noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

aaaa

Browse source
This commit is contained in:
41666 2025-01-07 01:03:44 -08:00
parent de16652855
commit 3433afa69c
7 changed files with 125 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/base.nix
View file

@ -42,7 +42,7 @@
services.openssh.enable = lib.mkDefault true; services.openssh.enable = lib.mkDefault true;
documentation.man.generateCaches = lib.mkForce false;
nixpkgs = { nixpkgs = {
overlays = [ overlays = [

2
nixos/hosts/pihole/default.nix
View file

@ -27,7 +27,7 @@
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
pihole = { pihole = {
image = "registry-1.docker.io/pihole/pihole"; image = "docker.io/pihole/pihole";
ports = [ ports = [
"53:53/tcp" "53:53/tcp"
"53:53/udp" "53:53/udp"

38
nixos/hosts/seedbox/arr.nix Normal file
View file

@ -0,0 +1,38 @@
{ config, ... }: {
nixpkgs.config.permittedInsecurePackages = [
"aspnetcore-runtime-6.0.36"
"aspnetcore-runtime-wrapped-6.0.36"
"dotnet-sdk-6.0.428"
"dotnet-sdk-wrapped-6.0.428"
];
users.groups.data = {
gid = 1069;
};
users.users.data = {
uid = 1069;
isNormalUser = true;
group = "data";
};
internal.nas0.mountGid = config.users.groups.data.gid;
internal.nas0.mountUid = config.users.users.data.uid;
services.lidarr.enable = true;
services.lidarr.user = "data";
services.lidarr.group = "data";
services.sonarr.enable = true;
services.sonarr.user = "data";
services.sonarr.group = "data";
services.radarr.enable = true;
services.radarr.user = "data";
services.radarr.group = "data";
services.prowlarr.enable = true;
systemd.units.radarr.upheldBy = ["mnt-nas0.mount"];
systemd.units.lidarr.upheldBy = ["mnt-nas0.mount"];
systemd.units.sonarr.upheldBy = ["mnt-nas0.mount"];
}

39
nixos/hosts/seedbox/default.nix
View file

@ -6,6 +6,10 @@
../../features/nas0.nix ../../features/nas0.nix
../../features/podman.nix ../../features/podman.nix
../../features/telemetry/transmission.nix ../../features/telemetry/transmission.nix
./transmission.nix
./arr.nix
./nginx.nix
]; ];
networking.hostName = "seedbox"; networking.hostName = "seedbox";
@ -14,39 +18,4 @@
internal.nas0.useSMB = true; internal.nas0.useSMB = true;
internal.nas0.lazyMount = false; internal.nas0.lazyMount = false;
sops.secrets.protonvpn_username = {};
sops.secrets.protonvpn_password = {};
sops.templates."transmission.env" = {
content = ''
OPENVPN_PROVIDER=PROTONVPN
OPENVPN_CONFIG=mx.protonvpn.udp
OPENVPN_USERNAME=${config.sops.placeholder.protonvpn_username}+pmp
OPENVPN_PASSWORD=${config.sops.placeholder.protonvpn_password}
LOCAL_NETWORK=100.64.0.0/10
'';
};
virtualisation.oci-containers.containers = {
torrenty = {
image = "docker.io/haugene/transmission-openvpn";
ports = [ "9091:9091" ];
environmentFiles = [
config.sops.templates."transmission.env".path
];
volumes = [
"/mnt/nas0/public/Torrents:/data"
"/mnt/nas0/public/Movies:/Movies"
"/mnt/nas0/public/Anime:/Anime"
"/mnt/nas0/public/AnimeMovies:/AnimeMovies"
"/mnt/nas0/public/Shows:/Shows"
"config:/config"
];
extraOptions = [
"--privileged"
];
autoStart = true;
};
};
} }

33
nixos/hosts/seedbox/nginx.nix Normal file
View file

@ -0,0 +1,33 @@
{ lib, pkgs, ... }: {
services.nginx = {
enable = true;
recommendedBrotliSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedZstdSettings = true;
virtualHosts."seedbox.hoki-porgy.ts.net" = {
listen = [
{ addr = "0.0.0.0"; port = 80; }
{ addr = "[::]"; port = 80; }
];
serverAliases = ["seedbox"];
locations = let commonProxy = port: {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://127.0.0.1:${toString port}";
}; in {
"^~ /prowlarr" = commonProxy 9696;
"^~ /lidarr" = commonProxy 8686;
"^~ /radarr" = commonProxy 7878;
"^~ /sonarr" = commonProxy 8989;
"/transmission" = commonProxy 9091;
"/" = {
root = ./www;
index = "index.html";
};
};
};
};
}

39
nixos/hosts/seedbox/transmission.nix Normal file
View file

@ -0,0 +1,39 @@
{ config, ... }: {
sops.secrets.protonvpn_username = {};
sops.secrets.protonvpn_password = {};
sops.templates."transmission.env" = {
content = ''
OPENVPN_PROVIDER=PROTONVPN
OPENVPN_CONFIG=mx.protonvpn.udp
OPENVPN_USERNAME=${config.sops.placeholder.protonvpn_username}+pmp
OPENVPN_PASSWORD=${config.sops.placeholder.protonvpn_password}
LOCAL_NETWORK=100.64.0.0/10
'';
};
virtualisation.oci-containers.containers = {
torrenty = {
image = "docker.io/haugene/transmission-openvpn";
ports = [ "9091:9091" ];
environmentFiles = [
config.sops.templates."transmission.env".path
];
volumes = [
"/mnt/nas0/public/Torrents:/data"
"/mnt/nas0/public/Movies:/Movies"
"/mnt/nas0/public/Anime:/Anime"
"/mnt/nas0/public/AnimeMovies:/AnimeMovies"
"/mnt/nas0/public/Shows:/Shows"
"config:/config"
];
extraOptions = [
"--privileged"
];
autoStart = true;
};
};
systemd.units.podman-torrenty.upheldBy = ["mnt-nas0.mount"];
systemd.units.podman-torrenty.enable = true;
}

9
nixos/hosts/seedbox/www/index.html Normal file
View file

@ -0,0 +1,9 @@
<!DOCTYPE html>
<p>user: foxfox</p>
<ul>
<li><a href="/prowlarr">prowlarr</a> (trackers)</li>
<li><a href="/lidarr">lidarr</a> (music)</li>
<li><a href="/radarr">radarr</a> (movies)</li>
<li><a href="/sonarr">sonarr</a> (shows)</li>
<li><a href="/transmission">transmission</a> (torrent client)</li>
</ul>