servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Added jellyfin reverse proxy

Browse Source
This commit is contained in:
uttarayan21
2025-07-13 05:02:55 +05:30
parent fa718f5618
commit 71228dd717
19 changed files with 173 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
nixos/tsuba/configuration.nix
View File

@@ -44,7 +44,7 @@
};
users.users.${device.user} = {
isNormalUser = true;
extraGroups = ["wheel"];
extraGroups = ["wheel" "media"];
initialPassword = "aaa";
openssh.authorizedKeys.keyFiles = [
../../secrets/id_ed25519.pub
@@ -57,6 +57,7 @@
../../secrets/id_ed25519.pub
];
};
users.groups.media = {};
system.stateVersion = "25.05";
services.openssh.enable = true;
}

20
nixos/tsuba/default.nix
View File

@@ -3,7 +3,7 @@
devices,
inputs,
overlays,
home-manager,
home-manager-stable,
nur,
nixos-raspberrypi,
...
@@ -18,9 +18,12 @@
};
system = device.system;
modules = [
inputs.arion.nixosModules.arion
inputs.disko.nixosModules.disko
nur.modules.nixos.default
inputs.sops-nix.nixosModules.sops
inputs.nix-minecraft.nixosModules.minecraft-servers
nur.modules.nixos.default
home-manager-stable.nixosModules.home-manager
{
nixpkgs.overlays = overlays;
imports = with nixos-raspberrypi.nixosModules; [
@@ -28,6 +31,19 @@
raspberry-pi-5.display-vc4
raspberry-pi-5.bluetooth
];
home-manager = {
backupFileExtension = "bak";
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = {
inherit inputs;
inherit device;
stablePkgs = inputs.nixpkgs-stable.legacyPackages.${device.system};
};
users.${device.user}.imports = [
../../home
];
};
}
./configuration.nix
./services

3
nixos/tsuba/disk-config.nix
View File

@@ -133,6 +133,9 @@ in {
type = "filesystem";
format = "ext4";
mountpoint = "/volumes/media";
mountOptions = [
"nofail"
];
};
};
};

1
nixos/tsuba/services/caddy.nix
View File

@@ -20,6 +20,7 @@
propagation_timeout -1
propagation_delay 120s
dns hetzner {env.HETZNER_API_KEY}
resolvers 1.1.1.1
}
}
'';

1
nixos/tsuba/services/default.nix
View File

@@ -9,5 +9,6 @@
# ./radarr.nix
# ./prowlarr.nix
./deluge.nix
./homeassistant.nix
];
}

57
nixos/tsuba/services/homeassistant.nix Normal file
View File

@@ -0,0 +1,57 @@
{
pkgs,
lib,
...
}: {
virtualisation.docker.enable = true;
users.extraUsers.servius.extraGroups = ["docker"];
services.caddy = {
virtualHosts."home.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:8123
'';
};
# environment.systemPackages = [pkgs.arion pkgs.docker pkgs.podman];
# virtualisation.podman.enable = true;
# virtualisation.podman.dockerSocket.enable = true;
# # networking.firewall.allowedTCPPorts = [21063 21064];
# # networking.firewall.allowedUDPPorts = [5353];
#
# virtualisation.arion = {
# backend = "podman-socket";
# projects = {
# homeassistant.settings.services = {
# homeassistant = {
# service.image = "ghcr.io/home-assistant/home-assistant:stable";
# service.volumes = ["/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro" "/var/lib/homeassistant:/config"];
# service.privileged = true;
# service.network_mode = "host";
# service.restart = "unless-stopped";
# };
# };
# };
# };
}
# {
# virtualisation.podman.enable = true;
# virtualisation.podman.dockerSocket.enable = true;
# users.extraUsers.servius.extraGroups = ["podman"];
# networking.firewall.enable = false;
# virtualisation.oci-containers = {
# backend = "podman";
# containers.homeassistant = {
# # environment.TZ = "Asia/Kolkata";
# # Note: The image will not be updated on rebuilds, unless the version label changes
# image = "ghcr.io/home-assistant/home-assistant:stable";
# volumes = ["/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro" "/var/lib/homeassistant:/config"];
# extraOptions = [
# # Use the host network namespace for all sockets
# "--network=host"
# # Pass devices into the container, so Home Assistant can discover and make use of them
# "--device=/dev/ttyACM0:/dev/ttyACM0"
# ];
# };
# };
# }

20
nixos/tsuba/services/jellyfin.nix
View File

@@ -1,12 +1,12 @@
{...}: {
# services = {
# jellyseerr.enable = true;
# jellyfin.enable = true;
# caddy = {
# virtualHosts."jellyfin.tsuba.darksailor.dev".extraConfig = ''
# import hetzner
# reverse_proxy localhost:8096
# '';
# };
# };
services = {
jellyseerr.enable = true;
# jellyfin.enable = true;
caddy = {
virtualHosts."jellyfin.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:8096
'';
};
};
}

43
nixos/tsuba/services/servarr.nix
View File

@@ -1,23 +1,44 @@
{
unstablePkgs,
config,
lib,
...
}: let
mkServarr = name: {
${name} = {
enable = true;
package = unstablePkgs.${name};
};
mkCaddy = name: {
caddy.virtualHosts."${name}.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.${name}.settings.server.port}
'';
};
in {
services =
mkServarr "radarr"
// mkServarr "sonarr"
// mkServarr "prowlarr";
# // mkServarr "readarr"
# // mkServarr "bazarr";
services = {
sonarr = {
enable = true;
package = unstablePkgs.sonarr;
group = "media";
};
radarr = {
enable = true;
package = unstablePkgs.radarr;
group = "media";
};
prowlarr = {
enable = true;
package = unstablePkgs.prowlarr;
};
caddy.virtualHosts = {
"sonarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.sonarr.settings.server.port}
'';
"radarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.radarr.settings.server.port}
'';
"prowlarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.prowlarr.settings.server.port}
'';
};
};
}

10
nixos/tsuba/tsuba.nix
View File

@@ -27,11 +27,11 @@
# ];
# };
# };
hardware.raspberry-pi.extra-config = ''
[all]
dtparam=pciex1
dtparam=pciex1_gen=2
'';
# hardware.raspberry-pi.extra-config = ''
# [all]
# dtparam=pciex1
# dtparam=pciex1_gen=2
# '';
}
# ({
# config,