diff --git a/Justfile b/Justfile index ce17f88..f74c1c4 100644 --- a/Justfile +++ b/Justfile @@ -1,8 +1,9 @@ hostname := `hostname` -local OPERATION: +local OPERATION *FLAGS: sudo nixos-rebuild \ --flake .#{{hostname}} \ + {{FLAGS}} \ {{OPERATION}} diff --git a/flake.lock b/flake.lock index 259fab7..f8cf55d 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,73 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager", + "nixpkgs": [ + "nixpkgs" + ], + "systems": "systems" + }, + "locked": { + "lastModified": 1707830867, + "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", + "owner": "ryantm", + "repo": "agenix", + "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, + "arion": { + "inputs": { + "flake-parts": "flake-parts", + "haskell-flake": "haskell-flake", + "hercules-ci-effects": "hercules-ci-effects", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1707923576, + "narHash": "sha256-vch1hvgoB2TEl1+0J9h5uPkTrL4zNFUxE/razagkqQQ=", + "owner": "hercules-ci", + "repo": "arion", + "rev": "2b1fa9a8e9e40bb8e65a677c6fdd66dae4f4676e", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "arion", + "type": "github" + } + }, + "darwin": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1700795494, + "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, "firefox-addons": { "inputs": { "flake-utils": "flake-utils", @@ -9,11 +77,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1708452844, - "narHash": "sha256-zlmcdVoD/7M15OrEJFjJ19s84cudaOd66DTyso0ERic=", + "lastModified": 1709352230, + "narHash": "sha256-7NfxOTEz15jHLxIRYS9WU4+PO0fypxJ/kkHC682Lhr0=", "owner": "rycee", "repo": "nur-expressions", - "rev": "a32606b39b9b56062efdef8f001d1e88f7647f59", + "rev": "c13d9ef669a370fd70e6732e295513cd7342b20d", "type": "gitlab" }, "original": { @@ -57,7 +125,10 @@ }, "flake-parts": { "inputs": { - "nixpkgs-lib": "nixpkgs-lib" + "nixpkgs-lib": [ + "arion", + "nixpkgs" + ] }, "locked": { "lastModified": 1706830856, @@ -76,17 +147,34 @@ "flake-parts_2": { "inputs": { "nixpkgs-lib": [ - "neovim-config", - "neovim-nightly-overlay", + "arion", + "hercules-ci-effects", "nixpkgs" ] }, "locked": { - "lastModified": 1704152458, - "narHash": "sha256-DS+dGw7SKygIWf9w4eNBUZsK+4Ug27NwEWmn2tnbycg=", + "lastModified": 1701473968, + "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "88a2cd8166694ba0b6cb374700799cec53aef527", + "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5", + "type": "github" + }, + "original": { + "id": "flake-parts", + "type": "indirect" + } + }, + "flake-parts_3": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib" + }, + "locked": { + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", "type": "github" }, "original": { @@ -95,7 +183,29 @@ "type": "github" } }, - "flake-parts_3": { + "flake-parts_4": { + "inputs": { + "nixpkgs-lib": [ + "neovim-config", + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1706830856, + "narHash": "sha256-a0NYyp+h9hlb7ddVz4LUn1vT/PLwqfrWYcHMvFB1xYg=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "b253292d9c0a5ead9bc98c4e9a26c6312e27d69f", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_5": { "inputs": { "nixpkgs-lib": [ "neovim-config", @@ -117,7 +227,7 @@ "type": "indirect" } }, - "flake-parts_4": { + "flake-parts_6": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" }, @@ -152,7 +262,7 @@ }, "flake-utils_2": { "inputs": { - "systems": "systems" + "systems": "systems_2" }, "locked": { "lastModified": 1701680307, @@ -170,7 +280,7 @@ }, "flake-utils_3": { "inputs": { - "systems": "systems_3" + "systems": "systems_4" }, "locked": { "lastModified": 1681202837, @@ -188,11 +298,11 @@ }, "hardware": { "locked": { - "lastModified": 1708091350, - "narHash": "sha256-o28BJYi68qqvHipT7V2jkWxDiMS1LF9nxUsou+eFUPQ=", + "lastModified": 1709410583, + "narHash": "sha256-esOSUoQ7mblwcsSea0K17McZuwAIjoS6dq/4b83+lvw=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "106d3fec43bcea19cb2e061ca02531d54b542ce3", + "rev": "59e37017b9ed31dee303dbbd4531c594df95cfbc", "type": "github" }, "original": { @@ -201,12 +311,27 @@ "type": "github" } }, + "haskell-flake": { + "locked": { + "lastModified": 1675296942, + "narHash": "sha256-u1X1sblozi5qYEcLp1hxcyo8FfDHnRUVX3dJ/tW19jY=", + "owner": "srid", + "repo": "haskell-flake", + "rev": "c2cafce9d57bfca41794dc3b99c593155006c71e", + "type": "github" + }, + "original": { + "owner": "srid", + "ref": "0.1.0", + "repo": "haskell-flake", + "type": "github" + } + }, "hercules-ci-effects": { "inputs": { - "flake-parts": "flake-parts_3", + "flake-parts": "flake-parts_2", "nixpkgs": [ - "neovim-config", - "neovim-nightly-overlay", + "arion", "nixpkgs" ] }, @@ -224,18 +349,62 @@ "type": "github" } }, + "hercules-ci-effects_2": { + "inputs": { + "flake-parts": "flake-parts_5", + "nixpkgs": [ + "neovim-config", + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1708547820, + "narHash": "sha256-xU/KC1PWqq5zL9dQ9wYhcdgxAwdeF/dJCLPH3PNZEBg=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "0ca27bd58e4d5be3135a4bef66b582e57abe8f4a", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1703113217, + "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1708451036, - "narHash": "sha256-tgZ38NummEdnXvxj4D0StHBzXgceAw8CptytHljH790=", + "lastModified": 1709204054, + "narHash": "sha256-U1idK0JHs1XOfSI1APYuXi4AEADf+B+ZU4Wifc0pBHk=", "owner": "nix-community", "repo": "home-manager", - "rev": "517601b37c6d495274454f63c5a483c8e3ca6be1", + "rev": "2f3367769a93b226c467551315e9e270c3f78b15", "type": "github" }, "original": { @@ -253,11 +422,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1707418504, - "narHash": "sha256-/tc19gAuAGJpg2mrVzT79OqjqvyytX72eBQ2UxQz+ng=", + "lastModified": 1710331864, + "narHash": "sha256-S2zLEpAWl+WWHjJU81zxIAVgSQBdz+YnM6aHnLGvm98=", "owner": "xunuwu", "repo": "neovim-config", - "rev": "7979a74509653c17f6242f7a2432705584d19f7f", + "rev": "8a6102e6777ff4e8348a1a67bec84d15b8711570", "type": "github" }, "original": { @@ -277,11 +446,11 @@ }, "locked": { "dir": "contrib", - "lastModified": 1704559322, - "narHash": "sha256-gB6lTJoAmA/Pf7TkRBETklX3BJexMsW2FPjXfOxRzm0=", + "lastModified": 1709162366, + "narHash": "sha256-A18s9ThfCGEPzUsqzZnV9+l3oVcjAwU+mkzOxArwqbs=", "owner": "neovim", "repo": "neovim", - "rev": "9a2c98087b90e5306579ab2149a6192ac075df6b", + "rev": "ce7c51a1a3b2b38cdba730aeb53840d0ace32173", "type": "github" }, "original": { @@ -294,17 +463,17 @@ "neovim-nightly-overlay": { "inputs": { "flake-compat": "flake-compat", - "flake-parts": "flake-parts_2", - "hercules-ci-effects": "hercules-ci-effects", + "flake-parts": "flake-parts_4", + "hercules-ci-effects": "hercules-ci-effects_2", "neovim-flake": "neovim-flake", "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1704585800, - "narHash": "sha256-Qh3WpsNnYHCQTkv33OaQ2RLJtrjytfauhpKly3nruyc=", + "lastModified": 1709165056, + "narHash": "sha256-S+cQn7qnqGtpvxqgcTS/oSixxEDHvQqEhvUVGnjljs0=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "915479ceaaed1ddf9379706da575d0d2bf7a48cf", + "rev": "ba07638ead045e7e2ecf9415727a694ad7cb7a66", "type": "github" }, "original": { @@ -315,17 +484,17 @@ }, "nix-gaming": { "inputs": { - "flake-parts": "flake-parts_4", + "flake-parts": "flake-parts_6", "nixpkgs": [ "nixpkgs" ] }, "locked": { - "lastModified": 1708433103, - "narHash": "sha256-Fxmfx7jSrLeMGYq634/RDWJwoKRw11ahDroOF0mIQiE=", + "lastModified": 1709341671, + "narHash": "sha256-O/9tnL7GJUwIBPUP+vAmMzi4xxfg4zILyOfzMn2JJbs=", "owner": "fufexan", "repo": "nix-gaming", - "rev": "d154dc37e5a1179def36813fee1016a764090535", + "rev": "8fbcde4f4dbe482ee4f3d158f28103106ef9bcd3", "type": "github" }, "original": { @@ -341,11 +510,11 @@ ] }, "locked": { - "lastModified": 1708225687, - "narHash": "sha256-NJBDfvknI26beOFmjO2coeJMTTUCCtw2Iu+rvJ1Zb9k=", + "lastModified": 1708830466, + "narHash": "sha256-nGKe3Y1/jkLR2eh1aRSVBtKadMBNv8kOnB52UXqRy6A=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "17352eb241a8d158c4ac523b19d8d2a6c8efe127", + "rev": "f070c7eeec3bde8c8c8baa9c02b6d3d5e114d73b", "type": "github" }, "original": { @@ -361,11 +530,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1708391638, - "narHash": "sha256-ZbiupDt7BPhxJy6EfS8ShKAaKtW8qZblWE617Le1hCI=", + "lastModified": 1709341970, + "narHash": "sha256-r/Xwhz4ESWGztKRBcLqi76zDZv1HeSgXEdkyOPWkluY=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "64ff3452483eb29ad15e7e1a943831629368ae90", + "rev": "75224309c1a5378bbee401360dbcc5e8865895e4", "type": "github" }, "original": { @@ -376,11 +545,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1704161960, - "narHash": "sha256-QGua89Pmq+FBAro8NriTuoO/wNaUtugt29/qqA8zeeM=", + "lastModified": 1709101946, + "narHash": "sha256-TsySgcWm/GlbYdL3AEva49ceeI2BdPQ7muwfYNr1fwo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "63143ac2c9186be6d9da6035fa22620018c85932", + "rev": "d53c2037394da6fe98decca417fc8fda64bf2443", "type": "github" }, "original": { @@ -393,11 +562,11 @@ "nixpkgs-lib": { "locked": { "dir": "lib", - "lastModified": 1706550542, - "narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=", + "lastModified": 1709237383, + "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "97b17f32362e475016f942bbdfda4a4a72a8a652", + "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", "type": "github" }, "original": { @@ -428,11 +597,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1708210246, - "narHash": "sha256-Q8L9XwrBK53fbuuIFMbjKvoV7ixfLFKLw4yV+SD28Y8=", + "lastModified": 1708819810, + "narHash": "sha256-1KosU+ZFXf31GPeCBNxobZWMgHsSOJcrSFA6F2jhzdE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "69405156cffbdf2be50153f13cbdf9a0bea38e49", + "rev": "89a2a12e6c8c6a56c72eb3589982c8e2f89c70ea", "type": "github" }, "original": { @@ -460,11 +629,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1708296515, - "narHash": "sha256-FyF489fYNAUy7b6dkYV6rGPyzp+4tThhr80KNAaF/yY=", + "lastModified": 1709237383, + "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b98a4e1746acceb92c509bc496ef3d0e5ad8d4aa", + "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", "type": "github" }, "original": { @@ -476,11 +645,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1708151420, - "narHash": "sha256-MGT/4aGCWQPQiu6COqJdCj9kSpLPiShgbwpbC38YXC8=", + "lastModified": 1708751719, + "narHash": "sha256-0uWOKSpXJXmXswOvDM5Vk3blB74apFB6rNGWV5IjoN0=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6e2f00c83911461438301db0dba5281197fe4b3a", + "rev": "f63ce824cd2f036216eb5f637dfef31e1a03ee89", "type": "github" }, "original": { @@ -492,10 +661,12 @@ }, "root": { "inputs": { + "agenix": "agenix", + "arion": "arion", "firefox-addons": "firefox-addons", - "flake-parts": "flake-parts", + "flake-parts": "flake-parts_3", "hardware": "hardware", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "neovim-config": "neovim-config", "nix-gaming": "nix-gaming", "nix-index-database": "nix-index-database", @@ -510,11 +681,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1708456161, - "narHash": "sha256-Rh5kJvLZySEPkOxCIX1XA0SpDnYjjXSvixLwKsrcpVE=", + "lastModified": 1708987867, + "narHash": "sha256-k2lDaDWNTU5sBVHanYzjDKVDmk29RHIgdbbXu5sdzBA=", "owner": "Mic92", "repo": "sops-nix", - "rev": "acfcce2a36da17ebb724d2e100d47881880c2e48", + "rev": "a1c8de14f60924fafe13aea66b46157f0150f4cf", "type": "github" }, "original": { @@ -568,16 +739,31 @@ "type": "github" } }, + "systems_4": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "inputs": { - "systems": "systems_2" + "systems": "systems_3" }, "locked": { - "lastModified": 1694529238, - "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=", + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "ff7b65b44d01cf9ba6a71320833626af21126384", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 12e9663..7fca7af 100644 --- a/flake.nix +++ b/flake.nix @@ -22,6 +22,7 @@ just home-manager sops + colmena ]; name = "dots"; }; @@ -61,6 +62,11 @@ sops-nix.url = "github:Mic92/sops-nix"; + agenix = { + url = "github:ryantm/agenix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + nix-index-database = { url = "github:Mic92/nix-index-database"; inputs.nixpkgs.follows = "nixpkgs"; @@ -70,6 +76,11 @@ url = "github:nix-community/nix-vscode-extensions"; }; + arion = { + url = "github:hercules-ci/arion"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + #nur.url = "github:nix-community/NUR"; }; } diff --git a/home/editors/vscode.nix b/home/editors/vscode.nix index 222126d..ee7dc3a 100644 --- a/home/editors/vscode.nix +++ b/home/editors/vscode.nix @@ -13,20 +13,14 @@ in { enableExtensionUpdateCheck = false; package = pkgs.vscodium; - mutableExtensionsDir = false; + mutableExtensionsDir = true; extensions = [ - ovsx.rust-lang.rust-analyzer - ovsx.llvm-vs-code-extensions.vscode-clangd ovsx.vadimcn.vscode-lldb ovsx.mkhl.direnv ovsx.editorconfig.editorconfig ovsx.pkief.material-icon-theme - # ovsx.ms-azuretools.vscode-docker ovsx.eamodio.gitlens - ovsx.jnoortheen.nix-ide vsce.hediet.debug-visualizer - ovsx.haskell.haskell - ovsx.hoovercj.haskell-linter ]; }; } diff --git a/home/programs/media/jellyfin.nix b/home/programs/media/jellyfin.nix index 26cec11..ee3f963 100644 --- a/home/programs/media/jellyfin.nix +++ b/home/programs/media/jellyfin.nix @@ -1,5 +1,6 @@ {pkgs, ...}: { home.packages = with pkgs; [ jellyfin-media-player + sonixd ]; } diff --git a/home/programs/misc/discord.nix b/home/programs/misc/discord.nix index 0ce69eb..70b1b31 100644 --- a/home/programs/misc/discord.nix +++ b/home/programs/misc/discord.nix @@ -1,5 +1,9 @@ {pkgs, ...}: { home.packages = with pkgs; [ vesktop + (discord.override { + withVencord = true; + withOpenASAR = true; + }) ]; } diff --git a/home/terminal/shell/zsh.nix b/home/terminal/shell/zsh.nix index 795c2a0..58315bf 100644 --- a/home/terminal/shell/zsh.nix +++ b/home/terminal/shell/zsh.nix @@ -1,4 +1,6 @@ {config, ...}: { + programs.fzf.enable = true; + programs.zsh = { enable = true; autocd = true; @@ -6,6 +8,7 @@ enableAutosuggestions = true; dotDir = ".config/zsh"; defaultKeymap = "emacs"; + history = { expireDuplicatesFirst = true; path = "${config.xdg.dataHome}/zsh_history"; diff --git a/hosts/default.nix b/hosts/default.nix index 253c67a..8183644 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -3,22 +3,29 @@ inputs, homeImports, ... -}: { - flake.nixosConfigurations = let - inherit (inputs.nixpkgs.lib) nixosSystem; +}: let + specialArgs = { + inherit inputs self; + }; +in { + flake.colmena = let mod = "${self}/system"; - - # get the basic config to build on top of inherit (import "${self}/system") desktop; - - # get these into the module system - specialArgs = { - inherit inputs self; - }; in { - nixdesk = nixosSystem { + meta = { + nixpkgs = import inputs.nixpkgs { + system = "x86_64-linux"; + config.allowUnfree = true; + }; + inherit specialArgs; - modules = + }; + nixdesk = { + deployment = { + allowLocalDeployment = true; + targetHost = null; + }; + imports = desktop ++ [ ./nixdesk @@ -37,9 +44,11 @@ } ]; }; - hopper = nixosSystem { - inherit specialArgs; - modules = [ + hopper = { + deployment = { + targetUser = "xun"; + }; + imports = [ ./hopper "${self}/secrets" @@ -79,4 +88,11 @@ ]; }; }; + flake.nixosConfigurations = let + l = inputs.nixpkgs.lib; + in (builtins.mapAttrs (n: v: + l.nixosSystem { + inherit specialArgs; + modules = v.imports; + }) (l.filterAttrs (n: _: n != "meta") self.colmena)); } diff --git a/hosts/hopper/default.nix b/hosts/hopper/default.nix index 5ea61dc..9fc0939 100644 --- a/hosts/hopper/default.nix +++ b/hosts/hopper/default.nix @@ -8,10 +8,6 @@ networking.hostName = "hopper"; - #services.tailscale.extraUpFlags = [ - # "--ssh" - #]; - swapDevices = []; system.stateVersion = "23.11"; diff --git a/hosts/hopper/hardware.nix b/hosts/hopper/hardware.nix index b7d0120..1221f8d 100644 --- a/hosts/hopper/hardware.nix +++ b/hosts/hopper/hardware.nix @@ -29,7 +29,7 @@ "/" = { device = "/dev/disk/by-uuid/1297e638-f2ff-49a2-a362-314ac7eeaabc"; fsType = "btrfs"; - options = ["subvol=root" "compress=zstd"]; + options = ["subvol=root" "compress=zstd" "autodefrag" "noatime"]; }; "/home" = { device = "/dev/disk/by-uuid/1297e638-f2ff-49a2-a362-314ac7eeaabc"; diff --git a/secrets/hopper/cloudflare b/secrets/hopper/cloudflare new file mode 100644 index 0000000..77117e0 --- /dev/null +++ b/secrets/hopper/cloudflare @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:G9ZUq5WuB7iQ0vIASyjKth5Jj3bTDCvnOMiJGJ0fWd5nTOIrUD7cOcgDE9SGAP2W2zlRGh5AftNt0g==,iv:3MCty+L8YjGOfDeEcLeuDlvEqFSjxfv9FzKeTXas/ng=,tag:zMdbKh0HF8EEROmH31Oe1g==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqYlFaNmRuMUkzelJ4UkYz\nNXF1N2x5bjZVa0QvMmU2MDF6eVNDY3hsY0djClZETVpxT0Q3bCtJWFY5dU1HZi9i\nS1l4VWRCbldaeXVIVnM3c2t6YW03VWMKLS0tIFFIWE1TUjYzcHF4ckhXWGlkZEVK\nWnFlUUtrc1hsWFc0a0JzQTFyenZEY3cKcEma0LZKhlnvyKDIISTBDPAWkmTlUcOs\n73B8Hxtj3EDvEjUGimdu+oZPfHQuElgSMiOU0Zs0OwAvItOHg2NfKA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwc0RSUHYyRWx2ZFVXVEc3\nUjUvZDdmWWJXNWtIWGVWWnNsbFA0OUpiSlE0ClhsaEpGeXpQOThYYmt1NkFLWlpy\nQUIwNERva1pReG5McmloR2gzQ09nWFUKLS0tIFUrSlZMdTFtV2hnL29Ua2lUTkQ0\nWTZTNVI5US81OVNoWndoSHdURE5uc28Kwegugtt4GjCUlj+f/1Dghy7Q1DsD4Vli\nmoPkciYTrbMhngi7n2Ya8+K5JU+q3Rfn0c9TjElEZP40dNiJF6+f/g==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-02-28T19:41:27Z", + "mac": "ENC[AES256_GCM,data:gRyFdTKxS1Cc610nDwIzDtjTyPOlD+SUU5JYprW9V+qZaQC6QGPujfaoXq+uTEKhyt0C/xmNExu7qy8HeCyiWCblV0Dco0RI1wACg0utcmt4g35B3jyLQ8nW7bp7khU1KyxIBuNt4e4j5XfrfcREglbeRdy+Ijz6+LDBxDctyU0=,iv:mRLRAUVBxEI9Fx9O7sMJa6+S85mwaGTbk4u7dxVJj1s=,tag:HCNl+XyHdsxpcOR4ili1SQ==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/secrets/hopper/code-server b/secrets/hopper/code-server index 1a5bdf8..0defbb2 100644 --- a/secrets/hopper/code-server +++ b/secrets/hopper/code-server @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:UrmaXZ5U/yiBA0fIe+6OGD0a9hPMGO0AadM6dSw6armCsCHocN4nKYEgf1o67VSMR1IGmwxVEg9yT9o159jS4YnS6xE3EcygvmfrOD8X1aCWKK+eF3MWNmxjMrylTO5PYeZMu6R3,iv:ZFY9P+Zeva8U0Mhyq/zSGRs9ikRgK+tt8OFX9tusONA=,tag:CLyaeWre//r6HAaEctCBbQ==,type:str]", + "data": "ENC[AES256_GCM,data:e/taTwDXTyDPREs4C8rCQmMRfphkOfOWIq1evkfWSSvB53wTLQlnHuaOoj0e+Cj7cS7trO/YlS323HjUsL4G+p8hiw4GiWzlP9UE7mJFPNnCurEG0JRKJsqeDji3rqpabQ==,iv:vJRO7sjwCIqS3VsWn50KOOeHVMxpscsgU9TEzEUvoyY=,tag:RLIg8+PokOGBWRIW2QCcsA==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -15,8 +15,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLQnlTVGdMV0xhb215b1I5\nc2tqTHhHeDBMK29Eclp6NjVELy9reUYwTjA4ClBrVS9hWWhCeUsxbEJSNG9NRmZl\nQnZGVHdXM2svM1Iyc3NTT294NWk1RDAKLS0tIEZjUStFZDJoOHFrc0hsaUMrNXl4\nQys1M2xpRVhkUmI4U0taQllSWC93YXMKDJdRDZGGP/RFqquIY6m676vOL0CxEkrd\npIpZ88Y9/2oX0FUHxm8vV/xHXyKfWm5lU4xEcJ1tBV/Zm0jLbLQTMw==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-02-21T19:46:40Z", - "mac": "ENC[AES256_GCM,data:8j1JzGceUdx/ha1kNYI7pVG9Qtc9dWqI+X9tBFgFJ94QAhH5r56PngsvPHDcx3Y3jHYH/eN2Nd3KESfabOS0TIxDk0ka4GpKYZY2uG6jerN88tisZ5FvatVGMDp6EPE3x0S6kjeYocbt0XBgxn32iTAC19gvS6FipZ6Df35HOQ8=,iv:PjJ51F0FKe5c0m6+cLN5d9cD5mbpKuTas48tEJ9Qr5E=,tag:CQzuGCkpE5o7GTI2Mc/rcQ==,type:str]", + "lastmodified": "2024-02-26T14:40:16Z", + "mac": "ENC[AES256_GCM,data:HdBVk9jF3snPRsp0Q8HJHuP9H0IN+FKXfTzqyb9B6+Fx9zfzJdMavFrbKeLLCCknAKLYArAtYDhjsoEGTabWnnw3vB5Xp88DdtQfCgblQ6vCpiTa0XuFPcbRfgyPfbLACXWuUAKpvuNpzMripi2cPWI1U8+LF0IDYdBDeG4PXsM=,iv:NYxkK5Fz8f1zTROc8uLuuUN1NO4MHt4ldF488vKj29k=,tag:9fT5fWje/KNCWebzNTPDIQ==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.8.1" diff --git a/secrets/hopper/default.nix b/secrets/hopper/default.nix index ea17a37..3ef7739 100644 --- a/secrets/hopper/default.nix +++ b/secrets/hopper/default.nix @@ -25,5 +25,13 @@ format = "binary"; sopsFile = ./code-server; }; + slskd = { + format = "binary"; + sopsFile = ./slskd; + }; + cloudflare = { + format = "binary"; + sopsFile = ./cloudflare; + }; }; } diff --git a/secrets/hopper/slskd b/secrets/hopper/slskd new file mode 100644 index 0000000..825af7c --- /dev/null +++ b/secrets/hopper/slskd @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:e6VeCbqwW0Z/h23HD1TLdb3XPDMSYCV5fgj6/K6796kJBuZUqCdLOGoyzNyuluPGJxMRHPkFNyAZwZ/mf5AeIbXSdY1PoHJpy9V8mAXmVTQdV9E44sXdpq1Uyyp3faKpJs/oxnbWdj85iuiY22AuC5FatreneacPEQkjF0H1Z3yUKvE9G7fWnd7sdypwI9iNZX24G3wx3svL9Biq0vcFfTm/gf9BWO30IkUbLSGSev9taAdMJJpUijU44QsOrRGq6BBr3C+t0v9071r5ydCc7XUFb+EMwjrsM9IMTJ5R5PgbTRzQmj6hpLtKhW/Rv4rvUPdvPrX53OM6lYyXfmbxzGiFhG5c0/OPPzpGH9NLoqSMnbV5+CFFDWYuvJ9UhYetcOwfXopncgFFi1wS+4e+0R/FVzu58OhlYmnzgqrFFQAAM+pVaNTKZjQ6fZaOteTwdfvo75hhnrbTMEfIRad1OO3ffbZef+BkxdWKLfbjsp/3rzN7qD50Qbe2h9qKZxWGK2EmssqfKk5S4ps+vhcCL1J+Bs/04r/aEj6ttDbzKpWb3IJFIMJcwotDcTGAtCsvxZ++Cnp5+Ad7XPNxQlQzylRZXaRd68jvnaxyVjTAIQgcAEDpzHQA83ogmjX4rVMxzM+nhyNkp03tMD3IPBQgutMfCyzts2v+pqaOMz/H6T+PxIOhhEjtsvOUzeS4v20bM8UKw+04CDyFIlZRkKv3UaPZRWyfGqKZ5U/RUr4QMLVp7ppUL4iN11BW82EqZnUqA6/hEQ==,iv:ie2i0xd9/lypeBrGj1IWgUcNTg4IfMoE5luCdETKZ/4=,tag:m82vQYZ1P8uW8zZG0SQx8w==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwakcvTWdqUjY4elZUNFNu\nR2R6OHRvN1pNeGdHMUVGMXVVODBEcUJrTVJjClZTZG10UVNWR2NqVkhVMHo5c01M\nd0pPVnptVTdxMjhYVGNVZkdsRERRZlUKLS0tIHd3WmgzUUxVYkVDcTRoeUgwbktk\nVm9QNzBnTWxmM2t1MVByZ3FLaTNweDQK4VQWPRkKKnNyjQ0X2HZ8ACsTZsTrGKyw\nIV0qQujXDj0WVX9NtL2BcjbCIIENJH5pFp8XKQZ+mikqPGmHeunSgw==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOWXNpZlpySndGK1hRR2ZF\nUXdZZVhJVC9YMy96N3BzSVBJQzBOMEliMm1ZCi9ZWTgvOXcxSXdvMldYZXdsbjlX\nc0VDZTZNY3dSUHFMVmNZbWY0dzl4VkkKLS0tIFRtSzhJdFdLVHAzTVdBMmd3T3ho\naDI2WnBnT1FGUkgxQ0NrenpIYWZRM2MKN6hXjBR+jS4UkYy1SS5uHtlHTugfxCwW\nAErlX+kU0g0uBIQbHExNSr0/Xjk+bIRNqSg2O0CfxULxbQRtZrsqMA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-02-25T04:21:42Z", + "mac": "ENC[AES256_GCM,data:1+cYL3i51lnqB9z1Su5EguF9ppFvR3YS6eEOGCuYA33twDb1CkGpDIWVlYwz9PfJWuzAtOKj+Vv8ho4rQjdgkzEBCG5jvVc+rvo/zeUGlyQ2UtsZGbFeSbYDUYUczkh37fcMPZ09eMCapAmmL0KSBooG9kBaDy/NDL8LKra6WXw=,iv:9PMbaKI0HP5MC/Lsr43k2fxIQDbS6LX6KWyQCH+I3yY=,tag:Qsnm9kdRlrvTjBoh0ey5ww==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/secrets/nixdesk/default.nix b/secrets/nixdesk/default.nix index 24b5869..82abe24 100644 --- a/secrets/nixdesk/default.nix +++ b/secrets/nixdesk/default.nix @@ -4,5 +4,14 @@ format = "binary"; sopsFile = ./wireguard; }; + #wireguard-preshared = { + # format = "yaml"; + # sopsFile = ./wireguard.yaml; + #}; + wireguard-private = { + format = "yaml"; + sopsFile = ./wireguard.yaml; + key = "PrivateKey"; + }; }; } diff --git a/secrets/nixdesk/wireguard.yaml b/secrets/nixdesk/wireguard.yaml new file mode 100644 index 0000000..1af6fed --- /dev/null +++ b/secrets/nixdesk/wireguard.yaml @@ -0,0 +1,31 @@ +PrivateKey: ENC[AES256_GCM,data:4OLJJ190rSspZKGBqpA7aZaRLVEzIjgksjqU6jHX0NvWncB/w5R3s9C3Fw0=,iv:Knn+jsapxttRCnDaokRqXsk5QIkr8zoDNta/4F/Czxo=,tag:V14n+An7kRCjIx9CI17yCg==,type:str] +PresharedKey: ENC[AES256_GCM,data:5HqALbtJQO5Ti/HHE0rcIhDhe1k2+w9zctgKuaMW77Nbi9Tzp1NWzKh0mOw=,iv:spuk2ARDIcxHndzvuGprsNkafH/ODdDJCTXoRaflKCQ=,tag:2GybJv7z69P2AE0eOh/Nhg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsUXo0SGhieVdkREZqUzZQ + Sk1mQXJ5U2ZnTXlHSG5UQnlXYnh4clFjRGw0Clh5S2ZXQkltUXhhY2x3NWo5VVBp + SXBtWWwvbW50WTVoWFJ3TmQwZXVmeFEKLS0tIDErQXBiYjg4VzVrTzkvTW5ORmtJ + cUxubFFNVWRLRW5QOHl4MDVodHNVVzQK76+hxVKXLRPcP2B9oNsS7sDdd5TvcV9x + D6wiytAnk9Z1PvwwWkIUMg4CJPLmf4iBsnT/EBNQyWuOiVe023OrcA== + -----END AGE ENCRYPTED FILE----- + - recipient: age155sscpw0x36t6s9usdrz7relpxqrtqnk98mrc7s0qcv2n0v3zd7sfl2xn8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhNWg3Rmd3eWF3MDNPTW05 + YlY5OExZbDBQaDkvaWNWbU1LeDloYUxUa0JNCmRHNGxtbDJQK0kxTDd1djZVUjEy + Si92MWxQTGRjRVcwNTZOY20yOUgrelEKLS0tIFYzeGZOeWhqdHRTUlBJR21pOHN6 + am1zRUZ1RmEyVWs5MTlZR1hZMWNFakEKZtqE4oWCuruWVKNfqD3Iji8+VP8yF0A3 + NwmAuhKV6qUXoYVHSvnINONtSeGO0sjwHTLBi0HnpjNd/iSvsX7B8w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-02-28T20:22:52Z" + mac: ENC[AES256_GCM,data:G2JGvYM6fCQSz+e7Nz+/cyBqEGaXNtxxc3UsQvSqgHV3iNhmkUrdO95o3tS2Hq4jedwXrw6WDwsZ8YnYFl+nv56vu19BdupDuHlmRcl0phw5NVk43Rxa8qzJ0HoeUSEfxXaKwSmjWgWT2ZUWq2hY5D19gdL703H22W/H8opBEzw=,iv:1gaRfhenp7be6eoZYx/OOU+VhAcGLnbQHppmuKW1jXk=,tag:Tgg5pUoryB3aqeAponPPkA==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/system/core/compat.nix b/system/core/compat.nix new file mode 100644 index 0000000..9e04343 --- /dev/null +++ b/system/core/compat.nix @@ -0,0 +1,64 @@ +{ + pkgs, + inputs, + ... +}: { + environment.systemPackages = [pkgs.steam-run]; + + programs.nix-ld.enable = true; + programs.nix-ld.libraries = with pkgs; [ + alsa-lib + at-spi2-atk + at-spi2-core + atk + cairo + cups + curl + dbus + expat + fontconfig + freetype + fuse3 + gdk-pixbuf + glib + gtk3 + icu + libGL + libappindicator-gtk3 + libdrm + libglvnd + libnotify + libpulseaudio + libunwind + libusb1 + libuuid + libxkbcommon + libxml2 + mesa + nspr + nss + openssl + pango + pipewire + stdenv.cc.cc + systemd + vulkan-loader + xorg.libX11 + xorg.libXScrnSaver + xorg.libXcomposite + xorg.libXcursor + xorg.libXdamage + xorg.libXext + xorg.libXfixes + xorg.libXi + xorg.libXrandr + xorg.libXrender + xorg.libXtst + xorg.libxcb + xorg.libxkbfile + xorg.libxshmfence + zlib + ]; + # symlinks binaries to /bin, fixes hard coded shebangs + services.envfs.enable = true; +} diff --git a/system/core/default.nix b/system/core/default.nix index 8e2476f..4f628cf 100644 --- a/system/core/default.nix +++ b/system/core/default.nix @@ -4,6 +4,7 @@ ./users.nix ./tools.nix ./ssh.nix + ./compat.nix ../nix ../programs/zsh.nix ]; diff --git a/system/core/tools.nix b/system/core/tools.nix index cb1e4cf..7bc04ac 100644 --- a/system/core/tools.nix +++ b/system/core/tools.nix @@ -1,7 +1,7 @@ {pkgs, ...}: { environment.systemPackages = with pkgs; [ - busybox htop + btop wget ripgrep nethogs diff --git a/system/core/users.nix b/system/core/users.nix index 6ed464c..d1b93ab 100644 --- a/system/core/users.nix +++ b/system/core/users.nix @@ -4,8 +4,8 @@ initialPassword = "nixos"; shell = pkgs.zsh; extraGroups = [ - "video" "wheel" + "video" ]; }; } diff --git a/system/nix/default.nix b/system/nix/default.nix index 6756f77..30ca511 100644 --- a/system/nix/default.nix +++ b/system/nix/default.nix @@ -21,7 +21,7 @@ nixPath = lib.mapAttrsToList (key: _: "${key}=flake:${key}") config.nix.registry; settings = { - auto-optimise-store = true; + #auto-optimise-store = true; builders-use-substitutes = true; experimental-features = ["flakes" "nix-command"]; diff --git a/system/services/containers/server/default.nix b/system/services/containers/server/default.nix index 8795fd6..06ccf24 100644 --- a/system/services/containers/server/default.nix +++ b/system/services/containers/server/default.nix @@ -46,6 +46,21 @@ } ]; } + { + name = "Music"; + items = [ + { + title = "Betanin"; + icon = "hl-betanin"; + url = "http://${hostname}:9393"; + } + { + title = "Slskd"; + icon = "hl-soulseek"; + url = "http://${hostname}:5030"; + } + ]; + } ]; }; in { @@ -59,8 +74,8 @@ in { #}; systemd.tmpfiles.rules = [ - "d /var/lib/code-server 0770 root root -" - "d /var/lib/movie-db 0770 root root -" + "d /var/lib/code-server 0750 root root -" + "d /var/lib/slskd 0750 root root -" ]; users.groups."media" = {}; # create media group @@ -79,6 +94,15 @@ in { ]; }; + #security.acme = { + # acceptTerms = true; + # defaults.email = "xunuwu@gmail.com"; + # certs."air.xun.cam" = { + # dnsProvider = "cloudflare"; + # credentialsFile = config.sops.secrets.cloudflare.path; + # }; + #}; + #systemd.services."${config.virtualisation.oci-containers.backend}-jellyfin".serviceConfig = { # StateDirectory = [ # "${config.virtualisation.oci-containers.backend}/jellyfin/config" @@ -87,11 +111,11 @@ in { # ]; #}; - services.jellyfin = { - enable = true; - openFirewall = true; - group = "media"; - }; + #services.jellyfin = { + # enable = true; + # openFirewall = true; + # group = "media"; + #}; #services.radarr = { # enable = true; @@ -113,6 +137,7 @@ in { virtualisation.podman = { enable = true; autoPrune.enable = true; + dockerSocket.enable = true; }; virtualisation.oci-containers = { @@ -120,7 +145,7 @@ in { containers = { gluetun = { - image = "qmcgaw/gluetun:latest"; + image = "qmcgaw/gluetun:v3"; volumes = [ "${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf" @@ -135,14 +160,17 @@ in { "9696:9696" # prowlarr "8989:8989" # sonarr "7878:7878" # radarr - "8443:8443" # code-server + #"8443:8443" # code-server + "5030:5030" # slskd + "5031:5031" # slskd https + "8096:8096" # jellyfin ]; environment = { VPN_SERVICE_PROVIDER = "airvpn"; VPN_TYPE = "wireguard"; SERVER_COUNTRIES = "Netherlands"; - FIREWALL_VPN_INPUT_PORTS = "11936,8443"; + FIREWALL_VPN_INPUT_PORTS = "11936,8096,14795"; }; extraOptions = [ @@ -151,6 +179,290 @@ in { ]; }; + slskd = { + image = "slskd/slskd"; + volumes = [ + "/var/lib/slskd:/app" + "/media/slskd/downloads:/downloads" + "/media/slskd/incomplete:/incomplete" + "/media/library/music:/shares/music" + "${config.sops.secrets.slskd.path}:/app/slskd.yml" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + + beets = { + image = "lscr.io/linuxserver/beets:latest"; + volumes = [ + "/media/config/beets:/config" + "/media/library/music:/music" + "/media/slskd/downloads:/downloads" + ]; + }; + + jellyfin = { + image = "jellyfin/jellyfin"; + volumes = [ + "/media/config/jellyfin/config:/config" + "/media/config/jellyfin/cache:/cache" + "/media/library:/library" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + + #betanin = { + # image = "sentriz/betanin"; + # ports = [ + # "9393:9393" + # ]; + # volumes = [ + # "/media/config/betanin/data:/b/.local/share/betanin" + # "/media/config/betanin/config:/b/.config/betanin" + # "/media/config/betanin/beets:/b/.config/beets/" + # "${pkgs.writeText "config.yaml" '' + # # --------------- Main --------------- + # + # library: library.db + # directory: /music + # statefile: state.pickle + # + # # --------------- Plugins --------------- + # + # plugins: [] + # pluginpath: [] + # + # # --------------- Import --------------- + # + # clutter: ["Thumbs.DB", ".DS_Store"] + # ignore: [".*", "*~", "System Volume Information", "lost+found"] + # ignore_hidden: yes + # + # import: + # # common options + # write: yes + # copy: yes + # move: no + # timid: no + # quiet: no + # log: + # # other options + # default_action: apply + # languages: [] + # quiet_fallback: skip + # none_rec_action: ask + # # rare options + # link: no + # hardlink: no + # reflink: no + # delete: no + # resume: ask + # incremental: no + # incremental_skip_later: no + # from_scratch: no + # autotag: yes + # singletons: no + # detail: no + # flat: no + # group_albums: no + # pretend: false + # search_ids: [] + # duplicate_keys: + # album: albumartist album + # item: artist title + # duplicate_action: ask + # duplicate_verbose_prompt: no + # bell: no + # set_fields: {} + # ignored_alias_types: [] + # singleton_album_disambig: yes + # + # # --------------- Paths --------------- + # + # path_sep_replace: _ + # drive_sep_replace: _ + # asciify_paths: false + # art_filename: cover + # max_filename_length: 0 + # replace: + # # Replace bad characters with _ + # # prohibited in many filesystem paths + # '[<>:\?\*\|]': _ + # # double quotation mark " + # '\"': _ + # # path separators: \ or / + # '[\\/]': _ + # # starting and closing periods + # '^\.': _ + # '\.$': _ + # # control characters + # '[\x00-\x1f]': _ + # # dash at the start of a filename (causes command line ambiguity) + # '^-': _ + # # Replace bad characters with nothing + # # starting and closing whitespace + # '\s+$': ''\'''\' + # '^\s+': ''\'''\' + # + # aunique: + # keys: albumartist album + # disambiguators: albumtype year label catalognum albumdisambig releasegroupdisambig + # bracket: '[]' + # + # sunique: + # keys: artist title + # disambiguators: year trackdisambig + # bracket: '[]' + # + # # --------------- Tagging --------------- + # + # per_disc_numbering: no + # original_date: no + # artist_credit: no + # id3v23: no + # va_name: "Various Artists" + # paths: + # default: $albumartist/$album%aunique{}/$track $title + # singleton: Non-Album/$artist/$title + # comp: Compilations/$album%aunique{}/$track $title + # + # # --------------- Performance --------------- + # + # threaded: yes + # timeout: 5.0 + # + # # --------------- UI --------------- + # + # verbose: 0 + # terminal_encoding: + # + # ui: + # terminal_width: 80 + # length_diff_thresh: 10.0 + # color: yes + # colors: + # text_success: ['bold', 'green'] + # text_warning: ['bold', 'yellow'] + # text_error: ['bold', 'red'] + # text_highlight: ['bold', 'red'] + # text_highlight_minor: ['white'] + # action_default: ['bold', 'cyan'] + # action: ['bold', 'cyan'] + # # New Colors + # text: ['normal'] + # text_faint: ['faint'] + # import_path: ['bold', 'blue'] + # import_path_items: ['bold', 'blue'] + # added: ['green'] + # removed: ['red'] + # changed: ['yellow'] + # added_highlight: ['bold', 'green'] + # removed_highlight: ['bold', 'red'] + # changed_highlight: ['bold', 'yellow'] + # text_diff_added: ['bold', 'red'] + # text_diff_removed: ['bold', 'red'] + # text_diff_changed: ['bold', 'red'] + # action_description: ['white'] + # import: + # indentation: + # match_header: 2 + # match_details: 2 + # match_tracklist: 5 + # layout: column + # + # # --------------- Search --------------- + # + # format_item: $artist - $album - $title + # format_album: $albumartist - $album + # time_format: '%Y-%m-%d %H:%M:%S' + # format_raw_length: no + # + # sort_album: albumartist+ album+ + # sort_item: artist+ album+ disc+ track+ + # sort_case_insensitive: yes + # + # # --------------- Autotagger --------------- + # + # overwrite_null: + # album: [] + # track: [] + # musicbrainz: + # enabled: yes + # host: musicbrainz.org + # https: no + # ratelimit: 1 + # ratelimit_interval: 1.0 + # searchlimit: 5 + # extra_tags: [] + # genres: no + # external_ids: + # discogs: no + # bandcamp: no + # spotify: no + # deezer: no + # beatport: no + # tidal: no + # + # match: + # strong_rec_thresh: 0.04 + # medium_rec_thresh: 0.25 + # rec_gap_thresh: 0.25 + # max_rec: + # missing_tracks: medium + # unmatched_tracks: medium + # distance_weights: + # source: 2.0 + # artist: 3.0 + # album: 3.0 + # media: 1.0 + # mediums: 1.0 + # year: 1.0 + # country: 0.5 + # label: 0.5 + # catalognum: 0.5 + # albumdisambig: 0.5 + # album_id: 5.0 + # tracks: 2.0 + # missing_tracks: 0.9 + # unmatched_tracks: 0.6 + # track_title: 3.0 + # track_artist: 2.0 + # track_index: 1.0 + # track_length: 2.0 + # track_id: 5.0 + # preferred: + # countries: [] + # media: [] + # original_year: no + # ignored: [] + # required: [] + # ignored_media: [] + # ignore_data_tracks: yes + # ignore_video_tracks: yes + # track_length_grace: 10 + # track_length_max: 30 + # album_disambig_fields: data_source media year country label catalognum albumdisambig + # singleton_disambig_fields: data_source index track_alt album + # ''}:/b/.config/beets/config.yaml" + # "/media/music:/music" + # "/media/slskd/downloads:/downloads" + # ]; + #}; + + #beets = { + # image = "lscr.io/linuxserver/beets:latest"; + # volumes = [ + # "/media/config/beets:/config" + # "/media/music:/music" + # "/media/slskd/downloads:/downloads" + # ]; + #}; + code-server = { image = "lscr.io/linuxserver/code-server:latest"; volumes = [ @@ -159,23 +471,25 @@ in { environmentFiles = [ config.sops.secrets.code-server.path ]; + dependsOn = ["gluetun"]; extraOptions = [ + #"--group-add ${config.security.acme.defaults.group}" "--network=container:gluetun" ]; }; - jellyseerr = { - image = "fallenbagel/jellyseerr:latest"; - ports = [ - "5055:5055" - ]; - volumes = [ - "/media/config/jellyseerr:/app/config" - ]; - extraOptions = [ - "--network=host" - ]; - }; + #jellyseerr = { + # image = "fallenbagel/jellyseerr:latest"; + # ports = [ + # "5055:5055" + # ]; + # volumes = [ + # "/media/config/jellyseerr:/app/config" + # ]; + # extraOptions = [ + # "--network=host" + # ]; + #}; recyclarr = { image = "ghcr.io/recyclarr/recyclarr"; @@ -358,7 +672,7 @@ in { image = "lscr.io/linuxserver/sonarr:latest"; volumes = [ "/media/config/sonarr:/config" - "/media/tvseries:/tv" + "/media/library/tvseries:/tv" "/media/downloads:/downloads" ]; environment = { @@ -375,7 +689,7 @@ in { image = "lscr.io/linuxserver/radarr:latest"; volumes = [ "/media/config/radarr:/config" - "/media/movies:/movies" + "/media/library/movies:/movies" "/media/downloads:/downloads" ]; environment = { @@ -418,19 +732,6 @@ in { "--network=container:gluetun" ]; }; - - dashy = { - image = "lissy93/dashy"; - ports = [ - "8080:80" - ]; - volumes = [ - "${(pkgs.formats.yaml {}).generate "conf.yml" dashyConfig}:/app/public/conf.yml" - ]; - extraOptions = [ - "--network=host" - ]; - }; }; }; }