From 28424b82ab346d90bb24c1fa55af4b454265b7f6 Mon Sep 17 00:00:00 2001 From: Hadi <112569860+anotherhadi@users.noreply.github.com> Date: Thu, 22 Aug 2024 16:28:08 +0200 Subject: [PATCH] update --- flake.nix | 2 + hosts/laptop/home.nix | 1 + .../modules/exposed/cloudflare-dyndns.nix | 1 + hosts/server/modules/jackflix/default.nix | 47 ++++++++++++------- .../modules/jackflix/defaultjackflix.nix | 21 +++++++++ hosts/server/secrets/default.nix | 4 ++ hosts/server/secrets/secrets.yaml | 5 +- 7 files changed, 62 insertions(+), 19 deletions(-) create mode 100644 hosts/server/modules/jackflix/defaultjackflix.nix diff --git a/flake.nix b/flake.nix index 24cb9d3..046cf62 100644 --- a/flake.nix +++ b/flake.nix @@ -26,6 +26,7 @@ }; hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + nixarr.url = "github:rasmus-kirk/nixarr"; }; outputs = inputs@{ nixpkgs, ... }: { @@ -47,6 +48,7 @@ { _module.args = { inherit inputs; }; } inputs.sops-nix.nixosModules.sops inputs.home-manager.nixosModules.home-manager + inputs.nixarr.nixosModules.default ./hosts/server/configuration.nix ]; }; diff --git a/hosts/laptop/home.nix b/hosts/laptop/home.nix index 7a1a404..65ee123 100644 --- a/hosts/laptop/home.nix +++ b/hosts/laptop/home.nix @@ -45,6 +45,7 @@ vlc nextcloud-client tailscale + wireguard-tools # Dev go diff --git a/hosts/server/modules/exposed/cloudflare-dyndns.nix b/hosts/server/modules/exposed/cloudflare-dyndns.nix index 95b13a7..5df48b0 100644 --- a/hosts/server/modules/exposed/cloudflare-dyndns.nix +++ b/hosts/server/modules/exposed/cloudflare-dyndns.nix @@ -12,6 +12,7 @@ "ntfy.anotherhadi.com" "home.anotherhadi.com" "kuma.anotherhadi.com" + "media.anotherhadi.com" ]; proxied = true; apiTokenFile = "/etc/cloudflare/apiToken"; diff --git a/hosts/server/modules/jackflix/default.nix b/hosts/server/modules/jackflix/default.nix index 1a39b69..4437d4e 100644 --- a/hosts/server/modules/jackflix/default.nix +++ b/hosts/server/modules/jackflix/default.nix @@ -1,21 +1,34 @@ -{ - imports = [ - ./jellyfin.nix - # ./jellyseerr.nix - # ./prowlarr.nix - # ./radarr.nix - # ./sonarr.nix - # ./transmission.nix - ]; +{ config, ... }: { + nixarr = { + enable = true; + mediaDir = "/data/media"; + stateDir = "/data/media/.state/nixarr"; - users.groups = { jackflix = { }; }; + vpn = { + enable = true; + wgConf = "/data/.secret/wg.conf"; + }; - users.users.jackflix = { - isNormalUser = true; - home = "/home/jackflix"; - description = "My own netflix"; - hashedPassword = - "$y$j9T$9.hOJCwwmryq3PzEOGtjZ.$hu/76TghEjongcbls7oDoN2GWRqg8AwCknq.CS0zB.8"; - extraGroups = [ "docker" "jackflix" ]; + jellyfin = { + enable = true; + expose.https = { + enable = true; + domainName = "media.anotherhadi.com"; + acmeMail = config.var.git.email; # Required for ACME-bot + }; + }; + + transmission = { + enable = true; + vpn.enable = true; + peerPort = 50000; + }; + + bazarr.enable = true; + lidarr.enable = true; + prowlarr.enable = true; + radarr.enable = true; + readarr.enable = true; + sonarr.enable = true; }; } diff --git a/hosts/server/modules/jackflix/defaultjackflix.nix b/hosts/server/modules/jackflix/defaultjackflix.nix new file mode 100644 index 0000000..9f59301 --- /dev/null +++ b/hosts/server/modules/jackflix/defaultjackflix.nix @@ -0,0 +1,21 @@ +# { +# imports = [ +# ./jellyfin.nix +# # ./jellyseerr.nix +# # ./prowlarr.nix +# # ./radarr.nix +# # ./sonarr.nix +# # ./transmission.nix +# ]; +# +# users.groups = { jackflix = { }; }; +# +# users.users.jackflix = { +# isNormalUser = true; +# home = "/home/jackflix"; +# description = "My own netflix"; +# hashedPassword = +# "$y$j9T$9.hOJCwwmryq3PzEOGtjZ.$hu/76TghEjongcbls7oDoN2GWRqg8AwCknq.CS0zB.8"; +# extraGroups = [ "docker" "jackflix" ]; +# }; +# } diff --git a/hosts/server/secrets/default.nix b/hosts/server/secrets/default.nix index 61a5b70..66be226 100644 --- a/hosts/server/secrets/default.nix +++ b/hosts/server/secrets/default.nix @@ -29,6 +29,10 @@ mode = "0755"; path = "/home/jackflix/transmission-script.sh"; }; + pia-wg = { + mode = "0755"; + path = "/data/.secret/wg.conf"; + }; }; }; } diff --git a/hosts/server/secrets/secrets.yaml b/hosts/server/secrets/secrets.yaml index 1427bb7..69db833 100644 --- a/hosts/server/secrets/secrets.yaml +++ b/hosts/server/secrets/secrets.yaml @@ -4,6 +4,7 @@ nextcloud-adminpass: ENC[AES256_GCM,data:skcJhRBDDAIqdrUkylqntJE7ErG+4jWAcw==,iv cloudflare-apitoken: ENC[AES256_GCM,data:VVMa84UpCFcUSFVdnBt4mVTnm5rGDJBtw0nEm6584mDcVT35Ycc8LyhHJofQRNQQPviDKgmjgt9Tv7ZgRg==,iv:fVC2cWfveeACJ0x+weKzv0bQZGucfwZi5rq2RiDJgsY=,tag:uCN/IKaFbqQaDoA+M704sw==,type:str] tailscaled-authKey: ENC[AES256_GCM,data:wIFPKLoD2BDgBjBmOSx2a5okN8BWFdEqApXD4QeVA9uxXBSBhfPu+57dh4O0gTH77n0RgbhxJ/TCorTtNg==,iv:ue/MeYAhUcG69p2Vw5drGdGxkRC8ofzzE910nZd2JKk=,tag:xKjlIpi8WHWT57ryWtUnlg==,type:str] transmission-script: ENC[AES256_GCM,data:y2PrLejPQS+jmgWGNGmFdM0Z8arXNnoDjAq5xoXOBop/JxM0PqH0+nKvGxaBM0ElQrwGRcWDui3EyscUfgv4iDbm5Uupci8bngl38QN4rxqBQ8u5Cs19wWL3n68pMXfys+zRwkgmqI0ZIalOJH7BSz3Hpgv6DTsqZrqMlKUQyiUCOnGLGhmOUi+IKl9MLWUg1nylPQSejMTD1gXMulRU6NJd9euqJ5tyAJwJO6uH8ZQONZ1P7VlzkI0WEGb5o9T8lEmgC9F8I5+tgcxdaMkC1PAsjYMfw6MDNINmaJCWy4oiXqQZo+NCRaTWKcl4uGEZ3XJTF/DrgE8l3QwWW/+wB3Ldw6hqsPjnvNGrHVgFSjBj7N29naw39CKsaX1kWprUPu7ZGwBQ9vERderAT3EDfbWcYR3XgtNm+sACilcfO3R4/d08pQ9J4JYzm9aCuTtzeYHelzBL1qHyrfzYB4fpSOn3AXwTCK2P1gRcXfGE6PNcLjNmrEtadV+2D0wRWwfDFYHyf6LJ6vtoeSH6epjsQ8IU+5fzLst4mUqO61UXXY73XM+y9WCMnLhOqZmDvGizxmhnB1h0i+TuIBeOxonOfHo=,iv:LeZJRkbxv1uPUMzamCeLiopIuZg43ZUdLxjrJpqqiPg=,tag:DeR5JifDAawKU9a10eOZIg==,type:str] +pia-wg: ENC[AES256_GCM,data:zJuAQa5joQUwMppaffHTbmLS7y+c3usOjjNpSGSMolGVIp81mr+5ccqLOqtb1Ox0L1/VdIJifRCSk/WGZYXVN2yLb4Ndw6vbRzrLwML3lFfOC4p2zDVraJIkPxSyGA3gb3yvAoNTzhnTyLaZnFdwxAq6bZqlCq/Ey9VVDvMFSssmW8oaWmFJSjtbyhUwnygMsoInmz6MTptAmtmzSuBVuWeFo2VfkT26alkIBtTCN3o3/5xTr5htvsMoyr5B3+ut0t+1FN+k/ntohi/QzxNcWznm2OUOyhV4fkjBxFcDhLiM+eb7gD1ZPFAyXZ2v+XY4+R/OGdwhEfr0+60pIl9gC9ukpVY504r8Cw==,iv:bK5XE7oJh2EIsprEwdtvyVuMfg+opUkC2QkzazejNTI=,tag:dkQFA0PhqXCKeybnTsLdqQ==,type:str] sops: kms: [] gcp_kms: [] @@ -19,8 +20,8 @@ sops: cmVxVC8rVDlWMUdZaGw3bmdOaWZGS1EKYahBlc8XpB5UdKZQkvxbLcKQ/xkFJjWo FSfQWnjhe/a7BJtJEcKZkjOQU0mYqlSu+uT2RA9diCQeRUJPRF+nAw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-22T13:56:40Z" - mac: ENC[AES256_GCM,data:5fNbX99wWEJUSe+4nBlM6qOKGalETJ8b2fkfEghxbFhg9D67mWHs4y43pQ3/Kh3WSdD2vleSCQNzMDC0jQUdrSZCtJd8lnt/Qr46LmZuEfMM3zLnDf3VdKGiARxsKqXwY9XVn81gVONUYRAQ2XnPUQQR6dbYvT4wMcb6cPFWFy4=,iv:LfBWBB08wlJ6xYfHbm9rP4FYllR1ho/SN5BAFqPXVZY=,tag:og+bp9a/EuQvwFu5yokZMw==,type:str] + lastmodified: "2024-08-22T14:24:48Z" + mac: ENC[AES256_GCM,data:Vv11EUsEpYUKhFuHWzG2u1EuEr43F+SMo+SZESExYVEqdlcX/nAsVkxdOAz9eQ57wpiFYjiA27HQo1uMykeGyp49GBlyvzeUCADpQIzYoFsq+OFbJlgtw2lGaupoTxQ6xeFeqGjA4HL6J6AeKA0uMpW/KHKzy9kQn2MF26iLJ6E=,iv:9LQQguiKdMsbTlTYLkzxW0fQXQAo9MdYvtekXCqFrR0=,tag:QnqknGnGoGTAQ3+cJ4XdLw==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0