218 lines
6.2 KiB
Nix
218 lines
6.2 KiB
Nix
{ lib, config, ... }:
|
|
let
|
|
enableContainers = lib.any (opt: opt) [
|
|
config.my.servers.collabora.enable
|
|
config.my.servers.ryot.enable
|
|
config.my.servers.lidarr.enable
|
|
config.my.servers.prowlarr.enable
|
|
config.my.servers.maloja.enable
|
|
config.my.servers.multi-scrobbler.enable
|
|
config.my.servers.flame.enable
|
|
config.my.servers.flameSecret.enable
|
|
config.my.servers.metube.enable
|
|
config.my.servers.go-vod.enable
|
|
];
|
|
in
|
|
{
|
|
imports =
|
|
let
|
|
serverFiles = builtins.filter (
|
|
file: builtins.match ".*\\.nix" file != null && file != "setup.nix"
|
|
) (builtins.attrNames (builtins.readDir ./servers));
|
|
in
|
|
map (file: ./servers/${file}) serverFiles;
|
|
options.my = {
|
|
localhost = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "127.0.0.1";
|
|
description = "The localhost address.";
|
|
};
|
|
domain = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "servidos.lat";
|
|
description = "The domain name.";
|
|
};
|
|
ips = lib.mkOption {
|
|
type = lib.types.attrsOf lib.types.str;
|
|
default = {
|
|
server = "192.168.1.69";
|
|
miniserver = "192.168.1.100";
|
|
workstation = "192.168.1.64";
|
|
};
|
|
description = "Set of IP's for all my computers.";
|
|
};
|
|
mainServer = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "miniserver";
|
|
description = "The hostname of the main server.";
|
|
};
|
|
postgresSocket = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "/run/postgresql";
|
|
description = "The PostgreSQL socket path.";
|
|
};
|
|
containerSocket = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "/var/run/docker.sock";
|
|
description = "The docker/podman socket path.";
|
|
};
|
|
containerData = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "/var/lib/docker-configs";
|
|
description = "The docker/podman socket path.";
|
|
};
|
|
smtpemail = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "stunner6399@gmail.com";
|
|
description = "localhost smtp email";
|
|
};
|
|
email = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "CaptainJawZ@protonmail.com";
|
|
description = "localhost smtp email";
|
|
};
|
|
timeZone = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "America/Mexico_City";
|
|
description = "Timezone";
|
|
};
|
|
enableContainers = lib.mkEnableOption "enable";
|
|
enableProxy = lib.mkEnableOption "enable";
|
|
};
|
|
config = {
|
|
my = {
|
|
enableContainers = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
servers = {
|
|
jellyfin = {
|
|
enable = lib.mkDefault false;
|
|
enableCron = lib.mkDefault false;
|
|
};
|
|
nextcloud = {
|
|
enable = lib.mkDefault false;
|
|
enableCron = lib.mkDefault false;
|
|
};
|
|
adguardhome.enable = lib.mkDefault false;
|
|
audiobookshelf = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
bazarr = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
collabora = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
flame = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
flameSecret = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
go-vod.enable = lib.mkDefault false;
|
|
homepage = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
kavita = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
lidarr = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
maloja = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
mealie = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
metube = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
microbin = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
multi-scrobbler = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
paperless.enable = lib.mkDefault false;
|
|
postgres.enable = lib.mkDefault false;
|
|
prowlarr = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
sabnzbd.enable = lib.mkDefault false;
|
|
qbittorrent.enable = lib.mkDefault false;
|
|
unpackerr.enable = lib.mkDefault false;
|
|
radarr = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
ryot = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
shiori = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
sonarr = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
vaultwarden = {
|
|
enable = lib.mkDefault false;
|
|
enableProxy = lib.mkDefault false;
|
|
};
|
|
firefly-iii.enable = lib.mkDefault false;
|
|
};
|
|
};
|
|
virtualisation = {
|
|
containers.enable = true;
|
|
oci-containers.backend = "podman";
|
|
podman = lib.mkIf (enableContainers || config.my.enableContainers) {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
dockerSocket.enable = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
autoPrune = {
|
|
enable = true;
|
|
flags = [ "--all" ];
|
|
dates = "weekly";
|
|
};
|
|
};
|
|
};
|
|
security.acme = lib.mkIf config.services.nginx.enable {
|
|
acceptTerms = true;
|
|
defaults.email = config.my.email;
|
|
};
|
|
services.nginx = {
|
|
enable = config.my.enableProxy;
|
|
clientMaxBodySize = "4096m";
|
|
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
|
|
};
|
|
networking.firewall =
|
|
let
|
|
ports = [
|
|
80
|
|
443
|
|
];
|
|
in
|
|
{
|
|
allowedTCPPorts = ports;
|
|
allowedUDPPorts = ports;
|
|
};
|
|
};
|
|
}
|