77 lines
2.2 KiB
Nix
77 lines
2.2 KiB
Nix
{config, lib, ...}: let
|
|
inherit (config) sops;
|
|
inherit (sops) templates placeholder;
|
|
in {
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
"aspnetcore-runtime-6.0.36"
|
|
"aspnetcore-runtime-wrapped-6.0.36"
|
|
"dotnet-sdk-6.0.428"
|
|
"dotnet-sdk-wrapped-6.0.428"
|
|
];
|
|
users.groups.media = {};
|
|
services.jackett = {
|
|
enable = true;
|
|
};
|
|
services.lidarr = {
|
|
enable = true;
|
|
group = "media";
|
|
};
|
|
services.sonarr = {
|
|
enable = true;
|
|
group = "media";
|
|
};
|
|
services.radarr = {
|
|
enable = true;
|
|
group = "media";
|
|
};
|
|
services.jellyseerr.enable = true;
|
|
sops.secrets.sonarr-sslkey = {
|
|
sopsFile = ../../certs/alpine.prawn-justice.ts.net.key;
|
|
format = "binary";
|
|
owner = "nginx";
|
|
};
|
|
# this was fun to figure out, but pointless atm.
|
|
services.nginx.virtualHosts."alpine.prawn-justice.ts.net" = {
|
|
forceSSL = true;
|
|
sslCertificateKey = config.sops.secrets.sonarr-sslkey.path;
|
|
sslCertificate = ../../certs/alpine.prawn-justice.ts.net.crt;
|
|
};
|
|
# probably easier if i just put this in a nixos-container
|
|
virtualisation.oci-containers.containers.transmission = {
|
|
autoStart = false;
|
|
image = "docker.io/haugene/transmission-openvpn:5.3.1";
|
|
ports = ["9091:9091"];
|
|
volumes = [
|
|
"/mnt/storage/downloads:/data"
|
|
"/home/tristan/pods/transmission/config:/config"
|
|
"/mnt/storage/media/unsorted:/data/completed"
|
|
];
|
|
environmentFiles = [ templates."transmission/env".path ];
|
|
environment = {
|
|
PUID = "1000";
|
|
GUID = "1000";
|
|
LOCAL_NETWORK = "100.0.0.0/8";
|
|
};
|
|
privileged = true;
|
|
capabilities = {
|
|
"NET_ADMIN" = true;
|
|
"NET_RAW" = true;
|
|
"MKNOD" = true;
|
|
};
|
|
};
|
|
sops.secrets = {
|
|
"transmission/auth/OPENVPN_PROVIDER" = {};
|
|
"transmission/auth/OPENVPN_CONFIG" = {};
|
|
"transmission/auth/OPENVPN_USERNAME" = {};
|
|
"transmission/auth/OPENVPN_PASSWORD" = {};
|
|
};
|
|
sops.templates."transmission/env" = {
|
|
owner = "tristan";
|
|
content = ''
|
|
OPENVPN_PROVIDER="${placeholder."transmission/auth/OPENVPN_PROVIDER"}"
|
|
OPENVPN_CONFIG="${placeholder."transmission/auth/OPENVPN_CONFIG"}"
|
|
OPENVPN_USERNAME="${placeholder."transmission/auth/OPENVPN_USERNAME"}"
|
|
OPENVPN_PASSWORD="${placeholder."transmission/auth/OPENVPN_PASSWORD"}"
|
|
'';
|
|
};
|
|
}
|