death916/nixconfig
1
0
Fork 0
mirror of https://github.com/Death916/nixconfig.git synced 2026-04-11 04:48:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
nixconfig/modules/nixos/homelab/services.nix
death916 0ff355928a dufs
2026-03-13 01:45:19 -07:00

230 lines
6 KiB
Nix
Raw Blame History

# ~/nixconfig/modules.new/nixos/homelab/services.nix
{
config,
pkgs,
unstablePkgs,
...
}:
{
imports = [
../../adguard.nix
./restic.nix
./monitoring.nix
../../c2cscrape.nix
../../../modules/containers/docker/dispatcharr/docker-compose.nix
../../../modules/containers/haos.nix
../../../modules/containers/docker/nextcloud/aio-compose.nix
../../../modules/containers/docker/navidrome.nix
];
arrSuite.enable = true;
services.samba.shares.Media.path = "/media/storage/media";
services.c2cscrape = {
enable = true;
dataDir = "/media/storage/media/books/c2c";
user = "c2c";
environmentFile = "/etc/nixos/secrets/c2c.env";
};
# virtualisation.incus.enable = true;
services.qbittorrent = {
enable = true;
profileDir = "/storage/services/qbittorrent";
user = "qbittorrent";
group = "media_services";
webuiPort = 8090;
openFirewall = true;
package = pkgs.qbittorrent-nox;
};
systemd.services.qbittorrent.unitConfig.RequiresMountsFor = [ "/media" ];
systemd.services.qbittorrent.unitConfig.ConditionPathIsMountPoint = "/media";
users.users.audiobookshelf = {
isSystemUser = true;
group = "media_services";
};
users.users.c2c = {
isSystemUser = true;
group = "media_services";
extraGroups = [ "media_services" ];
};
services.audiobookshelf = {
enable = true;
user = "audiobookshelf";
group = "media_services";
host = "0.0.0.0";
port = 13378;
};
systemd.tmpfiles.rules = [
"d /storage/services/qbittorrent 2775 qbittorrent media_services - -"
"d /storage/services/qbittorrent/config 0775 qbittorrent media_services - -"
"d /media/storage/media 2775 death916 media_services - -"
"d /media/storage/media/books/c2c 2775 c2c media_services - -"
"d /storage/services/immich 0770 immich media_services -"
"d /storage/services/immich/upload 0775 immich media_services -"
"d /storage/services/immich/upload/library 0770 immich media_services -"
"d /storage/services/immich/upload/thumbs 0770 immich media_services -"
"d /storage/services/immich/upload/encoded-video 0770 immich media_services -"
"d /storage/services/immich/upload/profile 0770 immich media_services -"
"d /storage/services/immich/upload/upload 0770 immich media_services -"
"d /storage/services/immich/upload/backups 0775 immich media_services -"
"f /storage/services/immich/upload/library/.immich 0660 immich media_services -"
"f /storage/services/immich/upload/thumbs/.immich 0660 immich media_services -"
"f /storage/services/immich/upload/encoded-video/.immich 0660 immich media_services -"
"f /storage/services/immich/upload/upload/.immich 0660 immich media_services -"
"f /storage/services/immich/upload/profile/.immich 0660 immich media_services -"
];
services.jellyfin.enable = true;
services.actual = {
enable = true;
settings = {
port = 5006;
};
};
virtualisation.docker.enable = true;
virtualisation.oci-containers = {
backend = "docker";
containers = {
dufs = {
user = "1000:1000";
image = "sigoden/dufs:latest";
ports = [ "5000:5000" ];
volumes = [ "/media/storage/media/:/data" ];
cmd = [
"/data"
"-A"
];
};
};
};
systemd.services.docker-dufs = {
unitConfig = {
RequiresMountsFor = [ "/media/storage/media" ];
ConditionPathIsMountPoint = "/media/storage/media";
};
};
users.users.adguardhome = {
isSystemUser = true;
group = "adguardhome";
extraGroups = [ "adgaurdhome-access" ];
};
users.groups.adguardhome-access = { };
users.groups.adguardhome = { };
security.sudo.wheelNeedsPassword = true;
virtualisation.libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_full;
runAsRoot = true;
# ovmf.enable = true;
};
};
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 7d --keep 10";
flake = "/home/death916/nixconfig/";
};
users.users.immich = {
isSystemUser = true;
extraGroups = [ "media_services" ];
};
users.users.navidrome = {
isSystemUser = true;
group = "media_services";
extraGroups = [ "media_services" ];
};
systemd.services.immich-server.unitConfig.RequiresMountsFor = [ "/storage" ];
systemd.services.immich-microservices.unitConfig.RequiresMountsFor = [ "/storage" ];
systemd.services.immich-machine-learning.unitConfig.RequiresMountsFor = [ "/storage" ];
systemd.services.immich-server.serviceConfig.ReadWritePaths = [ "/storage/services/immich" ];
systemd.services.immich-microservices.serviceConfig.ReadWritePaths = [ "/storage/services/immich" ];
systemd.services.immich-machine-learning.serviceConfig.ReadWritePaths = [
"/storage/services/immich"
];
services.immich = {
enable = true;
host = "0.0.0.0";
port = 2283;
mediaLocation = "/storage/services/immich/upload";
environment.IMMICH_IGNORE_MOUNT_CHECK_ERRORS = "true";
database = {
enable = true;
host = "/run/postgresql";
name = "immich";
user = "immich";
createDB = false;
};
};
services.calibre-web = {
enable = true;
listen.ip = "0.0.0.0";
options = {
calibreLibrary = "/media/storage/media/books/calibre";
enableBookUploading = true;
};
};
services.ersatztv = {
enable = true;
group = "media_services";
package = pkgs.ersatztv.override { ffmpeg = pkgs.ffmpeg_7; };
openFirewall = true;
};
services.postgresql = {
enable = true;
package = pkgs.postgresql_16.withPackages (p: [ p.pgvecto-rs ]);
ensureDatabases = [ "immich" ];
ensureUsers = [
{
name = "immich";
ensureDBOwnership = true;
}
];
};
environment.systemPackages = with pkgs; [
git
vim
htop
tmux
tailscale
lvm2
rsync
multipath-tools
btop
wget
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
pkgs.jellyfin
unzip
manix
qemu
virt-manager
usbutils
yazi
nixfmt
nil
nixd
];
}
Reference in a new issue View git blame Copy permalink