mirror of
https://github.com/Death916/nixconfig.git
synced 2026-04-10 02:54:39 -07:00
196 lines
5.3 KiB
Nix
196 lines
5.3 KiB
Nix
# ~/nixconfig/modules.new/nixos/homelab/services.nix
|
|
{
|
|
config,
|
|
pkgs,
|
|
unstablePkgsHA,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
../../adguard.nix
|
|
./restic.nix
|
|
./monitoring.nix
|
|
../../c2cscrape.nix
|
|
../../../modules/containers/docker/dispatcharr/docker-compose.nix
|
|
../../../modules/containers/haos.nix
|
|
../../../modules/containers/docker/nextcloud/compose.nix
|
|
|
|
];
|
|
arrSuite.enable = true;
|
|
services.samba.shares.Media.path = "/media/storage/media";
|
|
|
|
services.c2cscrape = {
|
|
enable = true;
|
|
dataDir = "/media/storage/media/books/audio/podcasts/C2C";
|
|
user = "death916";
|
|
environmentFile = "/etc/nixos/secrets/c2c.env";
|
|
};
|
|
# virtualisation.incus.enable = true;
|
|
services.qbittorrent = {
|
|
enable = true;
|
|
profileDir = "/storage/services/qbittorrent";
|
|
user = "qbittorrent";
|
|
group = "media_services";
|
|
webuiPort = 8090;
|
|
openFirewall = true;
|
|
package = pkgs.qbittorrent-nox;
|
|
};
|
|
|
|
systemd.services.qbittorrent.unitConfig.RequiresMountsFor = [ "/media" ];
|
|
systemd.services.qbittorrent.unitConfig.ConditionPathIsMountPoint = "/media";
|
|
users.users.audiobookshelf = {
|
|
isSystemUser = true;
|
|
group = "media_services";
|
|
};
|
|
|
|
users.users.c2c = {
|
|
isSystemUser = true;
|
|
group = "media_services";
|
|
extraGroups = [ "media_services" ];
|
|
};
|
|
|
|
services.audiobookshelf = {
|
|
enable = true;
|
|
user = "audiobookshelf";
|
|
group = "media_services";
|
|
host = "0.0.0.0";
|
|
port = 13378;
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /storage/services/qbittorrent 0755 qbittorrent media_services - -"
|
|
"d /storage/services/qbittorrent/config 0755 qbittorrent media_services - -"
|
|
"d /media/storage/media/books/audio/podcasts/C2C 0777 c2c media_services - -"
|
|
"d /storage/services/immich 0770 immich media_services -"
|
|
"d /storage/services/immich/upload 0770 immich media_services -"
|
|
"d /storage/services/immich/upload/library 0770 immich media_services -"
|
|
"d /storage/services/immich/upload/thumbs 0770 immich media_services -"
|
|
"d /storage/services/immich/upload/encoded-video 0770 immich media_services -"
|
|
"d /storage/services/immich/upload/profile 0770 immich media_services -"
|
|
"d /storage/services/immich/upload/upload 0770 immich media_services -"
|
|
"d /storage/services/immich/upload/backup 0770 immich media_services -"
|
|
"f /storage/services/immich/upload/library/.immich 0660 immich media_services -"
|
|
"f /storage/services/immich/upload/thumbs/.immich 0660 immich media_services -"
|
|
"f /storage/services/immich/upload/encoded-video/.immich 0660 immich media_services -"
|
|
"f /storage/services/immich/upload/upload/.immich 0660 immich media_services -"
|
|
"f /storage/services/immich/upload/profile/.immich 0660 immich media_services -"
|
|
"f /storage/services/immich/upload/backups/.immich 0660 immich media_services -"
|
|
];
|
|
|
|
services.jellyfin.enable = true;
|
|
|
|
services.actual = {
|
|
enable = true;
|
|
settings = {
|
|
port = 5006;
|
|
};
|
|
};
|
|
|
|
virtualisation.docker.enable = true;
|
|
|
|
virtualisation.oci-containers = {
|
|
backend = "docker";
|
|
containers = {
|
|
dufs = {
|
|
user = "1000:1000";
|
|
image = "sigoden/dufs:latest";
|
|
ports = [ "5000:5000" ];
|
|
volumes = [ "/media/storage/media/:/data" ];
|
|
cmd = [
|
|
"/data"
|
|
"-A"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
users.users.adguardhome = {
|
|
isSystemUser = true;
|
|
group = "adguardhome";
|
|
extraGroups = [ "adgaurdhome-access" ];
|
|
};
|
|
users.groups.adguardhome-access = { };
|
|
users.groups.adguardhome = { };
|
|
|
|
security.sudo.wheelNeedsPassword = true;
|
|
|
|
virtualisation.libvirtd = {
|
|
enable = true;
|
|
qemu = {
|
|
package = pkgs.qemu_full;
|
|
runAsRoot = true;
|
|
# ovmf.enable = true;
|
|
};
|
|
};
|
|
|
|
programs.nh = {
|
|
enable = true;
|
|
clean.enable = true;
|
|
clean.extraArgs = "--keep-since 7d --keep 10";
|
|
flake = "/home/death916/nixconfig/";
|
|
};
|
|
|
|
users.users.immich = {
|
|
isSystemUser = true;
|
|
extraGroups = [ "media_services" ];
|
|
};
|
|
|
|
systemd.services.immich-server.unitConfig.RequiresMountsFor = [ "/storage" ];
|
|
systemd.services.immich-microservices.unitConfig.RequiresMountsFor = [ "/storage" ];
|
|
systemd.services.immich-machine-learning.unitConfig.RequiresMountsFor = [ "/storage" ];
|
|
systemd.services.immich-server.serviceConfig.ReadWritePaths = [ "/storage/services/immich" ];
|
|
systemd.services.immich-microservices.serviceConfig.ReadWritePaths = [ "/storage/services/immich" ];
|
|
systemd.services.immich-machine-learning.serviceConfig.ReadWritePaths = [
|
|
"/storage/services/immich"
|
|
];
|
|
|
|
services.immich = {
|
|
enable = true;
|
|
host = "0.0.0.0";
|
|
port = 2283;
|
|
mediaLocation = "/storage/services/immich/upload";
|
|
environment.IMMICH_IGNORE_MOUNT_CHECK_ERRORS = "true";
|
|
|
|
};
|
|
|
|
services.calibre-web = {
|
|
enable = true;
|
|
listen.ip = "0.0.0.0";
|
|
options = {
|
|
calibreLibrary = "/media/storage/media/books/calibre";
|
|
enableBookUploading = true;
|
|
};
|
|
};
|
|
|
|
services.ersatztv = {
|
|
enable = true;
|
|
group = "media_services";
|
|
package = pkgs.ersatztv.override { ffmpeg = pkgs.ffmpeg_7; };
|
|
openFirewall = true;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
git
|
|
vim
|
|
htop
|
|
tmux
|
|
tailscale
|
|
lvm2
|
|
rsync
|
|
multipath-tools
|
|
btop
|
|
wget
|
|
pkgs.jellyfin-web
|
|
pkgs.jellyfin-ffmpeg
|
|
pkgs.jellyfin
|
|
unzip
|
|
manix
|
|
qemu
|
|
virt-manager
|
|
usbutils
|
|
yazi
|
|
nixfmt
|
|
nil
|
|
nixd
|
|
];
|
|
}
|