diff --git a/modules/nixos/services/binary-cache/default.nix b/modules/nixos/services/binary-cache/default.nix index eac6e7e..49da36a 100644 --- a/modules/nixos/services/binary-cache/default.nix +++ b/modules/nixos/services/binary-cache/default.nix @@ -21,7 +21,6 @@ in }; # Configure Reverse-Proxy - services.traefik-proxy.enable = true; services.traefik.dynamicConfigOptions = { http.services.nix-cache.loadBalancer.servers = [ { url = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}/"; } ]; http.routers.nix-cache.entrypoints = "websecure"; diff --git a/modules/nixos/services/traefik-proxy/default.nix b/modules/nixos/services/traefik-proxy/default.nix index 584d694..e4e6f7e 100644 --- a/modules/nixos/services/traefik-proxy/default.nix +++ b/modules/nixos/services/traefik-proxy/default.nix @@ -14,7 +14,9 @@ in }; }; - config = lib.mkIf cfg.enable { + config = lib.mkIf (cfg.enable || + config.services.binary-cache.enable || + config.suites.nas.media.enable) { services.traefik = { enable = true; staticConfigOptions = { diff --git a/modules/nixos/suites/nas/default.nix b/modules/nixos/suites/nas/default.nix new file mode 100644 index 0000000..f6ab990 --- /dev/null +++ b/modules/nixos/suites/nas/default.nix @@ -0,0 +1,59 @@ +{ + inputs, + config, + lib, + pkgs, + system, + ... +}: +let + cfg = config.suites.nas; +in +{ + imports = [ + ./jellyfin.nix + ./kavita.nix + ]; + options.suites.nas.enable = lib.mkOption { + type = with lib.types; uniq bool; + default = false; + description = "Enable Preconfigured NAS Config"; + }; + options.suites.nas.domain = lib.mkOption { + type = with lib.types; string; + default = "localhost"; + description = "NAS Reachable Domain Name"; + }; + options.suites.nas.media.enable = lib.mkOption { + type = with lib.types; uniq bool; + default = true; + description = "Enable Media Servers"; + }; + options.suites.nas.media.folder = lib.mkOption { + type = with lib.types; str; + default = "/home/media/media"; + description = "Media Root Directory"; + }; + + # Media Config + config = lib.mkIf (cfg.enable && cfg.media.enable) { + + # Media Defaults + suites.nas.media.jellyfin.enable = true; + suites.nas.media.kavita.enable = false; + + # Create Media User + users.groups.media = {}; + users.users.media = { + isSystemUser = true; + createHome = true; + description = "Media User"; + group = "media"; + home = "/home/media"; + }; + + }; + + +} + diff --git a/modules/nixos/suites/nas/jellyfin.nix b/modules/nixos/suites/nas/jellyfin.nix new file mode 100644 index 0000000..8537137 --- /dev/null +++ b/modules/nixos/suites/nas/jellyfin.nix @@ -0,0 +1,41 @@ +{ + inputs, + config, + lib, + pkgs, + system, + ... +}: +let + cfg = config.suites.nas.media.jellyfin; +in +{ + options.suites.nas.media.jellyfin.enable = lib.mkOption { + type = with lib.types; uniq bool; + default = false; + description = "Enable Preconfigured Jellyfin Config"; + }; + options.suites.nas.media.jellyfin.subdomain = lib.mkOption { + type = with lib.types; string; + default = "watch"; + description = "Subdomain for Jellyfin Server"; + }; + + config = lib.mkIf (cfg.enable) { + + services.jellyfin.enable = true; + services.jellyfin.user = "media"; + + # Configure Reverse-Proxy + services.traefik.dynamicConfigOptions = { + http.services.jellyfin.loadBalancer.servers = [ { url = "http://localhost:8096/"; } ]; + http.routers.jellyfin.entrypoints = "websecure"; + http.routers.jellyfin.tls = true; + #http.routers.jellyfin.tls.certresolver = "letsencrypt"; + http.routers.jellyfin.rule = "Host(`${cfg.subdomain}.${config.suites.nas.domain}`)"; + http.routers.jellyfin.service = "jellyfin"; + }; + + }; +} + diff --git a/modules/nixos/suites/nas/kavita.nix b/modules/nixos/suites/nas/kavita.nix new file mode 100644 index 0000000..d6d9a24 --- /dev/null +++ b/modules/nixos/suites/nas/kavita.nix @@ -0,0 +1,42 @@ +{ + inputs, + config, + lib, + pkgs, + system, + ... +}: +let + cfg = config.suites.nas.media.kavita; +in +{ + options.suites.nas.media.kavita.enable = lib.mkOption { + type = with lib.types; uniq bool; + default = false; + description = "Enable Preconfigured kavita Config"; + }; + options.suites.nas.media.kavita.subdomain = lib.mkOption { + type = with lib.types; string; + default = "read"; + description = "Kavita Subdomain"; + }; + + config = lib.mkIf (cfg.enable) { + + services.kavita.enable = true; + services.kavita.user = "media"; + services.kavita.tokenKeyFile = "/home/media/secrets/kavita-secret"; + + # Configure Reverse-Proxy + services.traefik.dynamicConfigOptions = { + http.services.kavita.loadBalancer.servers = [ { url = "http://localhost:5000/"; } ]; + http.routers.kavita.entrypoints = "websecure"; + http.routers.kavita.tls = true; + #http.routers.kavita.tls.certresolver = "letsencrypt"; + http.routers.kavita.rule = "Host(`${cfg.subdomain}.${config.suites.nas.domain}`)"; + http.routers.kavita.service = "kavita"; + }; + + }; +} + diff --git a/systems/x86_64-linux/Ohybke/default.nix b/systems/x86_64-linux/Ohybke/default.nix index 3b8dfe3..6e0f4bf 100644 --- a/systems/x86_64-linux/Ohybke/default.nix +++ b/systems/x86_64-linux/Ohybke/default.nix @@ -15,6 +15,8 @@ "electron-27.3.11" ]; + # NAS Test-Config + suites.nas.enable = false; # Networking networking.hostName = "Ohybke";