jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

servers now have an unique toggle for nginx

Browse Source
This commit is contained in:
Danilo Reyes 2024-08-24 20:55:42 -06:00
parent ad97dcf385
commit fb1a44d2ca
22 changed files with 142 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
hosts/server/configuration.nix
View File

@ -16,12 +16,30 @@
ffmpreg.enable = true; ffmpreg.enable = true;
ffmpeg4discord.enable = true; ffmpeg4discord.enable = true;
}; };
servers = {
sonarr.enable = true;
radarr.enable = true;
lidarr.enable = true;
jellyfin.enable = true;
bazarr.enable = true;
kavita.enable = true;
}; };
networking = { };
networking = let
ports = [
2049 # idk
8989 # sonarr
7878 # radarr
8686 # lidarr
8096 # jellyfin
6767 # bazarr
5000 # kavita
];
in {
hostName = "server"; hostName = "server";
firewall = { firewall = {
allowedTCPPorts = [ 2049 ]; allowedTCPPorts = ports;
allowedUDPPorts = [ 2049 ]; allowedUDPPorts = ports;
}; };
}; };
nixpkgs.hostPlatform = "x86_64-linux"; nixpkgs.hostPlatform = "x86_64-linux";

9
modules/servers.nix
View File

@ -104,10 +104,13 @@ in {
description = "localhost smtp email"; description = "localhost smtp email";
}; };
enableContainers = lib.mkEnableOption "enable"; enableContainers = lib.mkEnableOption "enable";
enableProxy = lib.mkEnableOption "enable";
}; };
config = { config = {
my.enableContainers = lib.mkDefault false; my = {
my.servers = { enableContainers = lib.mkDefault false;
enableProxy = lib.mkDefault false;
servers = {
jellyfin = { jellyfin = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
enableCron = lib.mkDefault false; enableCron = lib.mkDefault false;
@ -142,6 +145,7 @@ in {
vaultwarden.enable = lib.mkDefault false; vaultwarden.enable = lib.mkDefault false;
firefly-iii.enable = lib.mkDefault false; firefly-iii.enable = lib.mkDefault false;
}; };
};
virtualisation = { virtualisation = {
containers.enable = true; containers.enable = true;
oci-containers.backend = "podman"; oci-containers.backend = "podman";
@ -162,6 +166,7 @@ in {
defaults.email = config.my.email; defaults.email = config.my.email;
}; };
services.nginx = { services.nginx = {
enable = config.my.enableProxy;
clientMaxBodySize = "4096m"; clientMaxBodySize = "4096m";
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
}; };

5
modules/servers/audiobookshelf.nix
View File

@ -10,9 +10,7 @@ in {
group = "piracy"; group = "piracy";
port = cfg.port; port = cfg.port;
}; };
nginx = { nginx.virtualHosts."${cfg.host}" = proxy {
enable = true;
virtualHosts."${cfg.host}" = proxy {
"/" = { "/" = {
proxyPass = cfg.local; proxyPass = cfg.local;
extraConfig = '' extraConfig = ''
@ -28,5 +26,4 @@ in {
}; };
}; };
}; };
};
} }

5
modules/servers/bazarr.nix
View File

@ -6,11 +6,8 @@
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx = { nginx.virtualHosts."subs.${config.my.domain}" =
enable = true;
virtualHosts."subs.${config.my.domain}" =
proxyReverse config.services.bazarr.listenPort // { }; proxyReverse config.services.bazarr.listenPort // { };
}; };
}; };
};
} }

1
modules/servers/flame.nix
View File

@ -39,7 +39,6 @@ in {
}; };
}; };
services.nginx = { services.nginx = {
enable = true;
virtualHosts."start.${config.my.domain}" = proxyReverse port // { }; virtualHosts."start.${config.my.domain}" = proxyReverse port // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" = virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" =
proxyReverse portSecret // { }; proxyReverse portSecret // { };

5
modules/servers/homepage.nix
View File

@ -40,10 +40,7 @@ in {
]; ];
}]; }];
}; };
nginx = { nginx.virtualHosts."home.${config.my.domain}" = proxyReverse port // { };
enable = true;
virtualHosts."home.${config.my.domain}" = proxyReverse port // { };
};
}; };
}; };
} }

1
modules/servers/jellyfin.nix
View File

@ -10,7 +10,6 @@ in {
group = "piracy"; group = "piracy";
}; };
nginx = { nginx = {
enable = true;
appendHttpConfig = '' appendHttpConfig = ''
# JELLYFIN # JELLYFIN
proxy_cache_path /var/cache/nginx/jellyfin-videos levels=1:2 keys_zone=jellyfin-videos:100m inactive=1d max_size=35000m; proxy_cache_path /var/cache/nginx/jellyfin-videos levels=1:2 keys_zone=jellyfin-videos:100m inactive=1d max_size=35000m;

5
modules/servers/kavita.nix
View File

@ -15,11 +15,8 @@
enable = true; enable = true;
tokenKeyFile = config.sops.secrets.kavita-token.path; tokenKeyFile = config.sops.secrets.kavita-token.path;
}; };
nginx = { nginx.virtualHosts."library.${config.my.domain}" =
enable = true;
virtualHosts."library.${config.my.domain}" =
proxyReverse config.services.kavita.port // { }; proxyReverse config.services.kavita.port // { };
}; };
}; };
};
} }

11
modules/servers/lidarr.nix
View File

@ -15,9 +15,9 @@ in {
PGID = "100"; PGID = "100";
}; };
volumes = [ volumes = [
"/mnt/pool/multimedia:/data" "/mnt/btrfs/multimedia:/data"
"/mnt/pool/multimedia/media/Music:/music" "/mnt/btrfs/multimedia/media/Music:/music"
"/mnt/pool/multimedia/media/MusicVideos:/music-videos" "/mnt/btrfs/multimedia/media/MusicVideos:/music-videos"
"${config.my.containerData}/lidarr/files:/config" "${config.my.containerData}/lidarr/files:/config"
"${config.my.containerData}/lidarr/custom-services.d:/custom-services.d" "${config.my.containerData}/lidarr/custom-services.d:/custom-services.d"
"${config.my.containerData}/lidarr/custom-cont-init.d:/custom-cont-init.d" "${config.my.containerData}/lidarr/custom-cont-init.d:/custom-cont-init.d"
@ -31,10 +31,7 @@ in {
}; };
services = { services = {
lidarr.enable = true; lidarr.enable = true;
nginx = { nginx.virtualHosts."${url}" = proxyReverseArr port // { };
enable = true;
virtualHosts."${url}" = proxyReverseArr port // { };
};
}; };
}; };
} }

5
modules/servers/maloja.nix
View File

@ -26,9 +26,6 @@ in {
"flame.icon" = "bookmark-music"; "flame.icon" = "bookmark-music";
}; };
}; };
services.nginx = { services.nginx.virtualHosts."${url}" = proxyReverse port // { };
enable = true;
virtualHosts."${url}" = proxyReverse port // { };
};
}; };
} }

5
modules/servers/mealie.nix
View File

@ -34,9 +34,6 @@ in {
"flame.icon" = "fridge"; "flame.icon" = "fridge";
}; };
}; };
services.nginx = { services.nginx.virtualHosts."${domain}" = proxyReverse port // { };
enable = true;
virtualHosts."${domain}" = proxyReverse port // { };
};
}; };
} }

6
modules/servers/metube.nix
View File

@ -15,9 +15,7 @@ in {
YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}''; YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}'';
}; };
}; };
services.nginx = { services.nginx.virtualHosts."bajameesta.${config.my.domain}" =
enable = true; proxyReverse port // { };
virtualHosts."bajameesta.${config.my.domain}" = proxyReverse port // { };
};
}; };
} }

5
modules/servers/microbin.nix
View File

@ -17,11 +17,8 @@
MICROBIN_ENCRYPTION_SERVER_SIDE = true; MICROBIN_ENCRYPTION_SERVER_SIDE = true;
}; };
}; };
nginx = { nginx.virtualHosts."copy.${config.my.domain}" =
enable = true;
virtualHosts."copy.${config.my.domain}" =
proxyReverse config.services.microbin.settings.MICROBIN_PORT // { }; proxyReverse config.services.microbin.settings.MICROBIN_PORT // { };
}; };
}; };
};
} }

5
modules/servers/multi-scrobbler.nix
View File

@ -29,9 +29,6 @@ in {
"flame.icon" = "broadcast"; "flame.icon" = "broadcast";
}; };
}; };
services.nginx = { services.nginx.virtualHosts."${domain}" = proxyReverse port // { };
enable = true;
virtualHosts."${domain}" = proxyReverse port // { };
};
}; };
} }

5
modules/servers/nextcloud.nix
View File

@ -131,9 +131,7 @@ in {
# phpExtraExtensions = all: [ all.pdlib all.bz2 ]; # phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ]; phpExtraExtensions = all: [ ];
}; };
nginx = { nginx.virtualHosts = {
enable = true;
virtualHosts = {
${config.services.nextcloud.hostName} = { ${config.services.nextcloud.hostName} = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@ -180,7 +178,6 @@ in {
}; };
}; };
}; };
};
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
go-vod = lib.mkIf config.my.servers.go-vod.enable { go-vod = lib.mkIf config.my.servers.go-vod.enable {
autoStart = true; autoStart = true;

5
modules/servers/prowlarr.nix
View File

@ -7,12 +7,9 @@
}; };
services = { services = {
prowlarr.enable = true; prowlarr.enable = true;
nginx = { nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696
enable = true;
virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696
// { }; // { };
}; };
};
virtualisation.oci-containers.containers.flaresolverr = { virtualisation.oci-containers.containers.flaresolverr = {
autoStart = true; autoStart = true;
image = "ghcr.io/flaresolverr/flaresolverr:latest"; image = "ghcr.io/flaresolverr/flaresolverr:latest";

5
modules/servers/qbittorrent.nix
View File

@ -74,11 +74,8 @@ in {
}; };
}; };
}; };
services.nginx = { services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
enable = true;
virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
proxyReverse port // { }; proxyReverse port // { };
};
networking.firewall = { networking.firewall = {
allowedTCPPorts = ports; allowedTCPPorts = ports;
allowedUDPPorts = ports; allowedUDPPorts = ports;

6
modules/servers/radarr.nix
View File

@ -6,10 +6,8 @@
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx = { nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878
enable = true; // { };
virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 // { };
};
}; };
}; };
} }

6
modules/servers/ryot.nix
View File

@ -25,9 +25,7 @@ in {
"flame.icon" = "radar"; "flame.icon" = "radar";
}; };
}; };
services.nginx = { services.nginx.virtualHosts."tracker.${config.my.domain}" =
enable = true; proxyReverse port // { };
virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
};
}; };
} }

5
modules/servers/shiori.nix
View File

@ -13,11 +13,8 @@
environmentFile = config.sops.secrets.shiori.path; environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}"; databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
}; };
nginx = { nginx.virtualHosts."bookmarks.${config.my.domain}" =
enable = true;
virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { }; proxyReverse config.services.shiori.port // { };
}; };
}; };
};
} }

6
modules/servers/sonarr.nix
View File

@ -6,10 +6,8 @@
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx = { nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989
enable = true; // { };
virtualHosts."series.${config.my.domain}" = proxyReverse 8989 // { };
};
}; };
}; };
} }

5
modules/servers/vaultwarden.nix
View File

@ -22,11 +22,8 @@
LOG_LEVEL = "warn"; LOG_LEVEL = "warn";
}; };
}; };
nginx = { nginx.virtualHosts."vault.${config.my.domain}" =
enable = true;
virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { }; proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
}; };
}; };
};
} }