xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hi

Browse source
This commit is contained in:
xunuwu 2024-04-12 10:41:35 +02:00
parent c522dcbb3f
commit 68bee9a3aa
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
15 changed files with 495 additions and 105 deletions
Download patch file Download diff file Expand all files Collapse all files

1
system/core/tools.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
vim
htop
btop
wget

132
system/services/containers/experimental/default.nix Normal file
View file

@ -0,0 +1,132 @@
{
config,
pkgs,
...
}: {
imports = [
./smbshare.nix
];
virtualisation.podman = {
enable = true;
autoPrune.enable = true;
dockerSocket.enable = true;
};
virtualisation.oci-containers = {
backend = "podman";
containers = {
gluetun = {
image = "qmcgaw/gluetun:v3";
volumes = [
"${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf"
];
ports = [
## This bypasses the firewall
## use 127.0.0.1:XXXX:XXXX if you only want it to be accessible locally
"127.0.0.1:8191:8191" # flaresolverr
"9117:9117" # jackett
"5030:5030" # slskd
"8096:8096" # jellyfin
"8080:8080" # qbittorrent webui
];
environment = {
VPN_SERVICE_PROVIDER = "airvpn";
VPN_TYPE = "wireguard";
SERVER_COUNTRIES = "Netherlands";
FIREWALL_VPN_INPUT_PORTS = "11936,8096,14795";
};
extraOptions = [
"--cap-add=NET_ADMIN"
"--device=/dev/net/tun:/dev/net/tun"
];
};
qbittorrent = {
image = "lscr.io/linuxserver/qbittorrent:latest";
environment = {
WEBUI_PORT = "8080";
TORRENTING_PORT = "11936";
};
volumes = [
"/media/config/qbittorrent:/config"
"${config.sops.secrets.jackett.path}:/config/qBittorrent/nova3/engines/jackett.json"
"/media/downloads:/downloads"
];
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
];
};
flaresolverr = {
image = "flaresolverr/flaresolverr";
environment = {
LOG_LEVEL = "info";
};
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
];
};
jellyfin = {
image = "jellyfin/jellyfin";
volumes = [
"/media/config/jellyfin/config:/config"
"/media/config/jellyfin/cache:/cache"
"/media/library:/library"
];
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
];
};
jackett = {
image = "lscr.io/linuxserver/jackett:latest";
volumes = [
"/media/config/jackett:/config"
];
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
];
};
slskd = {
image = "slskd/slskd";
volumes = [
"/var/lib/slskd:/app"
"/media/slskd/downloads:/downloads"
"/media/slskd/incomplete:/incomplete"
"/media/library/music:/shares/music"
"${config.sops.secrets.slskd.path}:/app/slskd.yml"
];
dependsOn = ["gluetun"];
extraOptions = [
"--network=container:gluetun"
];
};
betanin = {
image = "sentriz/betanin";
environment = {
UID = "1001";
GID = "100";
};
ports = [
"9393:9393"
];
volumes = [
"/media/config/betanin/data:/b/.local/share/betanin"
"/media/config/betanin/config:/b/.config/betanin"
"/media/config/betanin/beets:/b/.config/beets"
"${config.sops.secrets.betanin.path}:/b/.config/beets/config.yaml"
"/media/library/music:/music"
"/media/slskd/downloads:/downloads"
];
};
};
};
}

27
system/services/containers/experimental/smbshare.nix Normal file
View file

@ -0,0 +1,27 @@
{pkgs, ...}: {
services.samba = {
enable = true;
package = pkgs.samba4Full;
openFirewall = true;
shares = {
"torrent" = {
path = "/media/downloads";
browseable = "yes";
"guest ok" = "yes";
"read only" = "yes";
"write-list" = "xun";
};
"library" = {
path = "/media/library";
browseable = "yes";
"guest ok" = "yes";
"read only" = "yes";
"write-list" = "xun";
};
};
};
services.samba-wsdd = {
enable = true;
openFirewall = true;
};
}

54
system/services/containers/server/default.nix
View file

@ -7,32 +7,33 @@
#./statistics
];
services.samba = {
enable = true;
package = pkgs.samba4Full;
openFirewall = true;
shares."torrent-downloads" = {
path = "/media/downloads/complete";
browseable = "yes";
"read only" = "yes";
"guest ok" = "no";
};
#shares."decky-cloud-save" = {
# path = "/media/gamesaves";
# browseable = "yes";
# "read only" = "no";
# "guest ok" = "no";
#};
extraConfig = ''
server smb encrypt = required
server min protocol = SMB3_00
'';
};
services.samba-wsdd = {
# This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued
enable = true;
openFirewall = true;
};
### temp disabled
###services.samba = {
### enable = true;
### package = pkgs.samba4Full;
### openFirewall = true;
### shares."torrent-downloads" = {
### path = "/media/downloads/complete";
### browseable = "yes";
### "read only" = "yes";
### "guest ok" = "no";
### };
### #shares."decky-cloud-save" = {
### # path = "/media/gamesaves";
### # browseable = "yes";
### # "read only" = "no";
### # "guest ok" = "no";
### #};
### extraConfig = ''
### server smb encrypt = required
### server min protocol = SMB3_00
### '';
###};
###services.samba-wsdd = {
### # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued
### enable = true;
### openFirewall = true;
###};
#virtualisation.docker = {
# enable = true;
@ -131,6 +132,7 @@
"5030:5030" # slskd
"5031:5031" # slskd https
"8096:8096" # jellyfin
"8080:8080" # qbittorrent webui
];
environment = {