diff --git a/hosts/snowbelle/configuration.nix b/hosts/snowbelle/configuration.nix index 3971a53..9aa4f3a 100644 --- a/hosts/snowbelle/configuration.nix +++ b/hosts/snowbelle/configuration.nix @@ -30,10 +30,10 @@ nginx-proxy.enable = true; }; services = { - jellyfin.enable = true; - vaultwarden.enable = true; - gitea.enable = true; - qbittorrent.enable = true; + #jellyfin.enable = true; + #vaultwarden.enable = true; + #gitea.enable = true; + #qbittorrent.enable = true; prowlarr.enable = true; flaresolverr.enable = true; bazarr.enable = true; diff --git a/modules/homelab/services/arr.bak/bazarr/default.nix b/modules/homelab/services/arr.bak/bazarr/default.nix deleted file mode 100644 index d93c3db..0000000 --- a/modules/homelab/services/arr.bak/bazarr/default.nix +++ /dev/null @@ -1,74 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - cfg = config.modules.services.bazarr; - ids = 2706; - default_port = 6767; - data_dir = "/var/lib/bazarr"; -in -{ - options.modules.services.bazarr = { - enable = lib.mkEnableOption "enables bazarr"; - - # set port options - port = lib.mkOption { - type = lib.types.int; - default = 7106; - description = "set port for bazarr (default: ${toString default_port}"; - }; - - backup = lib.mkOption { - type = lib.types.bool; - default = true; - description = "enable backups for bazarr"; - }; - }; - - config = lib.mkIf cfg.enable { - - # declare bazarr group - users.groups.bazarr = { gid = ids; }; - - # declare bazarr user - users.users.bazarr = { - description = "bazarr server user"; - uid = ids; - isSystemUser = true; - home = "/var/lib/bazarr"; - createHome = false; - group = "bazarr"; - extraGroups = [ "media" ]; - }; - - # enable the bazarr service - services.bazarr = { - enable = true; - openFirewall = true; - user = "bazarr"; - group = "bazarr"; - listenPort = cfg.port; - }; - - # override systemd service - systemd.services.bazarr.serviceConfig = { - UMask = lib.mkForce "0007"; - }; - -# # open firewall -# networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # internal reverse proxy entry - services.nginx.virtualHosts."bazarr.snowbelle.lan" = { - enableACME = false; - forceSSL = true; - sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; - sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; - - # add to backups - modules.system.backups.paths = lib.mkIf cfg.backup [ data_dir ]; - }; -} diff --git a/modules/homelab/services/arr.bak/flaresolverr/default.nix b/modules/homelab/services/arr.bak/flaresolverr/default.nix deleted file mode 100644 index eebbe1c..0000000 --- a/modules/homelab/services/arr.bak/flaresolverr/default.nix +++ /dev/null @@ -1,68 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - cfg = config.modules.services.flaresolverr; - ids = 2008; - default_port = 8189; -in -{ - options.modules.services.flaresolverr = { - enable = lib.mkEnableOption "enables flaresolverr"; - - # set port options - port = lib.mkOption { - type = lib.types.int; - default = 7105; - description = "set port for flaresolverr (default: ${toString default_port}"; - }; - - backup = lib.mkOption { - type = lib.types.bool; - default = true; - description = "enable backups for flaresolverr"; - }; - }; - - config = lib.mkIf cfg.enable { - - # declare flaresolverr group - users.groups.flaresolverr = { gid = ids; }; - - # declare flaresolverr user - users.users.flaresolverr = { - description = "flaresolverr server user"; - uid = ids; - isSystemUser = true; - createHome = false; - group = "flaresolverr"; - extraGroups = []; - }; - - # enable the flaresolverr service - services.flaresolverr = { - enable = true; - openFirewall = true; - port = cfg.port; - }; - - # override umask to make permissions work out - systemd.services.flaresolverr.serviceConfig = { - User = "flaresolverr"; - Group = "flaresolverr"; - }; - -# # open firewall -# networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # internal reverse proxy entry - services.nginx.virtualHosts."flaresolverr.snowbelle.lan" = { - enableACME = false; - forceSSL = true; - sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; - sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; - }; -} diff --git a/modules/homelab/services/arr.bak/prowlarr/default.nix b/modules/homelab/services/arr.bak/prowlarr/default.nix deleted file mode 100644 index 4cd2f27..0000000 --- a/modules/homelab/services/arr.bak/prowlarr/default.nix +++ /dev/null @@ -1,76 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - cfg = config.modules.services.prowlarr; - ids = 2004; - default_port = 9696; - data_dir = "/var/lib/private"; -in -{ - options.modules.services.prowlarr = { - enable = lib.mkEnableOption "enables prowlarr"; - - # set port options - port = lib.mkOption { - type = lib.types.int; - default = 7104; - description = "set port for prowlarr (default: ${toString default_port}"; - }; - - backup = lib.mkOption { - type = lib.types.bool; - default = true; - description = "enable backups for prowlarr"; - }; - }; - - config = lib.mkIf cfg.enable { - - # declare prowlarr group - users.groups.prowlarr = { gid = ids; }; - - # declare prowlarr user - users.users.prowlarr = { - description = "prowlarr server user"; - uid = ids; - isSystemUser = true; - home = "/var/lib/prowlarr"; - createHome = true; - group = "prowlarr"; - extraGroups = [ "media" ]; - }; - - # enable the prowlarr service - services.prowlarr = { - enable = true; - openFirewall = true; - settings = { - server.port = cfg.port; - }; - }; - - # override umask to make permissions work out - systemd.services.prowlarr.serviceConfig = { - UMask = lib.mkForce "0007"; - User = "prowlarr"; - Group = "prowlarr"; - }; - -# # open firewall -# networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # internal reverse proxy entry - services.nginx.virtualHosts."prowlarr.snowbelle.lan" = { - enableACME = false; - forceSSL = true; - sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; - sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; - - # add to backups - modules.system.backups.paths = lib.mkIf cfg.backup [ data_dir ]; - }; -} diff --git a/modules/homelab/services/arr.bak/radarr/default.nix b/modules/homelab/services/arr.bak/radarr/default.nix deleted file mode 100644 index b91a418..0000000 --- a/modules/homelab/services/arr.bak/radarr/default.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - cfg = config.modules.services.radarr; - ids = lib.mkForce 2006; - default_port = 7878; - data_dir = "/var/lib/radarr"; -in -{ - options.modules.services.radarr = { - enable = lib.mkEnableOption "enables radarr"; - - # set port options - port = lib.mkOption { - type = lib.types.int; - default = 7108; - description = "set port for radarr (default: ${toString default_port}"; - }; - - backup = lib.mkOption { - type = lib.types.bool; - default = true; - description = "enable backups for radarr"; - }; - }; - - config = lib.mkIf cfg.enable { - - # declare radarr group - users.groups.radarr = { gid = ids; }; - - # declare radarr user - users.users.radarr = { - description = "radarr server user"; - uid = ids; - isSystemUser = true; - home = "/var/lib/radarr"; - createHome = true; - group = "radarr"; - extraGroups = [ "media" ]; - }; - - # enable the radarr service - services.radarr = { - enable = true; - openFirewall = true; - user = "radarr"; - group = "radarr"; - dataDir = data_dir; - settings = { - server.port = cfg.port; - }; - }; - - # override umask to make permissions work out - systemd.services.radarr.serviceConfig = { UMask = lib.mkForce "0007"; }; - -# # open firewall -# networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # internal reverse proxy entry - services.nginx.virtualHosts."radarr.snowbelle.lan" = { - enableACME = false; - forceSSL = true; - sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; - sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; - - # add to backups - modules.system.backups.paths = lib.mkIf cfg.backup [ data_dir ]; - }; -} diff --git a/modules/homelab/services/arr.bak/sonarr/default.nix b/modules/homelab/services/arr.bak/sonarr/default.nix deleted file mode 100644 index 49427f6..0000000 --- a/modules/homelab/services/arr.bak/sonarr/default.nix +++ /dev/null @@ -1,74 +0,0 @@ -{ pkgs, config, lib, ... }: - -let - cfg = config.modules.services.sonarr; - ids = lib.mkForce 2005; - default_port = 8989; - data_dir = "/var/lib/sonarr"; -in -{ - options.modules.services.sonarr = { - enable = lib.mkEnableOption "enables sonarr"; - - port = lib.mkOption { - type = lib.types.int; - default = 7107; - description = "set port for sonarr (${toString default_port})"; - }; - - backup = lib.mkOption { - type = lib.types.bool; - default = true; - }; - - }; - - config = lib.mkIf cfg.enable { - - # declare sonarr group - users.groups.sonarr = { gid = ids; }; - - # declare sonarr user - users.users.sonarr = { - description = "sonarr server user"; - uid = ids; - isSystemUser = true; - home = "/var/lib/sonarr"; - createHome = true; - group = "sonarr"; - extraGroups = [ "media" ]; - }; - - # enable the sonarr service - services.sonarr = { - enable = true; - openFirewall = true; - user = "sonarr"; - group = "sonarr"; - dataDir = data_dir; - settings = { - server.port = cfg.port; # default: 8989 - }; - }; - - # override umask to make permissions work out - systemd.services.sonarr.serviceConfig = { UMask = lib.mkForce "0007"; }; - - # open firewall - #networking.firewall.allowedTCPPorts = [ cfg.port ]; - - # reverse proxy entryo - services.nginx.virtualHosts."sonarr.snowbelle.lan" = { - enableACME = false; - forceSSL = true; - sslCertificate = config.sops.secrets."ssl_blakedheld_crt".path; - sslCertificateKey = config.sops.secrets."ssl_blakedheld_key".path; - locations."/" = { - proxyPass = "http://127.0.0.1:${toString cfg.port}"; - }; - }; - - # add to backups - modules.system.backups.paths = lib.mkIf cfg.backup [ data_dir ]; - }; -}