tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity

alpine: add prowlarr and exportarr

Browse source
This commit is contained in:
Tristan 2025-08-19 19:51:12 +01:00
parent e7c8cec95e
commit c993639066
3 changed files with 111 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

73
nixos/services/arr.nix
View file

@ -1,20 +1,20 @@
{config, lib, user, ...}: let
{
config,
lib,
user,
...
}: let
inherit (config) sops;
inherit (sops) templates placeholder;
in {
nixpkgs.config.permittedInsecurePackages = [
"aspnetcore-runtime-6.0.36"
"aspnetcore-runtime-wrapped-6.0.36"
"dotnet-sdk-6.0.428"
"dotnet-sdk-wrapped-6.0.428"
];
users.users.${user}.extraGroups = ["media"];
users.groups.media = {
gid = 979;
};
services.jackett = {
services.prowlarr = {
enable = true;
};
services.flaresolverr.enable = true;
services.lidarr = {
enable = true;
group = "media";
@ -27,21 +27,13 @@ in {
enable = true;
group = "media";
};
services.bazarr = {
enable = true;
group = "media";
};
services.jellyseerr.enable = true;
sops.secrets.sonarr-sslkey = {
sopsFile = ../../certs/alpine.prawn-justice.ts.net.key;
format = "binary";
owner = "nginx";
};
# this was fun to figure out, but pointless atm.
services.nginx.virtualHosts."alpine.prawn-justice.ts.net" = {
forceSSL = true;
sslCertificateKey = config.sops.secrets.sonarr-sslkey.path;
sslCertificate = ../../certs/alpine.prawn-justice.ts.net.crt;
};
# probably easier if i just put this in a nixos-container
virtualisation.oci-containers.containers.transmission = {
autoStart = false;
image = "docker.io/haugene/transmission-openvpn:5.3.2";
ports = ["9091:9091"];
volumes = [
@ -49,7 +41,7 @@ in {
"/home/tristan/pods/transmission/config:/config"
"/mnt/storage/media/unsorted:/data/completed"
];
environmentFiles = [ templates."transmission/env".path ];
environmentFiles = [templates."transmission/env".path];
environment = {
PUID = "1000";
PGID = toString config.users.groups.media.gid;
@ -79,4 +71,43 @@ in {
OPENVPN_PASSWORD=${placeholder."transmission/auth/OPENVPN_PASSWORD"}
'';
};
sops.secrets."sonarr/api_key" = {};
sops.secrets."radarr/api_key" = {};
sops.secrets."prowlarr/api_key" = {};
services.prometheus.exporters.exportarr-sonarr = {
enable = true;
url = "http://localhost:${toString config.services.sonarr.settings.server.port}/sonarr";
port = 9708;
apiKeyFile = config.sops.secrets."sonarr/api_key".path;
};
services.prometheus.exporters.exportarr-radarr = {
enable = true;
url = "http://localhost:${toString config.services.radarr.settings.server.port}";
port = 9709;
apiKeyFile = config.sops.secrets."radarr/api_key".path;
};
services.prometheus.exporters.exportarr-prowlarr = {
enable = true;
url = "http://localhost:${toString config.services.prowlarr.settings.server.port}";
port = 9710;
apiKeyFile = config.sops.secrets."prowlarr/api_key".path;
};
services.prometheus = {
enable = true;
scrapeConfigs = [
{
job_name = "exportarr";
static_configs = [
{
targets = [
"localhost:${toString config.services.prometheus.exporters.exportarr-radarr.port}"
"localhost:${toString config.services.prometheus.exporters.exportarr-sonarr.port}"
"localhost:${toString config.services.prometheus.exporters.exportarr-prowlarr.port}"
];
}
];
}
];
};
}

98
nixos/services/prometheus.nix
View file

@ -29,28 +29,34 @@ in {
];
rules = [
(builtins.toJSON {
groups = [{
name = "node";
rules = [
{
alert = "io error";
expr = ''node_filesystem_device_error{device_error!="permission denied"} > 0'';
}
{
alert = "disk full";
expr = ''node_filesystem_avail_bytes{fstype=~"ext4|btrfs"} < ${toString (50 * 1024 * 1024 * 1024)}'';
}
];
}];
groups = [
{
name = "node";
rules = [
{
alert = "io error";
expr = ''node_filesystem_device_error{device_error!="permission denied"} > 0'';
}
{
alert = "disk full";
expr = ''node_filesystem_avail_bytes{fstype=~"ext4|btrfs"} < ${toString (50 * 1024 * 1024 * 1024)}'';
}
];
}
];
})
];
alertmanagers = [ {
static_configs = [ {
targets = [
"localhost:9093"
alertmanagers = [
{
static_configs = [
{
targets = [
"localhost:9093"
];
}
];
} ];
} ];
}
];
exporters = {
postgres = {
enable = true;
@ -58,39 +64,35 @@ in {
};
};
alertmanager = {
enable = true;
enable = false;
configuration = {
receivers = [{
name = "ntfy";
webhook_configs = [{
url = "http://localhost${config.services.ntfy-sh.settings.listen-http}/alert/trigger";
}];
}];
route = {
receiver = "ntfy";
# routes = [{
# matchers = [
# ''node_filesystem_device_error != 0''
# ];
# }];
receiver = "alertmanager-ntfy";
routes = [{
matchers = [
''node_filesystem_device_error != 0''
];
}];
};
};
};
alertmanager-ntfy = {
enable = false;
settings = {
ntfy = {
baseurl = "https://up.tristans.cloud";
notification = {
topic = "alert";
};
};
};
};
# alertmanager-ntfy = {
# enable = true;
# settings = {
# ntfy = {
# baseurl = "https://up.tristans.cloud";
# notification = {
# topic = "alert";
# };
# };
# };
# };
};
services.grafana.provision.datasources.settings.datasources = [{
name = "Prometheus";
type = "prometheus";
url = "http://localhost:${toString prometheus.port}";
}];
services.grafana.provision.datasources.settings.datasources = [
{
name = "Prometheus";
type = "prometheus";
url = "http://localhost:${toString prometheus.port}";
}
];
}