dwef

flake.lock

@@ -7,11 +7,11 @@
         "rust-overlay": "rust-overlay"
       },
       "locked": {
-        "lastModified": 1733377410,
-        "narHash": "sha256-tZ9JEAaHIs3TPdRZeZzHsnJmUilkcnVaUTvyprbRb1A=",
+        "lastModified": 1735172763,
+        "narHash": "sha256-a6n8RsiAolz6p24Fsr/gTndx9xr9USpKqKK6kzBeXQc=",
         "owner": "tpwrules",
         "repo": "nixos-apple-silicon",
-        "rev": "e8c07c3ae199b55a8c1c35a7c067c5cef9c7e929",
+        "rev": "3daf0637409689d7a1304cedc50d20542bc47905",
         "type": "github"
       },
       "original": {
@@ -308,11 +308,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734425854,
-        "narHash": "sha256-nzE5UbJ41aPEKf8R2ZFYtLkqPmF7EIUbNEdHMBLg0Ig=",
+        "lastModified": 1734797603,
+        "narHash": "sha256-ulZN7ps8nBV31SE+dwkDvKIzvN6hroRY8sYOT0w+E28=",
         "owner": "cachix",
         "repo": "git-hooks.nix",
-        "rev": "0ddd26d0925f618c3a5d85a4fa5eb1e23a09491d",
+        "rev": "f0f0dc4920a903c3e08f5bdb9246bb572fcae498",
         "type": "github"
       },
       "original": {
@@ -350,11 +350,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734821669,
-        "narHash": "sha256-F7Z2tIJsUEhErpK0sGMep4xG/eTVuK2eBpvgh3cS2H8=",
+        "lastModified": 1735381016,
+        "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "51160a097a850839b7eae7ef08d0d3e7e353dfc3",
+        "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2",
         "type": "github"
       },
       "original": {
@@ -371,11 +371,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1734622215,
-        "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=",
+        "lastModified": 1734862405,
+        "narHash": "sha256-bXZJvUMJ2A6sIpYcCUAGjYCD5UDzmpmQCdmJSkPhleU=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be",
+        "rev": "cb27edb5221d2f2920a03155f8becc502cf60e35",
         "type": "github"
       },
       "original": {
@@ -556,11 +556,11 @@
     },
     "nixlib": {
       "locked": {
-        "lastModified": 1734224914,
-        "narHash": "sha256-hKWALzQ/RxxXdKWsLKXULru6XTag9Cc5exgVyS4a/AE=",
+        "lastModified": 1734829460,
+        "narHash": "sha256-dPhc+f2wkmhMqMIfq+hColJdysgVxKP9ilZ5bR0NRZI=",
         "owner": "nix-community",
         "repo": "nixpkgs.lib",
-        "rev": "538697b664a64fade8ce628d01f35d1f1fd82d77",
+        "rev": "0a31e8d833173ae63e43fd9dbff1ccf09c4f778c",
         "type": "github"
       },
       "original": {
@@ -575,11 +575,11 @@
         "nixpkgs": "nixpkgs_3"
       },
       "locked": {
-        "lastModified": 1734570415,
-        "narHash": "sha256-kcsDNcEr4hYuDc8l+ox41FvEPpmQTV3/3hgdx3tuxHw=",
+        "lastModified": 1734915500,
+        "narHash": "sha256-A7CTIQ8SW0hfbhKlwK+vSsu4pD+Oaelw3v6goX6go+U=",
         "owner": "nix-community",
         "repo": "nixos-generators",
-        "rev": "b8f266f26bb757e7aec18adeee6919db6666c4f6",
+        "rev": "051d1b2dda3b2e81b38d82e2b691e5c2f4d335f4",
         "type": "github"
       },
       "original": {
@@ -588,13 +588,29 @@
         "type": "github"
       }
     },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1735388221,
+        "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=",
+        "owner": "nixos",
+        "repo": "nixos-hardware",
+        "rev": "7c674c6734f61157e321db595dbfcd8523e04e19",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "master",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1733212471,
-        "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=",
+        "lastModified": 1734649271,
+        "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776",
+        "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
         "type": "github"
       },
       "original": {
@@ -682,11 +698,11 @@
     },
     "nixpkgs-unstable": {
       "locked": {
-        "lastModified": 1734649271,
-        "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
+        "lastModified": 1735471104,
+        "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
+        "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
         "type": "github"
       },
       "original": {
@@ -730,11 +746,11 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1734649271,
-        "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=",
+        "lastModified": 1735471104,
+        "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507",
+        "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
         "type": "github"
       },
       "original": {
@@ -775,11 +791,11 @@
         "treefmt-nix": "treefmt-nix"
       },
       "locked": {
-        "lastModified": 1734798432,
-        "narHash": "sha256-JVU+WjrRZUJnUKQ/iXP9O8eQ0L3YkqV1DpFMS4kLZog=",
+        "lastModified": 1735378670,
+        "narHash": "sha256-A8aQA+YhJfA8mUpzXOZdlXNnKiZg2EcpCn1srgtBjTs=",
         "owner": "nix-community",
         "repo": "nixvim",
-        "rev": "6a4b4221c4ebf1140f73f8df769e97f1828d90fa",
+        "rev": "f4b0b81ef9eb4e37e75f32caf1f02d5501594811",
         "type": "github"
       },
       "original": {
@@ -892,6 +908,7 @@
         "linger": "linger",
         "lix-module": "lix-module",
         "nixos-generators": "nixos-generators",
+        "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs_4",
         "nixpkgs-stable": "nixpkgs-stable",
         "nixpkgs-unstable": "nixpkgs-unstable",
@@ -946,11 +963,11 @@
         "nixpkgs": "nixpkgs_5"
       },
       "locked": {
-        "lastModified": 1734546875,
-        "narHash": "sha256-6OvJbqQ6qPpNw3CA+W8Myo5aaLhIJY/nNFDk3zMXLfM=",
+        "lastModified": 1735468296,
+        "narHash": "sha256-ZjUjbvS06jf4fElOF4ve8EHjbpbRVHHypStoY8HGzk8=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "ed091321f4dd88afc28b5b4456e0a15bd8374b4d",
+        "rev": "bcb8b65aa596866eb7e5c3e1a6cccbf5d1560b27",
         "type": "github"
       },
       "original": {

flake.nix

@@ -33,6 +33,7 @@
 
     # Pro gamer move
     nixos-generators.url = "github:nix-community/nixos-generators";
+    nixos-hardware.url = "github:nixos/nixos-hardware/master";
     flake-utils.url = "github:numtide/flake-utils";
 
     # Iceshrimpy
@@ -133,6 +134,14 @@
             ];
             format = "proxmox-lxc";
           };
+
+          rpi-streambox = inputs.nixos-generators.nixosGenerate {
+            inherit system pkgs;
+            modules = [
+              ./nixos/hosts/streambox
+            ];
+            format = "sd-aarch64";
+          };
         }
       );
       
@@ -176,6 +185,7 @@
         sapphic-engineer = mkNixos [ ./nixos/hosts/sapphic-engineer ]; # Akkoma, sapphic.engineer
         seedbox = mkNixos [ ./nixos/hosts/seedbox ]; # fuck
         static-sites = mkNixos [ ./nixos/hosts/static-sites ]; # nginx specifically for static sites
+        streambox = mkNixos [ ./nixos/hosts/streambox ]; # lil rpi
         thonkpad = mkNixos [ ./nixos/hosts/thonkpad ]; # t480
         ts3 = mkNixos [ ./nixos/hosts/ts3 ]; # Teamspeak-san
       };

home-manager/features/retroarch.nix

@@ -0,0 +1,15 @@
+{ pkgs, ... }: {
+  home.packages = [
+    (pkgs.retroarch.withCores (
+      cores: with cores; [
+        pcsx2
+        ppsspp
+        snes9x
+        dolphin
+        mupen64plus
+        desmume
+        vba-m
+      ]
+    ))
+  ];
+}

home-manager/noe/hosts/aerial.nix

@@ -5,6 +5,7 @@
 
     ../../features/kitty.nix
     ../../features/vesktop
+    ../../features/retroarch.nix
   ];
 
   home.packages = with pkgs; let
@@ -31,6 +32,8 @@
     senpai
     # master.pokemmo-installer
     jq
+    plexamp
+    plex-media-player
   ];
 
   programs.vscode = {

home-manager/noe/hosts/streambox.nix

@@ -0,0 +1,17 @@
+{ pkgs, ... }: {
+  imports = [
+    ../common
+    ../common/home-user.nix
+
+    ../../features/kitty.nix
+  ];
+
+  home.packages = with pkgs; [
+    spotify
+    vlc
+    plexamp
+    plex-media-player
+  ];
+
+  programs.kitty.settings.font_size = 12;
+}

home-manager/noe/hosts/unicorn.nix

@@ -0,0 +1,30 @@
+{ pkgs, ... }: {
+  imports = [
+    ../common
+    ../common/home-user.nix
+
+    ../../features/kitty.nix
+    ../../features/vesktop
+    ../../features/retroarch.nix
+  ];
+
+  home.packages = with pkgs; [
+    spotify
+    teamspeak_client
+    vlc
+    helvum
+    tenacity
+    gimp
+    krita
+    jq
+    plexamp
+    plex-media-player
+  ];
+
+  programs.vscode = {
+    enable = true;
+    package = pkgs.vscode.fhs;
+  };
+
+  programs.kitty.settings.font_size = 12;
+}

modules/nixos/default.nix

@@ -1,3 +1,4 @@
 {
-
+  transmission-exporter = import ./transmission-exporter.nix;
+  plex-exporter = import ./plex-exporter.nix;
 }

modules/nixos/plex-exporter.nix

@@ -0,0 +1,34 @@
+{ config, pkgs, lib, ... }: let 
+  cfg = config.services.plex-exporter; 
+in {
+  options.services.plex-exporter = {
+    enable = lib.mkEnableOption "enables plex exporter";
+
+    configFile = lib.mkOption {
+      type = lib.types.path;
+      default = "http://localhost:32400";
+    };
+
+    listenAddress = lib.mkOption {
+      type = lib.types.str;
+      default = ":9594";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.plex-exporter = {
+      enable = true;
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      description = "Plex exporter for Prometheus";
+      serviceConfig = {
+        Type = "simple";
+        User = "nobody";
+        Group = "nobody";
+        Restart = "always";
+        ExecStart = "${pkgs.local-pkgs.plex-exporter}/bin/plex_exporter --listen-address ${cfg.listenAddress} --config-path ${cfg.configFile}";
+        RuntimeDirectory = "plex-exporter";
+      };
+    };
+  };
+}

modules/nixos/transmission-exporter.nix

@@ -0,0 +1,61 @@
+{ config, pkgs, lib, ... }: let 
+  cfg = config.services.transmission-exporter; 
+in {
+  options.services.transmission-exporter = {
+    enable = lib.mkEnableOption "enables transmission exporter";
+
+    web_path = lib.mkOption {
+      type = lib.types.str;
+      default = "/metrics";
+      description = "Path for metrics";
+    };
+
+    web_addr = lib.mkOption {
+      type = lib.types.str;
+      default = ":19091";
+      description = "Address for this exporter to run";
+    };
+
+    transmission_addr = lib.mkOption {
+      type = lib.types.str;
+      default = "http://localhost:9091";
+      description = "Transmission address to connect with";
+    };
+
+    transmission_username = lib.mkOption {
+      type = lib.types.str;
+      default = "";
+      description = "Transmission username";
+    };
+
+    transmission_password = lib.mkOption {
+      type = lib.types.str;
+      default = "";
+      description = "Transmission password";
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.transmission-exporter = {
+      enable = true;
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      description = "Transmission exporter for Prometheus";
+      environment = {
+        WEB_PATH = cfg.web_path;
+        WEB_ADDR = cfg.web_addr;
+        TRANSMISSION_ADDR = cfg.transmission_addr;
+        TRANSMISSION_USERNAME = cfg.transmission_username;
+        TRANSMISSION_PASSWORD = cfg.transmission_password;
+      };
+      serviceConfig = {
+        Type = "simple";
+        User = "nobody";
+        Group = "nobody";
+        Restart = "always";
+        ExecStart = "${pkgs.local-pkgs.transmission-exporter}/bin/transmission-exporter";
+        RuntimeDirectory = "transmission-exporter";
+      };
+    };
+  };
+}

nixos/client-lite.nix

@@ -0,0 +1,29 @@
+{ pkgs, lib, ... }: {
+  imports = [
+    ./base.nix
+    ./features/fonts.nix
+  ];
+
+  environment.systemPackages = with pkgs; [
+    firefox
+    curl
+    btop
+    htop
+    fastfetch
+    xclip
+  ];
+
+  programs.neovim = {
+    enable = true;
+    defaultEditor = true;
+    viAlias = true;
+    vimAlias = true;
+  };
+
+  networking.nameservers = lib.mkForce [
+    #"100.80.255.88"
+    "10.100.69.69"
+  ];
+
+  time.timeZone = "America/Los_Angeles";
+}

nixos/client.nix

@@ -1,34 +1,10 @@
 { pkgs, lib, ... }: {
   imports = [
-    ./base.nix
-    ./features/fonts.nix
+    ./client-lite.nix
   ];
 
   boot.loader.systemd-boot.enable = lib.mkDefault true;
   boot.loader.efi.canTouchEfiVariables = lib.mkDefault true;
 
   boot.kernelPackages = lib.mkDefault pkgs.unstable.linuxPackages_zen;
-
-  environment.systemPackages = with pkgs; [
-    firefox
-    curl
-    btop
-    htop
-    fastfetch
-    xclip
-  ];
-
-  programs.neovim = {
-    enable = true;
-    defaultEditor = true;
-    viAlias = true;
-    vimAlias = true;
-  };
-
-  networking.nameservers = lib.mkForce [
-    #"100.80.255.88"
-    "10.100.69.69"
-  ];
-
-  time.timeZone = "America/Los_Angeles";
 }

nixos/features/nas0.nix

@@ -37,7 +37,7 @@ in {
     };
 
     fileSystems."/mnt/nas0" = let
-      automount_opts = if cfg.lazyMount then "x-systemd.automount,noauto,x-systemd.idle-timeout=60" else "";
+      automount_opts = if cfg.lazyMount then "x-systemd.automount,noauto,x-systemd.idle-timeout=60" else "x-systemd.automount,auto";
     in {
       device = if cfg.useSMB then "//nas0.hoki-porgy.ts.net/main/" else "nas0.hoki-porgy.ts.net:/storage";
       fsType = if cfg.useSMB then "cifs" else "nfs";

nixos/features/telemetry/nginx.nix

@@ -16,7 +16,7 @@
     };
   };
 
-  services.nginx.commonHttpConfig = ''
+  services.nginx.commonHttpConfig = config.services.nginx.commonHttpConfig + ''
     log_format combined2 "$server_name: $remote_addr - $remote_user [$time_local] \"$request\" $status $body_bytes_sent \"$http_referer\" \"$http_user_agent\" \"$http_x_forwarded_for\"";
     access_log /var/log/nginx/access.log combined2;
   '';

nixos/features/telemetry/plex.nix

@@ -0,0 +1,30 @@
+{ outputs, lib, config, ... }: {
+  imports = [
+    outputs.nixosModules.plex-exporter
+  ];
+
+  sops.secrets.plex_token = {
+    sopsFile = ../../../secrets/plex/default.yaml;
+  };
+
+  sops.templates."plex-exporter-config.yaml" = {
+    content = lib.strings.toJSON {
+      token = config.sops.placeholder.plex_token;
+      servers = [
+        {
+          baseUrl = "https://localhost:32400";
+          insecure = true;
+        }
+      ];
+    };
+    owner = "nobody";
+  };
+
+  services.plex-exporter = {
+    enable = true;
+    listenAddress = ":14220";
+    configFile = config.sops.templates."plex-exporter-config.yaml".path;
+  };
+
+  networking.firewall.allowedTCPPorts = [ 14220 ];
+}

nixos/features/telemetry/transmission.nix

@@ -0,0 +1,12 @@
+{ outputs, pkgs, ... }: {
+  imports = [
+    outputs.nixosModules.transmission-exporter
+  ];
+
+  services.transmission-exporter = {
+    enable = true;
+    web_addr = ":14222";
+  };
+
+  networking.firewall.allowedTCPPorts = [ 14222 ];
+}

nixos/hosts/aerial/default.nix

@@ -35,7 +35,9 @@
 
   environment.systemPackages = with pkgs; [
     python3
-  ]; 
+  ];
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
 
   networking.firewall.allowedTCPPorts = [ 42069 8000 ];
   networking.firewall.allowedUDPPorts = [ 42069 ];

nixos/hosts/ingress-proxy/default.nix

@@ -39,6 +39,7 @@ in rec {
       git.servers."${tsHost "git" 3000}" = {};
       staticsites.servers."${tsHost "static-sites" 80}" = {};
       nextcloud.servers."${tsHost "nextcloud" 80}" = {};
+      nas0.servers."${tsHost "nas0" 6969}" = {};
 
       pushps2.servers."push.planetside2.com:443" = {};
     };
@@ -161,6 +162,17 @@ in rec {
         };
       } // defaultConfig;
 
+      "kat.cafe" = {
+        serverAliases = ["dripping.blood.pet"];
+        locations."/" = {
+          extraConfig = "return 302 https://noe.sh;";
+        };
+        locations."/s" = {
+          recommendedProxySettings = true;
+          proxyPass = "http://nas0";
+        };
+      } // defaultConfig;
+
       "sapphic.engineer" = {
         # serverAliases = ["p.sapphic.engineer"];
 

nixos/hosts/monitoring/default.nix

@@ -49,6 +49,9 @@
         node = 14200;
         nginx = 14201;
         pve = 14210;
+        plex = 14220;
+        smb = 14221;
+        transmission = 14222;
       };
     in with ports; [
       (static "aerial" [ node ])
@@ -56,36 +59,20 @@
       (static "dis-sociat-ing" [ node ])
       (static "exit-node" [ node ])
       (static "git" [ node ])
+      (static "hive" [ node pve ])
       (static "ingress-proxy" [ node nginx ])
       (static "monitoring" [ node ])
       (static "mumble" [ node ])
       (static "nas0" [ node ])
       (static "nextcloud" [ node ])
       (static "pihole" [ node ])
-      (static "plex" [ node ])
+      (static "plex" [ node plex ])
       (static "porcelain-doll-repair" [ node ])
       (static "ps2live" [ node ])
       (static "sapphic-engineer" [ node ])
+      (static "seedbox" [ node transmission ])
       (static "static-sites" [ node nginx ])
       (static "ts3" [ node ])
-      {
-        job_name = "pve_node";
-        static_configs = [
-          { targets = [ "10.69.0.1:${builtins.toString node}" ]; }
-        ];
-      }
-      {
-        job_name = "pve_pve";
-        static_configs = [
-          { targets = [ "10.69.0.1:${builtins.toString pve}" ]; }
-        ];
-        metrics_path = "/pve";
-        params = {
-          module = ["default"];
-          cluster = ["1"];
-          node = ["1"];
-        };
-      }
       {
         job_name = "saerro";
         static_configs = [

nixos/hosts/nas0/default.nix

@@ -104,6 +104,14 @@
           autoindex = true;
           auth = "false";
         }
+        {
+          route = [ "/s(/*path)" ];
+          directory = "/mnt/storage/main/public/Share";
+          handler = "filesystem";
+          methods = [ "webdav-ro" ];
+          autoindex = true;
+          auth = "false";
+        }
       ];
     };
   };

nixos/hosts/plex/default.nix

@@ -2,6 +2,7 @@
   imports = [
     ../../templates/proxmox-lxc.nix
     ../../features/nas0.nix
+    ../../features/telemetry/plex.nix
     ../../server.nix
   ];
 

nixos/hosts/seedbox/default.nix

@@ -5,6 +5,7 @@
     ../../features/dns-cache.nix
     ../../features/nas0.nix
     ../../features/podman.nix
+    ../../features/telemetry/transmission.nix
   ];
 
   networking.hostName = "seedbox";
@@ -16,7 +17,6 @@
 
   sops.secrets.protonvpn_username = {};
   sops.secrets.protonvpn_password = {};
-  sops.secrets.protonvpn_ovpn = {};
 
   sops.templates."transmission.env" = {
     content = ''

nixos/hosts/streambox/default.nix

@@ -0,0 +1,23 @@
+{ inputs, lib, ... }: {
+  imports = [
+    inputs.nixos-hardware.nixosModules.raspberry-pi-4
+    ../../client-lite.nix
+    ../../stacks/streambox
+
+    ../../features/plasma6.nix
+    ../../features/sound
+    ../../features/wifi.nix
+    ../../features/tailscale.nix
+    ../../features/bluetooth.nix
+    ../../features/telemetry
+    ../../features/dns-cache.nix
+    ../../features/nas0.nix
+  ];
+
+  home-manager.users.noe = import ../../../home-manager/noe/hosts/streambox.nix;
+
+  networking.hostName = "streambox";
+  system.stateVersion = "25.05"; 
+
+  nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
+}

nixos/hosts/unicorn/default.nix

@@ -0,0 +1,25 @@
+{ pkgs, config, ... }: {
+  imports = [
+    ./hardware-configuration.nix
+    ../../client.nix
+
+    ../../features/plasma6.nix
+    ../../features/tailscale.nix
+    ../../features/sound
+    ../../features/steam.nix
+    ../../features/dns-cache.nix
+    ../../features/podman.nix
+    ../../features/bluetooth.nix
+    ../../features/telemetry
+    ../../features/nas0.nix
+  ];
+
+  home-manager.users.noe = import ../../../home-manager/noe/hosts/unicorn.nix;
+  
+  networking.hostName = "unicorn";
+  system.stateVersion = "25.05";
+
+  internal.nas0.useSMB = true;
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+}

nixos/hosts/unicorn/hardware-configuration.nix

@@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/cf5922bd-3910-4f1b-85b7-422f7c55c856";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/2F38-02AD";
+      fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/ac8abccd-63c7-4e62-9f8b-7baafe85dfb9"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

nixos/stacks/streambox/default.nix

@@ -0,0 +1,4 @@
+# Streambox is usually for RPis! These are lil friends :3
+{ ... }: {
+
+}

pkgs/default.nix

@@ -1,2 +1,4 @@
 { pkgs ? (import ../nixpkgs.nix) { }, ... }: rec {
+  transmission-exporter = import ./transmission-exporter.nix { inherit pkgs; };
+  plex-exporter = import ./plex-exporter.nix { inherit pkgs; };
 }

pkgs/plex-exporter.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }: pkgs.buildGoModule {
+  pname = "plex_exporter";
+  version = "0132160fcf2f41f25a5e18e78392eb324e932c5f";
+
+  vendorHash = null;
+
+  src = pkgs.fetchFromGitHub {
+    owner = "arnarg";
+    repo = "plex_exporter";
+    rev = "0132160fcf2f41f25a5e18e78392eb324e932c5f";
+    sha256 = "sha256-Jg/sQnAVplgag4Mv12pCbSO3v4GwcUUHvEUbF9m2R+Q=";
+  };
+}

pkgs/transmission-exporter.nix

@@ -0,0 +1,13 @@
+{ pkgs, ... }: pkgs.buildGoModule {
+  pname = "transmission-exporter";
+  version = "a7872aa2975c7a95af680c51198f4a363e226c8f";
+
+  vendorHash = "sha256-YhmfrM5iAK0zWcUM7LmbgFnH+k2M/tE+f/QQIQmQlZs=";
+
+  src = pkgs.fetchFromGitHub {
+    owner = "metalmatze";
+    repo = "transmission-exporter";
+    rev = "a7872aa2975c7a95af680c51198f4a363e226c8f";
+    sha256 = "sha256-Ky7eCvC1AqHheqGGOGBNKbtVgg4Y8hDG67gCVlpUwZo=";
+  };
+}

secrets/plex/default.yaml

@@ -0,0 +1,48 @@
+plex_token: ENC[AES256_GCM,data:dtRLjNcObKfUKxo3+lWJ2WEaMw8=,iv:gDknJRsEdie8bMPowkPBjFGU0Eq6x89D/Pby2UWqW68=,tag:aGjJwNHe4LddkPjcCSBmxA==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1lq5q5g5qjsdcc3key0n6qytkc9z3qx3d3e96ap9zre2aqgvc9ujq82l9hd
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNZ2dvcmJwcENVV3lKU0VR
+            SlZNTG01djlab2grejVMM2hUZjlXTlVNLzNVCjNaRVBzOWxHdEJPMVZlRHJHdGtZ
+            MjFic3AyQ3h0R2paOUZza3VCcUk2Vm8KLS0tIC9aMXZIak1CTHNGYVgvMlBLMk8z
+            VHBWSTZpRGNGd2l4cENnZkdMZjYvNXcKa4SlV220IAWDQrj1ARaVvl7X2Rl1sXbU
+            3U8a3qu41QTHWPXjjDKTcJuID/za8hNh42ZJciTNt0lDMxsuoLEA8Q==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age1p0f62dwatt558sf5s4equdqwtg5m7lsnaytrf3xjnvmx3e0lqu4svtugyp
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnSXZIVUx2NWV6Sk1jeEpw
+            UzYyeU81dEFCSmFUNTQwY2ZDZ0Rzb0xQYkJVCldxUmx6SkJyQThqd2UwNmFBT0d4
+            cWFjWkRQd0VtUUkra0czdjZyWURoWmMKLS0tIGY4R0ZWazdaOExxZWxSS2Ira2lB
+            Szh6VkU2NjFFYklkYWdkRUp2ZjVlYVkKdikQfF6FYJAviuz0Nl+hckX6KPsq3TS7
+            vRBbJTPdBP3q9Zl8Gly52VoEsqIkQq5rpBucaQMF+TYM2plwlu2n9w==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age13c5wv623jxjja5mjz7fajg9qqwvypzgsfqrs4tmk7rpgyzu7aufs4ul9f9
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBtMG9TMHNnVGNyYnkybGtR
+            TjJ6ZlAwU3JyREMrcFNFc2NwWi9ma3ZsV0NnCkhOTHA2alY0SmJiU29QMkU3cHQz
+            cFVXcGVZS1lZVW9FRkhRTVdyK21wV2sKLS0tIEk4eHZETHhEaVlpb3lWVktTVlhu
+            SXJTSjhxeTdodTk5QjRlS2thZWdpQzAKZQWiC+YmFBwKjmJsMqMfSjYywThuPhsO
+            /7gMYLtYWtqnaik4YS/HOzTSMR+a8c7x1L01l4H4QzgaBp6W+sqj8g==
+            -----END AGE ENCRYPTED FILE-----
+        - recipient: age16jzuvkchnm53wfl4q0yg93zmg7jmj6rpud79sa6wuljved74hd6qvlw66w
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiSURWRk1URmtvbFBqSFhr
+            azMrS3dDbkxubWFXMVFGWXZ6elpTS2N3NUZVCjd2eWRsTC9MaVBIUzRkd0dGTDJw
+            K1lwMkNIVmVtUHJJTVpuRS9tRE1NclEKLS0tIFp2TlpNMnZXaE9jL3IvNjdrQlFK
+            eHFhZDFmTWtYR2ozaUJnTnZvTm03WVUKmGFmPG8LaLkbpWoaOAr14VtVriXcXo8V
+            0dO+FnP8VmidinLwsN3leNw0ZQwxY1AXvW4NFUDLx/MFbNeu26ScQw==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-12-28T03:24:06Z"
+    mac: ENC[AES256_GCM,data:JONeBRVQRPTjV93LvVynIcqtOsbbr2JUGbw67gUREVjYsghB2Z5LRvroxB3d2cwxwGMP3lvI6H6bIHjAE2xmzhxwwNvFWAdmDtEzWMqnbKE8OLrFrt6sh2cPykUySe3/K8/Q1iuxGnqm3T3pEAq8dBRbTKSPCZdYW8ZvrRsbFDA=,iv:q0Z8/coFMmwwQqPiXYqlT5TclavByThf0QJsiCq6nAE=,tag:OaJTHfgc0ugjkz6JdDInDw==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.9.2