diff --git a/nixos/base.nix b/nixos/base.nix
index 67b12df..7166bc4 100644
--- a/nixos/base.nix
+++ b/nixos/base.nix
@@ -42,7 +42,7 @@
services.openssh.enable = lib.mkDefault true;
-
+ documentation.man.generateCaches = lib.mkForce false;
nixpkgs = {
overlays = [
diff --git a/nixos/hosts/pihole/default.nix b/nixos/hosts/pihole/default.nix
index 63f6e4f..88e714e 100644
--- a/nixos/hosts/pihole/default.nix
+++ b/nixos/hosts/pihole/default.nix
@@ -27,7 +27,7 @@
virtualisation.oci-containers.containers = {
pihole = {
- image = "registry-1.docker.io/pihole/pihole";
+ image = "docker.io/pihole/pihole";
ports = [
"53:53/tcp"
"53:53/udp"
diff --git a/nixos/hosts/seedbox/arr.nix b/nixos/hosts/seedbox/arr.nix
new file mode 100644
index 0000000..2732056
--- /dev/null
+++ b/nixos/hosts/seedbox/arr.nix
@@ -0,0 +1,38 @@
+{ config, ... }: {
+ nixpkgs.config.permittedInsecurePackages = [
+ "aspnetcore-runtime-6.0.36"
+ "aspnetcore-runtime-wrapped-6.0.36"
+ "dotnet-sdk-6.0.428"
+ "dotnet-sdk-wrapped-6.0.428"
+ ];
+
+ users.groups.data = {
+ gid = 1069;
+ };
+ users.users.data = {
+ uid = 1069;
+ isNormalUser = true;
+ group = "data";
+ };
+
+ internal.nas0.mountGid = config.users.groups.data.gid;
+ internal.nas0.mountUid = config.users.users.data.uid;
+
+ services.lidarr.enable = true;
+ services.lidarr.user = "data";
+ services.lidarr.group = "data";
+
+ services.sonarr.enable = true;
+ services.sonarr.user = "data";
+ services.sonarr.group = "data";
+
+ services.radarr.enable = true;
+ services.radarr.user = "data";
+ services.radarr.group = "data";
+
+ services.prowlarr.enable = true;
+
+ systemd.units.radarr.upheldBy = ["mnt-nas0.mount"];
+ systemd.units.lidarr.upheldBy = ["mnt-nas0.mount"];
+ systemd.units.sonarr.upheldBy = ["mnt-nas0.mount"];
+}
diff --git a/nixos/hosts/seedbox/default.nix b/nixos/hosts/seedbox/default.nix
index ad3d44f..eb72d02 100644
--- a/nixos/hosts/seedbox/default.nix
+++ b/nixos/hosts/seedbox/default.nix
@@ -6,6 +6,10 @@
../../features/nas0.nix
../../features/podman.nix
../../features/telemetry/transmission.nix
+
+ ./transmission.nix
+ ./arr.nix
+ ./nginx.nix
];
networking.hostName = "seedbox";
@@ -14,39 +18,4 @@
internal.nas0.useSMB = true;
internal.nas0.lazyMount = false;
-
- sops.secrets.protonvpn_username = {};
- sops.secrets.protonvpn_password = {};
-
- sops.templates."transmission.env" = {
- content = ''
-OPENVPN_PROVIDER=PROTONVPN
-OPENVPN_CONFIG=mx.protonvpn.udp
-OPENVPN_USERNAME=${config.sops.placeholder.protonvpn_username}+pmp
-OPENVPN_PASSWORD=${config.sops.placeholder.protonvpn_password}
-LOCAL_NETWORK=100.64.0.0/10
-'';
- };
-
- virtualisation.oci-containers.containers = {
- torrenty = {
- image = "docker.io/haugene/transmission-openvpn";
- ports = [ "9091:9091" ];
- environmentFiles = [
- config.sops.templates."transmission.env".path
- ];
- volumes = [
- "/mnt/nas0/public/Torrents:/data"
- "/mnt/nas0/public/Movies:/Movies"
- "/mnt/nas0/public/Anime:/Anime"
- "/mnt/nas0/public/AnimeMovies:/AnimeMovies"
- "/mnt/nas0/public/Shows:/Shows"
- "config:/config"
- ];
- extraOptions = [
- "--privileged"
- ];
- autoStart = true;
- };
- };
}
diff --git a/nixos/hosts/seedbox/nginx.nix b/nixos/hosts/seedbox/nginx.nix
new file mode 100644
index 0000000..f978daa
--- /dev/null
+++ b/nixos/hosts/seedbox/nginx.nix
@@ -0,0 +1,33 @@
+{ lib, pkgs, ... }: {
+ services.nginx = {
+ enable = true;
+ recommendedBrotliSettings = true;
+ recommendedGzipSettings = true;
+ recommendedOptimisation = true;
+ recommendedZstdSettings = true;
+
+ virtualHosts."seedbox.hoki-porgy.ts.net" = {
+ listen = [
+ { addr = "0.0.0.0"; port = 80; }
+ { addr = "[::]"; port = 80; }
+ ];
+ serverAliases = ["seedbox"];
+
+ locations = let commonProxy = port: {
+ recommendedProxySettings = true;
+ proxyWebsockets = true;
+ proxyPass = "http://127.0.0.1:${toString port}";
+ }; in {
+ "^~ /prowlarr" = commonProxy 9696;
+ "^~ /lidarr" = commonProxy 8686;
+ "^~ /radarr" = commonProxy 7878;
+ "^~ /sonarr" = commonProxy 8989;
+ "/transmission" = commonProxy 9091;
+ "/" = {
+ root = ./www;
+ index = "index.html";
+ };
+ };
+ };
+ };
+}
diff --git a/nixos/hosts/seedbox/transmission.nix b/nixos/hosts/seedbox/transmission.nix
new file mode 100644
index 0000000..ea7f163
--- /dev/null
+++ b/nixos/hosts/seedbox/transmission.nix
@@ -0,0 +1,39 @@
+{ config, ... }: {
+ sops.secrets.protonvpn_username = {};
+ sops.secrets.protonvpn_password = {};
+
+ sops.templates."transmission.env" = {
+ content = ''
+OPENVPN_PROVIDER=PROTONVPN
+OPENVPN_CONFIG=mx.protonvpn.udp
+OPENVPN_USERNAME=${config.sops.placeholder.protonvpn_username}+pmp
+OPENVPN_PASSWORD=${config.sops.placeholder.protonvpn_password}
+LOCAL_NETWORK=100.64.0.0/10
+'';
+ };
+
+ virtualisation.oci-containers.containers = {
+ torrenty = {
+ image = "docker.io/haugene/transmission-openvpn";
+ ports = [ "9091:9091" ];
+ environmentFiles = [
+ config.sops.templates."transmission.env".path
+ ];
+ volumes = [
+ "/mnt/nas0/public/Torrents:/data"
+ "/mnt/nas0/public/Movies:/Movies"
+ "/mnt/nas0/public/Anime:/Anime"
+ "/mnt/nas0/public/AnimeMovies:/AnimeMovies"
+ "/mnt/nas0/public/Shows:/Shows"
+ "config:/config"
+ ];
+ extraOptions = [
+ "--privileged"
+ ];
+ autoStart = true;
+ };
+ };
+
+ systemd.units.podman-torrenty.upheldBy = ["mnt-nas0.mount"];
+ systemd.units.podman-torrenty.enable = true;
+}
diff --git a/nixos/hosts/seedbox/www/index.html b/nixos/hosts/seedbox/www/index.html
new file mode 100644
index 0000000..c848db8
--- /dev/null
+++ b/nixos/hosts/seedbox/www/index.html
@@ -0,0 +1,9 @@
+
+user: foxfox
+