tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity
nix/nixos/services/arr.nix
Tristan 123e7088f5 alpine: many changes 
- updates
- snapserver
- graphana dashboards
- loki
- ddclient
- arr suite, jellyseer
- mautrix fixes
2025-01-18 00:18:11 +00:00

70 lines
2 KiB
Nix
Raw Blame History

{config, lib, ...}: let
inherit (config) sops;
inherit (sops) templates placeholder;
in {
users.groups.media = {};
services.jackett = {
enable = true;
};
services.lidarr = {
enable = true;
group = "media";
};
services.sonarr = {
enable = true;
group = "media";
};
services.radarr = {
enable = true;
group = "media";
};
services.jellyseerr.enable = true;
sops.secrets.sonarr-sslkey = {
sopsFile = ../../certs/alpine.prawn-justice.ts.net.key;
format = "binary";
owner = "nginx";
};
# this was fun to figure out, but pointless atm.
services.nginx.virtualHosts."alpine.prawn-justice.ts.net" = {
forceSSL = true;
sslCertificateKey = config.sops.secrets.sonarr-sslkey.path;
sslCertificate = ../../certs/alpine.prawn-justice.ts.net.crt;
};
# probably easier if i just put this in a nixos-container
virtualisation.oci-containers.containers.transmission = {
autoStart = false;
image = "docker.io/haugene/transmission-openvpn:5.3.1";
ports = ["9091:9091"];
volumes = [
"/mnt/storage/downloads:/data"
"transmission-config:/config"
"/mnt/storage/media/unsorted:/data/completed"
];
environmentFiles = [ templates."transmission/env".path ];
environment = {
PUID = "1000";
GUID = "1000";
SUBNET = "100.0.0.0/8";
};
extraOptions = builtins.map (cap: "--cap-add=${cap}") [
"NET_ADMIN"
"NET_RAW"
"MKNOD"
];
};
sops.secrets = {
"transmission/auth/OPENVPN_PROVIDER" = {};
"transmission/auth/OPENVPN_CONFIG" = {};
"transmission/auth/OPENVPN_USERNAME" = {};
"transmission/auth/OPENVPN_PASSWORD" = {};
};
sops.templates."transmission/env" = {
owner = "tristan";
content = ''
OPENVPN_PROVIDER="${placeholder."transmission/auth/OPENVPN_PROVIDER"}"
OPENVPN_CONFIG="${placeholder."transmission/auth/OPENVPN_CONFIG"}"
OPENVPN_USERNAME="${placeholder."transmission/auth/OPENVPN_USERNAME"}"
OPENVPN_PASSWORD="${placeholder."transmission/auth/OPENVPN_PASSWORD"}"
'';
};
}
View git blame Copy permalink