feat(limonka)!: jellyfin
and transmission
config
Add config for the `jellyfin` service Add config for the `transmission` service Fix networking issue (DNS died after some time) Rename `jeeves_password` secret Fix deprecated `passwordFile` -> `hashedPasswordFile`
This commit is contained in:
parent
bdda5d9182
commit
4afa641a4d
5 changed files with 73 additions and 2 deletions
|
@ -1,10 +1,13 @@
|
|||
{ inputs, outputs, lib, pkgs, config, ... }:
|
||||
{
|
||||
imports = [
|
||||
inputs.hardware.nixosModules.common-cpu-amd
|
||||
inputs.hardware.nixosModules.common-gpu-amd
|
||||
(import ./disko.nix { inherit inputs outputs; })
|
||||
inputs.agenix.nixosModules.default
|
||||
./network.nix
|
||||
./wireguard.nix
|
||||
./jellyfin.nix
|
||||
];
|
||||
|
||||
nixpkgs = {
|
||||
|
@ -57,14 +60,15 @@
|
|||
];
|
||||
|
||||
# NOTE: made with `mkpasswd -m sha-516`
|
||||
age.secrets."home/jeeves_password".file = ../../../../secrets/home/jeeves_password.age;
|
||||
age.secrets."jeeves_password".file = ../../../../secrets/home/jeeves_password.age;
|
||||
|
||||
users = {
|
||||
mutableUsers = true;
|
||||
users = {
|
||||
jeeves = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
passwordFile = config.age.secrets."home/jeeves_password".path;
|
||||
hashedPasswordFile = config.age.secrets."jeeves_password".path;
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBj8ZGcvI80WrJWV+dNy1a3L973ydSNqtwcVHzurDUaW (none)"
|
||||
];
|
||||
|
@ -73,6 +77,7 @@
|
|||
"networkmanager"
|
||||
"audio"
|
||||
"docker"
|
||||
"transmission"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
@ -189,6 +189,9 @@
|
|||
];
|
||||
};
|
||||
"/data/media" = { };
|
||||
"/data/torrents" = { };
|
||||
"/data/torrents/download" = { };
|
||||
"/data/torrents/incomplete" = { };
|
||||
"/data/media/jellyfin" = { };
|
||||
};
|
||||
};
|
||||
|
|
43
machines/nixos/x86_64-linux/jeeves/jellyfin.nix
Normal file
43
machines/nixos/x86_64-linux/jeeves/jellyfin.nix
Normal file
|
@ -0,0 +1,43 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
tremc
|
||||
];
|
||||
|
||||
services = {
|
||||
transmission = {
|
||||
enable = true;
|
||||
openRPCPort = true;
|
||||
settings = {
|
||||
download-dir = "/data/torrents/download";
|
||||
incomplete-dir = "/data/torrents/incomplete";
|
||||
incomplete-dir-enabled = true;
|
||||
rpc-whitelist = "127.0.0.1,192.168.*.*,10.100.0.*";
|
||||
};
|
||||
};
|
||||
jellyfin = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
# sonarr = {
|
||||
# enable = true;
|
||||
# openFirewall = true;
|
||||
# };
|
||||
# radarr = {
|
||||
# enable = true;
|
||||
# openFirewall = true;
|
||||
# };
|
||||
# bazarr = {
|
||||
# enable = true;
|
||||
# openFirewall = true;
|
||||
# };
|
||||
# readarr = {
|
||||
# enable = true;
|
||||
# openFirewall = true;
|
||||
# };
|
||||
# prowlarr = {
|
||||
# enable = true;
|
||||
# openFirewall = true;
|
||||
# };
|
||||
};
|
||||
}
|
|
@ -15,6 +15,7 @@
|
|||
};
|
||||
};
|
||||
|
||||
networking.useNetworkd = true;
|
||||
systemd.network = {
|
||||
enable = true;
|
||||
wait-online = {
|
||||
|
|
|
@ -42,6 +42,25 @@
|
|||
];
|
||||
};
|
||||
}
|
||||
{
|
||||
# limonka
|
||||
wireguardPeerConfig = {
|
||||
PublicKey = "+x4cKc16KxhW/M3wv64FU1J0AkiLyXT5Oar6I1n1xk4=";
|
||||
AllowedIPs = [
|
||||
"0.0.0.0/0"
|
||||
# "192.168.1.0/24"
|
||||
];
|
||||
};
|
||||
}
|
||||
{
|
||||
# s42
|
||||
wireguardPeerConfig = {
|
||||
PublicKey = "pZF6M8TZ1FSBtTwFz4xzlMqwqRScEqgBfqHBk7ddixc=";
|
||||
AllowedIPs = [
|
||||
"0.0.0.0/0"
|
||||
];
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue