {
diff --git a/modules/servers/base.nix b/modules/servers/base.nix
index e9182ff..78861af 100644
--- a/modules/servers/base.nix
+++ b/modules/servers/base.nix
@@ -1,12 +1,16 @@
 { lib, config, ... }:
-
 let
-  mkServerOptions = name: subdomain: port: {
+  mkOptions = name: subdomain: port: {
     enable = lib.mkEnableOption "enable";
+    enableCron = lib.mkEnableOption "enable cronjob";
     port = lib.mkOption {
       type = lib.types.int;
       default = port;
     };
+    name = lib.mkOption {
+      type = lib.types.str;
+      default = name;
+    };
     host = lib.mkOption {
       type = lib.types.str;
       default = "${subdomain}.${config.my.domain}";
@@ -20,4 +24,4 @@ let
       default = "http://${config.my.localhost}:${toString port}";
     };
   };
-in { inherit mkServerOptions; }
+in { inherit mkOptions; }
diff --git a/modules/servers/homepage.nix b/modules/servers/homepage.nix
index 15a03f3..675194c 100644
--- a/modules/servers/homepage.nix
+++ b/modules/servers/homepage.nix
@@ -1,5 +1,7 @@
 { lib, config, proxyReverse, ... }:
-let port = 8082;
+let
+  port = 8082;
+  services = import ./homepage/services.nix { inherit config lib; };
 in {
   options.my.servers.homepage.enable = lib.mkEnableOption "enable";
   config = lib.mkIf config.my.servers.homepage.enable {
@@ -32,16 +34,10 @@ in {
           }
         ];
         services = [{
-          "Multimedia" = [{
-            Audiobookshelf = lib.mkIf config.my.servers.audiobookshelf.enable {
-              href = config.my.servers.audiobookshelf.url;
-              widget = {
-                type = "audiobookshelf";
-                url = config.my.servers.audiobookshelf.local;
-                key = "{{HOMEPAGE_VAR_AUDIOBOOKSHELF}}";
-              };
-            };
-          }];
+          "Multimedia" = [
+            { inherit (services) Audiobookshelf; }
+            { inherit (services) Jellyfin; }
+          ];
         }];
       };
       nginx = {
diff --git a/modules/servers/homepage/services.nix b/modules/servers/homepage/services.nix
new file mode 100644
index 0000000..38cf924
--- /dev/null
+++ b/modules/servers/homepage/services.nix
@@ -0,0 +1,25 @@
+{ config, lib, ... }: {
+  Audiobookshelf = lib.mkIf config.my.servers.audiobookshelf.enable {
+    icon = "${config.my.servers.audiobookshelf.name}.png";
+    href = config.my.servers.audiobookshelf.url;
+    widget = {
+      type = config.my.servers.audiobookshelf.name;
+      url = config.my.servers.audiobookshelf.local;
+      key = "{{HOMEPAGE_VAR_AUDIOBOOKSHELF}}";
+    };
+  };
+  Jellyfin = lib.mkIf config.my.servers.jellyfin.enable {
+    icon = "${config.my.servers.jellyfin.name}.png";
+    href = config.my.servers.jellyfin.url;
+    widget = {
+      type = config.my.servers.jellyfin.name;
+      url = config.my.servers.jellyfin.local;
+      key = "{{HOMEPAGE_VAR_JELLYFIN}}";
+      enableBlocks = true;
+      enableNowPlaying = true;
+      enableUser = true;
+      showEpisodeNumber = true;
+      expandOneStreamToTwoRows = false;
+    };
+  };
+}
diff --git a/modules/servers/jellyfin.nix b/modules/servers/jellyfin.nix
index 0fbda18..1934b75 100644
--- a/modules/servers/jellyfin.nix
+++ b/modules/servers/jellyfin.nix
@@ -1,16 +1,14 @@
-{ lib, config, pkgs, serviceBase, ... }:
-let
-  inherit (config.my) localhost;
-  port = 8096;
+{ lib, config, pkgs, setup, ... }:
+let cfg = config.my.servers.jellyfin;
 in {
-  options.my.servers.jellyfin = {
-    enable = lib.mkEnableOption "enable";
-    enableCron = lib.mkEnableOption "enable";
-  };
+  options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096;
   config = lib.mkIf config.my.servers.jellyfin.enable {
     environment.systemPackages = [ pkgs.jellyfin-ffmpeg ];
     services = {
-      jellyfin = serviceBase // { };
+      jellyfin = {
+        enable = true;
+        group = "piracy";
+      };
       nginx = {
         enable = true;
         appendHttpConfig = ''
@@ -20,7 +18,7 @@ in {
           map $request_uri $h264Level { ~(h264-level=)(.+?)& $2; }
           map $request_uri $h264Profile { ~(h264-profile=)(.+?)& $2; }
         '';
-        virtualHosts."flix.${config.my.domain}" = {
+        virtualHosts."${cfg.host}" = {
           forceSSL = true;
           enableACME = true;
           http2 = true;
@@ -28,7 +26,7 @@ in {
             # use a variable to store the upstream proxy
             # in this example we are using a hostname which is resolved via DNS
             # (if you aren't using DNS remove the resolver line and change the variable to point to an IP address
-            resolver ${localhost} valid=30;
+            resolver ${config.my.localhost} valid=30;
 
             location = / {
               return 302 http://$host/web/;
@@ -37,7 +35,7 @@ in {
 
             location = /web/ {
               # Proxy main Jellyfin traffic
-              proxy_pass http://${localhost}:${toString port}/web/index.html;
+              proxy_pass ${cfg.local}/web/index.html;
               proxy_set_header Host $host;
               proxy_set_header X-Real-IP $remote_addr;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -48,11 +46,11 @@ in {
           '';
           locations = {
             "/" = {
-              proxyPass = "http://${localhost}:${toString port}";
+              proxyPass = cfg.local;
               proxyWebsockets = true;
             };
             "/socket" = {
-              proxyPass = "http://${localhost}:${toString port}";
+              proxyPass = cfg.local;
               extraConfig = ''
                 proxy_http_version 1.1;
                 proxy_set_header Upgrade $http_upgrade;
@@ -60,7 +58,7 @@ in {
               '';
             };
             "~ /Items/(.*)/Images" = {
-              proxyPass = "http://${localhost}:${toString port}";
+              proxyPass = cfg.local;
               extraConfig = ''
                 proxy_cache jellyfin;
                 proxy_cache_revalidate on;
@@ -68,7 +66,7 @@ in {
               '';
             };
             "~* ^/Videos/(.*)/(?!live)" = {
-              proxyPass = "http://${localhost}:${toString port}";
+              proxyPass = cfg.local;
               extraConfig = ''
                 # Set size of a slice (this amount will be always requested from the backend by nginx)
                 # Higher value means more latency, lower more overhead
@@ -101,31 +99,27 @@ in {
       };
     };
     systemd = lib.mkIf config.my.servers.jellyfin.enableCron {
-      services = {
-        sub-sync = let
-          sub-sync = pkgs.writeScriptBin "nextcloud-cronjob"
-            (builtins.readFile ../../scripts/sub-sync.sh);
-        in {
-          restartIfChanged = true;
-          description = "syncronizes subtitles downloaded & modified today";
-          wantedBy = [ "default.target" ];
-          path = [ pkgs.nix sub-sync ];
-          serviceConfig = {
-            Restart = "on-failure";
-            RestartSec = 30;
-            ExecStart = "${sub-sync}/bin/sub-sync all";
-            Type = "forking";
-            User = "root";
-          };
+      services.sub-sync = let
+        sub-sync = pkgs.writeScriptBin "nextcloud-cronjob"
+          (builtins.readFile ../../scripts/sub-sync.sh);
+      in {
+        restartIfChanged = true;
+        description = "syncronizes subtitles downloaded & modified today";
+        wantedBy = [ "default.target" ];
+        path = [ pkgs.nix sub-sync ];
+        serviceConfig = {
+          Restart = "on-failure";
+          RestartSec = 30;
+          ExecStart = "${sub-sync}/bin/sub-sync all";
+          Type = "forking";
+          User = "root";
         };
       };
-      timers = {
-        sub-sync = {
-          enable = true;
-          description = "syncronizes subtitles downloaded & modified today";
-          wantedBy = [ "timers.target" ];
-          timerConfig = { OnCalendar = "20:00"; };
-        };
+      timers.sub-sync = {
+        enable = true;
+        description = "syncronizes subtitles downloaded & modified today";
+        wantedBy = [ "timers.target" ];
+        timerConfig = { OnCalendar = "20:00"; };
       };
     };
   };
diff --git a/secrets/env.yaml b/secrets/env.yaml
index 22c93d3..991ca57 100644
--- a/secrets/env.yaml
+++ b/secrets/env.yaml
@@ -7,7 +7,7 @@ multi-scrobbler: ENC[AES256_GCM,data:4KENPA2BoCgBmlBkGrOzI7AOxwtpPjuBHi92XqbQzc3
 vaultwarden: ENC[AES256_GCM,data:BH+G8FmYylTbOhzZy6T+sW0q2myJC2zpd/SrtG5WC7N5fmV++X4h+6/tU5dFv4owIOLm/13oGrkT/KOWkF2wwQ7qeQQ8bsyloEigNBMW6d7/ihXZtdtYid1HQrvc6U+Sjl8CPjInHz5j9fy5ouMrmDCGVIYdNrDzFW8AYn7KFLIa3c7oCWMTBCOeGS5rD55GSwy5y4AvBx7Hj9xnZmGG2cnzt5CR9hr/fnZhBTcPxquUZw==,iv:CxDdtWC7zKJZ/Ikq5fV33AT6MYx+pbAGI0Cy6I1fcyo=,tag:q8w4maD3vXTdxCLZ7qbCjg==,type:str]
 dns: ENC[AES256_GCM,data:eQACe2GRS0ZHyszFkZDG1CeJJZDe/0eXNnurujdv5VR5QQJjYRAQuJVzC3XgelXoWeIQdtW4IfpXTv7xaGuhEzPgsPm4hAdEKosNs6h0ZGg8FG73NSdMWw==,iv:n3i4Ll24+a82aKiRIJgMWLko1B2Lk7bLnpmUevBoHGA=,tag:bnZzVfRUSpZFvF2T6pMtsQ==,type:str]
 cloudflare-api: ENC[AES256_GCM,data:LDlxI/jJ0iRf4aVzsVDXfUFgidMsCtUmW24fcLTYyEiu82PG1p4Q3jt6xL/yUKHSXpNpDhfnuBx+iwT9Myo=,iv:mMdjsfev3yHnk99nPVWeTyR0CfVXTzVDFziDfnq4Ldw=,tag:pCLcNwprdtHLsSUcZOCHVw==,type:str]
-homepage: ENC[AES256_GCM,data:4pOj1iOYaqD45yN3O7fgpWFFLZiWu1g9PPF0lmOlEUfXTS9PyZMqC2nLWIVjg3hXsdsa9fXKeuCZIJDDztWZ2ilWN1oTuzji1BCOXmV9aOwtCZ1pOhksVB7DFEdHX81fQ9SOc0LkU7mmx5EcdmfG+hHyiJjw0SIZJt0OUIixrRgz/mGv6LbyCTp6n1h+wUZGDYK/U73DQno35qV1R5/INxYsgzqOkrvw95gd+lEgDSzDGYd9R4XqQfM7jL8eqpHfzF9KigtbUeoUFOua/nt1HLmoHr++GAt96/9M5G6b,iv:ikgVgfMfrWVicaswSbHO3f7lLwm6A36yXFZxQZGtBwE=,tag:tW1gldIVIPsTZiE/0jXw6Q==,type:str]
+homepage: ENC[AES256_GCM,data:065NyZDDVPM8z50si7t9a+Yk6hgUGqcizGX/SRzWVdEA2bLk+lcBO+1OhnM2HXlpHTABG7yaiKGnGXZ5rB29PFdCgXkkw0P131Dfn8LATbtpBJSLdG+h3w28+UFcgrpcgJusWJsn83GKI+XmiNqPkajmLSvdKycN3CSom3pUQC1dErAl8h0UqWOMVP+/RJjffPHLY9NzuLniBZwWAonrcngceB3SRr0Bqpfv/HJGcfUUu4CoCmdSlL3qBOc0XV+WSTQWiBVAqefQKwQs6STUMP1C4RRX3TdkCMi+y1dgAK+xJbTY3EuiouhW87m8nRKraKBY7LKssilt1M18syO4bE72T230H7ETodYMQ6+z+4Q59eM5ZA==,iv:swoOBjVAMVN2+788eCSqoNSFjER30QjJhcPYXr2DS34=,tag:nVaKsKoE+umBPmxj1ojFpw==,type:str]
 sops:
     kms: []
     gcp_kms: []
@@ -50,8 +50,8 @@ sops:
             QXRUYWtGcWZCVW11U3VYRktuUjlCbDgKsTK4WhUza/JuoDTU3uATa6fq/8eYzxtb
             9BUK1ddzx9Mghea9XBMS17YGtGmW800OsLBomb3SINnOFvejcnKf8Q==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2024-07-06T02:35:26Z"
-    mac: ENC[AES256_GCM,data:wO5qwIr4IDpHUIQHJMxyzkD+9oBLVSKeut8Vi7KwG5ktBeMIPOyFh4fiRzCuMe74CovQLlUVlE1B3p28oO3azIgdoAMaotRkfsmtQDkVbuWX09H1qkjhwt4WvWMhTDT8Ov39HLMiGYrjohdh8siBbiXBDi+j2W0l73okDFeKv6M=,iv:cPwUVpG1mw6SZLFZpn9t6aF5rvlpuiIiAV+yiyBdcw0=,tag:ENdefW17cQruvKu3eGN9yg==,type:str]
+    lastmodified: "2024-07-06T03:20:14Z"
+    mac: ENC[AES256_GCM,data:Kw/oPvzTO4DiXsG/4WKmied+khg2LFYcdd5lTXUyk2MQOECm7g8tc/sb7iTJcyAS8IH19ShYHQJbiUkJTBJj2qxeB+u0O6iMBhYJGQih4PF5GiqeH1WYYCQPzKXpLHVkr9OfvY8h5OvDDpWv4nT9FoqElGtU1vRYTYMBrNh608Q=,iv:MYzP2ZktVehSAVYSmWQb7szMMy6+XlKjF5PYML+Kb4s=,tag:mpc2l3hjBvssopTdsTI0qg==,type:str]
     pgp: []
     unencrypted_suffix: _unencrypted
     version: 3.8.1