servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Update to raspberry pi stuff

Browse Source
This commit is contained in:
uttarayan21
2025-07-12 20:38:45 +05:30
parent 1c49719787
commit 2981ca1143
23 changed files with 400 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
nixos/tsuba/services/caddy.nix Normal file
View File

@@ -0,0 +1,37 @@
{
config,
pkgs,
...
}: {
sops = {
secrets."hetzner/api_key".owner = config.services.caddy.user;
templates = {
"HETZNER_API_KEY.env".content = ''
HETZNER_API_KEY=${config.sops.placeholder."hetzner/api_key"}
'';
};
};
services = {
caddy = {
enable = true;
extraConfig = ''
(hetzner) {
tls {
propagation_timeout -1
propagation_delay 30s
dns hetzner {env.HETZNER_API_KEY}
}
}
'';
package = pkgs.caddy.withPlugins {
plugins = ["github.com/caddy-dns/hetzner@v1.0.0"];
hash = "sha256-9ea0CfOHG7JhejB73HjfXQpnonn+ZRBqLNz1fFRkcDQ=";
};
};
};
systemd.services.caddy = {
serviceConfig = {
EnvironmentFile = config.sops.templates."HETZNER_API_KEY.env".path;
};
};
}

12
nixos/tsuba/services/default.nix Normal file
View File

@@ -0,0 +1,12 @@
{...}: {
imports = [
./tailscale.nix
./samba.nix
./jellyfin.nix
./caddy.nix
./sonarr.nix
./radarr.nix
./prowlarr.nix
./deluge.nix
];
}

11
nixos/tsuba/services/deluge.nix Normal file
View File

@@ -0,0 +1,11 @@
{...}: {
services = {
deluge.enable = true;
caddy = {
virtualHosts."deluge.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:8112
'';
};
};
}

11
nixos/tsuba/services/jellyfin.nix Normal file
View File

@@ -0,0 +1,11 @@
{...}: {
services = {
# jellyfin.enable = true;
jellyseerr.enable = true;
caddy = {
virtualHosts."jellyfin.tsuba.darksailor.dev".extraConfig = ''
reverse_proxy localhost:8096
'';
};
};
}

11
nixos/tsuba/services/prowlarr.nix Normal file
View File

@@ -0,0 +1,11 @@
{...}: {
services = {
prowlarr.enable = true;
caddy = {
virtualHosts."prowlarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:9696
'';
};
};
}

11
nixos/tsuba/services/radarr.nix Normal file
View File

@@ -0,0 +1,11 @@
{...}: {
services = {
radarr.enable = true;
caddy = {
virtualHosts."radarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:7878
'';
};
};
}

38
nixos/tsuba/services/samba.nix Normal file
View File

@@ -0,0 +1,38 @@
{...}: {
services = {
samba = {
enable = true;
openFirewall = true;
settings = {
global = {
"workgroup" = "WORKGROUP";
"server string" = "tsuba";
"netbios name" = "tsuba";
"security" = "user";
# "hosts allow" = "192.168.0. 127.0.0.1 localhost ";
# "hosts deny" = "0.0.0.0/0";
"guest account" = "nobody";
"map to guest" = "bad user";
"min protocol" = "SMB2";
"max protocol" = "SMB3";
};
nas = {
"path" = "/volumes/media";
"browseable" = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
# "force user" = "username";
# "force group" = "groupname";
};
};
};
samba-wsdd = {
enable = true;
openFirewall = true;
};
};
networking.firewall.allowPing = true;
}

11
nixos/tsuba/services/sonarr.nix Normal file
View File

@@ -0,0 +1,11 @@
{...}: {
services = {
sonarr.enable = true;
caddy = {
virtualHosts."sonarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:8989
'';
};
};
}

22
nixos/tsuba/services/tailscale.nix Normal file
View File

@@ -0,0 +1,22 @@
{
pkgs,
lib,
...
}: {
services = {
tailscale = {
enable = true;
# useRoutingFeatures = "both";
# extraUpFlags = ["--advertise-routes=192.168.0.0/24"];
};
# networkd-dispatcher = {
# enable = true;
# rules."50-tailscale" = {
# onState = ["routable"];
# script = ''
# ${lib.getExe pkgs.ethtool} -K en01 rx-udp-gro-forwarding on rg-xgro-list off
# '';
# };
# };
};
}