servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: Added jellyfin reverse proxy

Browse Source
This commit is contained in:
uttarayan21
2025-07-13 05:02:55 +05:30
parent fa718f5618
commit 71228dd717
19 changed files with 173 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
darwin/shiro/services/default.nix
View File

@@ -4,9 +4,9 @@
./skhd.nix ./skhd.nix
./tailscale.nix ./tailscale.nix
./autossh.nix ./autossh.nix
./homeassistant.nix
# ./zerotier.nix # ./zerotier.nix
# ./jellyfin.nix # ./jellyfin.nix
# ./homeassistant.nix
# ./aerospace.nix # ./aerospace.nix
]; ];
} }

2
darwin/shiro/services/homeassistant.nix
View File

@@ -17,7 +17,7 @@
homeassistant.settings.services = { homeassistant.settings.services = {
homeassistant = { homeassistant = {
service.image = "ghcr.io/home-assistant/home-assistant:stable"; service.image = "ghcr.io/home-assistant/home-assistant:stable";
service.volumes = ["/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro"]; service.volumes = ["/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro" "/var/lib/homeassistant:/config"];
service.privileged = true; service.privileged = true;
service.network_mode = "host"; service.network_mode = "host";
service.restart = "unless-stopped"; service.restart = "unless-stopped";

3
deploy.nix
View File

@@ -13,8 +13,7 @@
}; };
}; };
tsuba = { tsuba = {
hostname = "192.168.0.125"; hostname = "tsuba.darksailor.dev";
# hostname = "tsuba.darksailor.dev";
profiles.system = { profiles.system = {
sshUser = "servius"; sshUser = "servius";
path = inputs.deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.tsuba; path = inputs.deploy-rs.lib.aarch64-linux.activate.nixos self.nixosConfigurations.tsuba;

22
flake.lock generated
View File

@@ -1262,6 +1262,27 @@
"type": "github" "type": "github"
} }
}, },
"home-manager-stable": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1752208517,
"narHash": "sha256-aRY1cYOdVdXdNjcL/Twpa27CknO7pVHxooPsBizDraE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c6a01e54af81b381695db796a43360bf6db5702f",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": { "home-manager_2": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -2578,6 +2599,7 @@
"ghostty": "ghostty", "ghostty": "ghostty",
"guihua": "guihua", "guihua": "guihua",
"home-manager": "home-manager", "home-manager": "home-manager",
"home-manager-stable": "home-manager-stable",
"hyprland": "hyprland", "hyprland": "hyprland",
"hyprlock": "hyprlock", "hyprlock": "hyprlock",
"ironbar": "ironbar", "ironbar": "ironbar",

9
flake.nix
View File

@@ -13,6 +13,10 @@
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager-stable = {
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
nix-darwin = { nix-darwin = {
url = "github:LnL7/nix-darwin"; url = "github:LnL7/nix-darwin";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@@ -189,6 +193,7 @@
self, self,
nixpkgs, nixpkgs,
home-manager, home-manager,
home-manager-stable,
nix-darwin, nix-darwin,
flake-utils, flake-utils,
anyrun, anyrun,
@@ -298,7 +303,7 @@
}) })
// ( // (
import ./nixos/tsuba { import ./nixos/tsuba {
inherit inputs nixpkgs home-manager overlays nur nixos-raspberrypi; inherit inputs nixpkgs home-manager-stable overlays nur nixos-raspberrypi;
devices = rpi_devices; devices = rpi_devices;
} }
); );
@@ -359,7 +364,7 @@
}; };
devShells = { devShells = {
default = pkgs.mkShell { default = pkgs.mkShell {
packages = with pkgs; [sops just]; packages = with pkgs; [sops just clang];
}; };
}; };
} }

3
home/programs/ddcbacklight.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
home.packages = [pkgs.ddcbacklight];
}

26
home/programs/default.nix
View File

@@ -31,6 +31,8 @@
./zoxide.nix ./zoxide.nix
./mpris-scrobbler.nix ./mpris-scrobbler.nix
./omnix.nix ./omnix.nix
# ./ddcbacklight.nix
./yt-dlp.nix
# ./magika.nix # ./magika.nix
# ./ncmpcpp.nix # ./ncmpcpp.nix
# ./neomutt.nix # ./neomutt.nix
@@ -66,35 +68,13 @@
sd sd
tldr tldr
vcpkg-tool vcpkg-tool
yt-dlp
] ]
++ lib.optionals (!device.isServer) [ ++ lib.optionals (!device.isServer) [
clang
cmake
d2
devenv
go
hasklig
jujutsu
monaspace monaspace
nerd-fonts.fira-code nerd-fonts.fira-code
nerd-fonts.hasklug nerd-fonts.hasklug
nerd-fonts.symbols-only nerd-fonts.symbols-only
qmk
ttyper
yarn
]
++ lib.optionals device.isLinux [
dig
gptfdisk
handlr-regex
handlr-xdg
lsof
ncpamixer
rr
sbctl
usbutils
ddcbacklight
] ]
++ lib.optionals device.isLinux []
++ lib.optionals device.isDarwin []; ++ lib.optionals device.isDarwin [];
} }

3
home/programs/sbctl.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
home.packages = [pkgs.sbctl];
}

3
home/programs/yt-dlp.nix Normal file
View File

@@ -0,0 +1,3 @@
{pkgs, ...}: {
home.packages = [pkgs.yt-dlp];
}

6
nixos/mirai/services/homepage.nix
View File

@@ -49,12 +49,6 @@
href = "https://prowlarr.tsuba.darksailor.dev"; href = "https://prowlarr.tsuba.darksailor.dev";
}; };
} }
{
"Jackett" = {
description = "Jackett";
href = "https://jackett.tsuba.darksailor.dev";
};
}
{ {
"Home Assistant" = { "Home Assistant" = {
description = "Home Automation"; description = "Home Automation";

3
nixos/tsuba/configuration.nix
View File

@@ -44,7 +44,7 @@
}; };
users.users.${device.user} = { users.users.${device.user} = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel"]; extraGroups = ["wheel" "media"];
initialPassword = "aaa"; initialPassword = "aaa";
openssh.authorizedKeys.keyFiles = [ openssh.authorizedKeys.keyFiles = [
../../secrets/id_ed25519.pub ../../secrets/id_ed25519.pub
@@ -57,6 +57,7 @@
../../secrets/id_ed25519.pub ../../secrets/id_ed25519.pub
]; ];
}; };
users.groups.media = {};
system.stateVersion = "25.05"; system.stateVersion = "25.05";
services.openssh.enable = true; services.openssh.enable = true;
} }

20
nixos/tsuba/default.nix
View File

@@ -3,7 +3,7 @@
devices, devices,
inputs, inputs,
overlays, overlays,
home-manager, home-manager-stable,
nur, nur,
nixos-raspberrypi, nixos-raspberrypi,
... ...
@@ -18,9 +18,12 @@
}; };
system = device.system; system = device.system;
modules = [ modules = [
inputs.arion.nixosModules.arion
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
nur.modules.nixos.default
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
inputs.nix-minecraft.nixosModules.minecraft-servers
nur.modules.nixos.default
home-manager-stable.nixosModules.home-manager
{ {
nixpkgs.overlays = overlays; nixpkgs.overlays = overlays;
imports = with nixos-raspberrypi.nixosModules; [ imports = with nixos-raspberrypi.nixosModules; [
@@ -28,6 +31,19 @@
raspberry-pi-5.display-vc4 raspberry-pi-5.display-vc4
raspberry-pi-5.bluetooth raspberry-pi-5.bluetooth
]; ];
home-manager = {
backupFileExtension = "bak";
useGlobalPkgs = true;
useUserPackages = true;
extraSpecialArgs = {
inherit inputs;
inherit device;
stablePkgs = inputs.nixpkgs-stable.legacyPackages.${device.system};
};
users.${device.user}.imports = [
../../home
];
};
} }
./configuration.nix ./configuration.nix
./services ./services

3
nixos/tsuba/disk-config.nix
View File

@@ -133,6 +133,9 @@ in {
type = "filesystem"; type = "filesystem";
format = "ext4"; format = "ext4";
mountpoint = "/volumes/media"; mountpoint = "/volumes/media";
mountOptions = [
"nofail"
];
}; };
}; };
}; };

1
nixos/tsuba/services/caddy.nix
View File

@@ -20,6 +20,7 @@
propagation_timeout -1 propagation_timeout -1
propagation_delay 120s propagation_delay 120s
dns hetzner {env.HETZNER_API_KEY} dns hetzner {env.HETZNER_API_KEY}
resolvers 1.1.1.1
} }
} }
''; '';

1
nixos/tsuba/services/default.nix
View File

@@ -9,5 +9,6 @@
# ./radarr.nix # ./radarr.nix
# ./prowlarr.nix # ./prowlarr.nix
./deluge.nix ./deluge.nix
./homeassistant.nix
]; ];
} }

57
nixos/tsuba/services/homeassistant.nix Normal file
View File

@@ -0,0 +1,57 @@
{
pkgs,
lib,
...
}: {
virtualisation.docker.enable = true;
users.extraUsers.servius.extraGroups = ["docker"];
services.caddy = {
virtualHosts."home.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:8123
'';
};
# environment.systemPackages = [pkgs.arion pkgs.docker pkgs.podman];
# virtualisation.podman.enable = true;
# virtualisation.podman.dockerSocket.enable = true;
# # networking.firewall.allowedTCPPorts = [21063 21064];
# # networking.firewall.allowedUDPPorts = [5353];
#
# virtualisation.arion = {
# backend = "podman-socket";
# projects = {
# homeassistant.settings.services = {
# homeassistant = {
# service.image = "ghcr.io/home-assistant/home-assistant:stable";
# service.volumes = ["/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro" "/var/lib/homeassistant:/config"];
# service.privileged = true;
# service.network_mode = "host";
# service.restart = "unless-stopped";
# };
# };
# };
# };
}
# {
# virtualisation.podman.enable = true;
# virtualisation.podman.dockerSocket.enable = true;
# users.extraUsers.servius.extraGroups = ["podman"];
# networking.firewall.enable = false;
# virtualisation.oci-containers = {
# backend = "podman";
# containers.homeassistant = {
# # environment.TZ = "Asia/Kolkata";
# # Note: The image will not be updated on rebuilds, unless the version label changes
# image = "ghcr.io/home-assistant/home-assistant:stable";
# volumes = ["/etc/localtime:/etc/localtime:ro" "/run/dbus:/run/dbus:ro" "/var/lib/homeassistant:/config"];
# extraOptions = [
# # Use the host network namespace for all sockets
# "--network=host"
# # Pass devices into the container, so Home Assistant can discover and make use of them
# "--device=/dev/ttyACM0:/dev/ttyACM0"
# ];
# };
# };
# }

18
nixos/tsuba/services/jellyfin.nix
View File

@@ -1,12 +1,12 @@
{...}: { {...}: {
# services = { services = {
# jellyseerr.enable = true; jellyseerr.enable = true;
# jellyfin.enable = true; # jellyfin.enable = true;
# caddy = { caddy = {
# virtualHosts."jellyfin.tsuba.darksailor.dev".extraConfig = '' virtualHosts."jellyfin.tsuba.darksailor.dev".extraConfig = ''
# import hetzner import hetzner
# reverse_proxy localhost:8096 reverse_proxy localhost:8096
# ''; '';
# }; };
# }; };
} }

43
nixos/tsuba/services/servarr.nix
View File

@@ -1,23 +1,44 @@
{ {
unstablePkgs, unstablePkgs,
config, config,
lib,
... ...
}: let }: let
mkServarr = name: { mkCaddy = name: {
${name} = {
enable = true;
package = unstablePkgs.${name};
};
caddy.virtualHosts."${name}.tsuba.darksailor.dev".extraConfig = '' caddy.virtualHosts."${name}.tsuba.darksailor.dev".extraConfig = ''
import hetzner import hetzner
reverse_proxy localhost:${builtins.toString config.services.${name}.settings.server.port} reverse_proxy localhost:${builtins.toString config.services.${name}.settings.server.port}
''; '';
}; };
in { in {
services = services = {
mkServarr "radarr" sonarr = {
// mkServarr "sonarr" enable = true;
// mkServarr "prowlarr"; package = unstablePkgs.sonarr;
# // mkServarr "readarr" group = "media";
# // mkServarr "bazarr"; };
radarr = {
enable = true;
package = unstablePkgs.radarr;
group = "media";
};
prowlarr = {
enable = true;
package = unstablePkgs.prowlarr;
};
caddy.virtualHosts = {
"sonarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.sonarr.settings.server.port}
'';
"radarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.radarr.settings.server.port}
'';
"prowlarr.tsuba.darksailor.dev".extraConfig = ''
import hetzner
reverse_proxy localhost:${builtins.toString config.services.prowlarr.settings.server.port}
'';
};
};
} }

10
nixos/tsuba/tsuba.nix
View File

@@ -27,11 +27,11 @@
# ]; # ];
# }; # };
# }; # };
hardware.raspberry-pi.extra-config = '' # hardware.raspberry-pi.extra-config = ''
[all] # [all]
dtparam=pciex1 # dtparam=pciex1
dtparam=pciex1_gen=2 # dtparam=pciex1_gen=2
''; # '';
} }
# ({ # ({
# config, # config,