From a2a4f4ec6098c4fc6027c8ba184081e572b8df77 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 19:33:09 -0500 Subject: [PATCH 01/35] feat: added kanboard --- modules/config/instances/config/kanboard.nix | 34 +++++++ modules/nixos/default.nix | 1 + modules/nixos/services/acme/default.nix | 1 + modules/nixos/services/kanboard/default.nix | 93 ++++++++++++++++++++ secrets/secrets.yaml | 5 +- 5 files changed, 132 insertions(+), 2 deletions(-) create mode 100644 modules/config/instances/config/kanboard.nix create mode 100644 modules/nixos/services/kanboard/default.nix diff --git a/modules/config/instances/config/kanboard.nix b/modules/config/instances/config/kanboard.nix new file mode 100644 index 0000000..542380b --- /dev/null +++ b/modules/config/instances/config/kanboard.nix @@ -0,0 +1,34 @@ +{ instancesFunctions }: +let + inherit (instancesFunctions) + domain0 + servicePath + sslPath + sopsPath + ; + + kanboardLabel = "Kanboard"; + kanboardName = "kanboard"; + kanboardSubdomain = "todo"; +in +{ + label = kanboardLabel; + name = kanboardName; + email = { + address0 = "noreply@${domain0}"; + }; + sops = { + path0 = "${sopsPath}/${kanboardName}"; + }; + subdomain = kanboardSubdomain; + paths = { + path0 = "${servicePath}/${kanboardLabel}"; + }; + ports = { + port0 = 3434; + }; + ssl = { + cert = "${sslPath}/${kanboardSubdomain}.${domain0}/fullchain.pem"; + key = "${sslPath}/${kanboardSubdomain}.${domain0}/key.pem"; + }; +} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index e171e44..ec84c5a 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -89,6 +89,7 @@ in vaultwarden forgejo xserver + kanboard ; }; }; diff --git a/modules/nixos/services/acme/default.nix b/modules/nixos/services/acme/default.nix index 0c23a31..abc2775 100755 --- a/modules/nixos/services/acme/default.nix +++ b/modules/nixos/services/acme/default.nix @@ -38,6 +38,7 @@ in "syncthing" "searx" "vaultwarden" + "kanboard" "audiobookshelf" ] ) diff --git a/modules/nixos/services/kanboard/default.nix b/modules/nixos/services/kanboard/default.nix new file mode 100644 index 0000000..1275b4c --- /dev/null +++ b/modules/nixos/services/kanboard/default.nix @@ -0,0 +1,93 @@ +{ + flake, + config, + ... +}: +let + inherit (flake.config.machines.devices) + ceres + ; + inherit (flake.config.services.instances) smtp kanboard web; + service = kanboard; + localhost = web.localhost.address0; + host = "${service.subdomain}.${web.domains.url0}"; +in +{ + services = { + kanboard = { + enable = true; + dataDir = "/var/lib/${service.name}"; + settings = { + HTTP_PROXY_HOSTNAME = host; + HTTP_PROXY_PORT = service.ports.port0; + MAIL_SMTP_HOSTNAME = smtp.hostname; + MAIL_TRANSPORT = "smtp"; + MAIL_SMTP_PORT = smtp.ports.port0; + MAIL_SMTP_USERNAME = service.email.address0; + MAIL_FROM = service.email.address0; + MAIL_SMTP_PASSWORD = config.sops.secrets."${service.name}-smtp".path; + MAIL_SMTP_ENCRYPTION = "tls"; + }; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + reverse_proxy ${localhost}:${toString service.ports.port0} + + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}"; + owner = service.name; + mode = "600"; + }; + in + { + secrets = builtins.listToAttrs ( + map + (secret: { + name = "${service.name}-${secret}"; + value = sopsPath secret; + }) + [ + "smtp" + ] + ); + }; + + fileSystems."/var/lib/${service.name}" = { + device = service.paths.path0; + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 755 ${service.name} ${service.name} -" + "Z ${service.sops.path0} 755 ${service.name} ${service.name} -" + ]; + + users.users.${service.name}.extraGroups = [ + "caddy" + "postgres" + ]; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + ]; + }; + }; +} diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 72f872c..ea48b5b 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -35,6 +35,7 @@ wireguard-CA220: ENC[AES256_GCM,data:rNy/IMKqAOsgMUu5r8BZsjTCu0L5fDDDV3/g+pkhW1y wireguard-CA358: ENC[AES256_GCM,data:/VewmiNfRc9/wSE7TT+z1F9LLIvr/5wPsQZ/zBwAh3dEi9yswOGyde2b/XQ=,iv:7U5dmqFiwhCoL1moGSfHprv85o5TdMr6T2sNk5gH82I=,tag:T1hqh8CiO2iBa+ksaiKCtA==,type:str] wireguard-CA627: ENC[AES256_GCM,data:chmDsH2nE0nagjFRZWuxX08/Ykt+rIgCHYkMHd+7nIqihK5SebF7MJlrp84=,iv:NVOlGE7W70nQ0UM/i5WixJvDULO3Y4cLf8h+OAGHhQQ=,tag:L123ShCnr9+kIg1itIoqBA==,type:str] glance-jellyfin: ENC[AES256_GCM,data:ozdDKgAWkA88J2j8RtiOP/aQPAt/neUOSlAZF20g510=,iv:x+VhYlnA9F/VPrzVcma4/oPelCc8kjWoTZvOs4L9Uqo=,tag:crdSDjr8Y5GH/JAF6t8Yeg==,type:str] +kanboard-smtp: ENC[AES256_GCM,data:FmmLEGr5Q8RHtie11Y88XQ==,iv:KtY/Bl2vpkXim7KrkK7cc5n0M0RDlxerbXu9jczj/hI=,tag:ZlbV6d1wH6KmbvHJR3Fq/w==,type:str] sops: age: - recipient: age19dpncsdphdt2tmknjs99eghk527pvdrw0m29qjn2z2gg3et5tdtqycqhl0 @@ -46,7 +47,7 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-05-26T17:10:37Z" - mac: ENC[AES256_GCM,data:h4jgFynRh4zercRoj1N38Anh4PIb9dspx22qDrndjxJ57oGAOh8p6JyFBlN6YbKYOc+dvdcVHMJUgG4swP7N7SR9ZTNipMgoLOpVQ4NpuWZrNOa7YHs+kRyXu+Y1r4agV890tmogrbyRNKXFtGwLigMtqKeG81VOVFNm9Po1Wgg=,iv:FLO5cwSdasoFKLFtpSxa9FT/Kav5R4qfxXFV8cS8QJk=,tag:G+p8MuM3qLht/m48wDmCVA==,type:str] + lastmodified: "2025-06-09T00:32:17Z" + mac: ENC[AES256_GCM,data:b4WMUmVOzgcz/ajxPl0OfQUGarUtnFIFS3DA9CjogPz6aVNDGWrVged5FB6UOotoqQ5RcgThewSu2HztEfCbhM0ZwZ0ak87XS8QHb++s97HhYeeh5mqgVnpsvF4Coa9aRpc2H4etuUNYFxoDojT/hTUKzg3a3QNSWzB06aKTd1A=,iv:YEJN5sakhN1rFytIDMIHpHAVYxvbt9iI2eXL2YBUYnY=,tag:SNBQWZIrXw4ptMLEqkR/xA==,type:str] unencrypted_suffix: _unencrypted version: 3.10.2 From 6bb2ce744fedc292a33b7250d8a82fc3c3607e34 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 19:38:30 -0500 Subject: [PATCH 02/35] feat: kanboard test --- modules/nixos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index ec84c5a..05de450 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -89,7 +89,7 @@ in vaultwarden forgejo xserver - kanboard + # kanboard ; }; }; From 823a29c6df3115abc17114a1bc136bfa840c3f5d Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 20:15:48 -0500 Subject: [PATCH 03/35] feat: kanboard test --- flake.lock | 248 +++++++++---------- modules/config/instances/config/kanboard.nix | 0 modules/nixos/services/kanboard/default.nix | 0 3 files changed, 124 insertions(+), 124 deletions(-) mode change 100644 => 100755 modules/config/instances/config/kanboard.nix mode change 100644 => 100755 modules/nixos/services/kanboard/default.nix diff --git a/flake.lock b/flake.lock index ba68171..be505b4 100755 --- a/flake.lock +++ b/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1747864449, - "narHash": "sha256-PIjVAWghZhr3L0EFM2UObhX84UQxIACbON0IC0zzSKA=", + "lastModified": 1749155310, + "narHash": "sha256-t0HfHg/1+TbSra5s6nNM0o4tnb3uqWedShSpZXsUMYY=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "389372c5f4dc1ac0e7645ed29a35fd6d71672ef5", + "rev": "94981cf75a9f11da0b6dd6a1abbd7c50a36ab2d3", "type": "github" }, "original": { @@ -44,11 +44,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1746626503, - "narHash": "sha256-mRnIdJLP+0NSim9ao30ue0Z3ttSuxzXwQG7UN1KuKfU=", + "lastModified": 1748243781, + "narHash": "sha256-U8KlBdkPOeT4YN+MjfJbciUKlncKjuRGTsiateciKrM=", "owner": "nix-community", "repo": "buildbot-nix", - "rev": "7ad9b4886eccb5eecc0686a16266ddabf6cbefe9", + "rev": "eb6a8b45cb4123a05c67b45cd3fac4f0275a1930", "type": "github" }, "original": { @@ -75,13 +75,13 @@ "darwin-src": { "flake": false, "locked": { - "narHash": "sha256-9Juqg0xHqv5XpY1FBapaqsOv9GUMYUyNdzM4gCYTFpI=", + "narHash": "sha256-pUDZCUeous6G4YvV3jlzuuWbTP+e3NM0EY38peZF+ZM=", "type": "file", - "url": "https://github.com/zen-browser/desktop/releases/download/1.12.8b/zen.macos-universal.dmg" + "url": "https://github.com/zen-browser/desktop/releases/download/1.12.10b/zen.macos-universal.dmg" }, "original": { "type": "file", - "url": "https://github.com/zen-browser/desktop/releases/download/1.12.8b/zen.macos-universal.dmg" + "url": "https://github.com/zen-browser/desktop/releases/download/1.12.10b/zen.macos-universal.dmg" } }, "dream2nix": { @@ -94,11 +94,11 @@ "pyproject-nix": "pyproject-nix" }, "locked": { - "lastModified": 1735160684, - "narHash": "sha256-n5CwhmqKxifuD4Sq4WuRP/h5LO6f23cGnSAuJemnd/4=", + "lastModified": 1748838242, + "narHash": "sha256-wORL3vLIJdBF8hz73yuD7DVsrbOvFgtH96hQIetXhfg=", "owner": "nix-community", "repo": "dream2nix", - "rev": "8ce6284ff58208ed8961681276f82c2f8f978ef4", + "rev": "e92dacdc57acaa6b2ae79592c1a62c2340931410", "type": "github" }, "original": { @@ -241,11 +241,11 @@ ] }, "locked": { - "lastModified": 1748821116, - "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=", + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", "type": "github" }, "original": { @@ -396,11 +396,11 @@ "zon2nix": "zon2nix" }, "locked": { - "lastModified": 1748672231, - "narHash": "sha256-9DwoMa9VvwATvK3lolyUwJBfiF+y28EKmGj9FyEaJWo=", + "lastModified": 1749412495, + "narHash": "sha256-d5BrLUfWSbHHUJqLfAHIxgGmBRW8Q7RobEqf1IOUgro=", "owner": "ghostty-org", "repo": "ghostty", - "rev": "1ff91625981ef92add92624c01b6b9095c365ed1", + "rev": "804d270ba1475c9ffbb312819dd581fa5992c7d8", "type": "github" }, "original": { @@ -482,11 +482,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1748702599, - "narHash": "sha256-cXzTGHrZsT4wSxlLvw2ZlHPVjC/MA2W0sI/KF1yStbY=", + "lastModified": 1749410468, + "narHash": "sha256-TWlb2Ja/kE9DFPyv8rE5tZ2wgzsMZ6CcdX4eGY6d8zo=", "owner": "helix-editor", "repo": "helix", - "rev": "2baff46b2578d78d817b9e128e8cc00345541f0b", + "rev": "e773d6cc925ad5db01e0be814a07036ea79eae66", "type": "github" }, "original": { @@ -509,11 +509,11 @@ ] }, "locked": { - "lastModified": 1744693102, - "narHash": "sha256-1Z4WPGVky4w3lrhrgs89OKsLzPdtkbi1bPLNFWsoLfY=", + "lastModified": 1748000383, + "narHash": "sha256-EaAJhwfJGBncgIV/0NlJviid2DP93cTMc9h0q6P6xXk=", "owner": "hercules-ci", "repo": "hercules-ci-effects", - "rev": "5b6cec51c9ec095a0d3fd4c8eeb53eb5c59ae33e", + "rev": "231726642197817d20310b9d39dd4afb9e899489", "type": "github" }, "original": { @@ -529,11 +529,11 @@ ] }, "locked": { - "lastModified": 1748811839, - "narHash": "sha256-MDl6vpEK18ZfPHfoeOa9dGRdwVWNfmCCGazt72nHw+U=", + "lastModified": 1749400020, + "narHash": "sha256-0nTmHO8AYgRYk5v6zw5oZ3x9nh+feb+Isn7WNe318M0=", "owner": "nix-community", "repo": "home-manager", - "rev": "6abf27943bbb09a0f9d443df45ec70b07a6cbe20", + "rev": "2835e8ba0ad99ba86d4a5e497a962ec9fa35e48f", "type": "github" }, "original": { @@ -558,11 +558,11 @@ ] }, "locked": { - "lastModified": 1745948457, - "narHash": "sha256-lzTV10FJTCGNtMdgW5YAhCAqezeAzKOd/97HbQK8GTU=", + "lastModified": 1749155331, + "narHash": "sha256-XR9fsI0zwLiFWfqi/pdS/VD+YNorKb3XIykgTg4l1nA=", "owner": "hyprwm", "repo": "hyprcursor", - "rev": "ac903e80b33ba6a88df83d02232483d99f327573", + "rev": "45fcc10b4c282746d93ec406a740c43b48b4ef80", "type": "github" }, "original": { @@ -587,11 +587,11 @@ ] }, "locked": { - "lastModified": 1745015490, - "narHash": "sha256-apEJ9zoSzmslhJ2vOKFcXTMZLUFYzh1ghfB6Rbw3Low=", + "lastModified": 1749238452, + "narHash": "sha256-8qiKEWcxUrjpUpK+WyFNg/72C8rp70LUuyTD23T+SdQ=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "60754910946b4e2dc1377b967b7156cb989c5873", + "rev": "c7225d73755a6c4c7c72f4d4f3925ea426e325a8", "type": "github" }, "original": { @@ -618,11 +618,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1748808233, - "narHash": "sha256-8ODprnZklafpJ5f2aLsZf8Lo3pP6z75NR4ArkwlH6cI=", + "lastModified": 1749410258, + "narHash": "sha256-C7X/mLccrPd87iJTRlamCsFXfWr1uFrZ3uIHFpqzw+o=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "16c62a6dbb5f8eee4dcfe903e743f6f144971c06", + "rev": "231e01e39b187d9a84b4a27871eb2bc4fb5c7d84", "type": "github" }, "original": { @@ -643,11 +643,11 @@ "systems": "systems_3" }, "locked": { - "lastModified": 1748204791, - "narHash": "sha256-fc97Jf4TbLAnJ0TQrQrcEE3SOEZi5BI2sdttNCiifqE=", + "lastModified": 1749155346, + "narHash": "sha256-KIkJu3zF8MF3DuGwzAmo3Ww9wsWXolwV30SjJRTAxYE=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "6036ce9c86e88fc1549a54c3e44749f81ec399b1", + "rev": "44bf29f1df45786098920c655af523535a9191ae", "type": "github" }, "original": { @@ -668,11 +668,11 @@ ] }, "locked": { - "lastModified": 1743714874, - "narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=", + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", "type": "github" }, "original": { @@ -693,11 +693,11 @@ ] }, "locked": { - "lastModified": 1743714874, - "narHash": "sha256-yt8F7NhMFCFHUHy/lNjH/pjZyIDFNk52Q4tivQ31WFo=", + "lastModified": 1749046714, + "narHash": "sha256-kymV5FMnddYGI+UjwIw8ceDjdeg7ToDVjbHCvUlhn14=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "3a5c2bda1c1a4e55cc1330c782547695a93f05b2", + "rev": "613878cb6f459c5e323aaafe1e6f388ac8a36330", "type": "github" }, "original": { @@ -725,11 +725,11 @@ ] }, "locked": { - "lastModified": 1737634706, - "narHash": "sha256-nGCibkfsXz7ARx5R+SnisRtMq21IQIhazp6viBU8I/A=", + "lastModified": 1749154592, + "narHash": "sha256-DO7z5CeT/ddSGDEnK9mAXm1qlGL47L3VAHLlLXoCjhE=", "owner": "hyprwm", "repo": "hyprland-qt-support", - "rev": "8810df502cdee755993cb803eba7b23f189db795", + "rev": "4c8053c3c888138a30c3a6c45c2e45f5484f2074", "type": "github" }, "original": { @@ -761,11 +761,11 @@ ] }, "locked": { - "lastModified": 1745951494, - "narHash": "sha256-2dModE32doiyQMmd6EDAQeZnz+5LOs6KXyE0qX76WIg=", + "lastModified": 1749155776, + "narHash": "sha256-t1PM0wxQLQwv2F2AW23uA7pm5giwmcgYEWbNIRct9r4=", "owner": "hyprwm", "repo": "hyprland-qtutils", - "rev": "4be1d324faf8d6e82c2be9f8510d299984dfdd2e", + "rev": "396e8aa1c06274835b69da7f9a015fff9a9b7522", "type": "github" }, "original": { @@ -790,11 +790,11 @@ ] }, "locked": { - "lastModified": 1747484975, - "narHash": "sha256-+LAQ81HBwG0lwshHlWe0kfWg4KcChIPpnwtnwqmnoEU=", + "lastModified": 1749145882, + "narHash": "sha256-qr0KXeczF8Sma3Ae7+dR2NHhvG7YeLBJv19W4oMu6ZE=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "163c83b3db48a17c113729c220a60b94596c9291", + "rev": "1bfb84f54d50c7ae6558c794d3cfd5f6a7e6e676", "type": "github" }, "original": { @@ -819,11 +819,11 @@ ] }, "locked": { - "lastModified": 1744468525, - "narHash": "sha256-9HySx+EtsbbKlZDlY+naqqOV679VdxP6x6fP3wxDXJk=", + "lastModified": 1749145882, + "narHash": "sha256-qr0KXeczF8Sma3Ae7+dR2NHhvG7YeLBJv19W4oMu6ZE=", "owner": "hyprwm", "repo": "hyprlang", - "rev": "f1000c54d266e6e4e9d646df0774fac5b8a652df", + "rev": "1bfb84f54d50c7ae6558c794d3cfd5f6a7e6e676", "type": "github" }, "original": { @@ -844,11 +844,11 @@ ] }, "locked": { - "lastModified": 1746635225, - "narHash": "sha256-W9G9bb0zRYDBRseHbVez0J8qVpD5QbizX67H/vsudhM=", + "lastModified": 1749135356, + "narHash": "sha256-Q8mAKMDsFbCEuq7zoSlcTuxgbIBVhfIYpX0RjE32PS0=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "674ea57373f08b7609ce93baff131117a0dfe70d", + "rev": "e36db00dfb3a3d3fdcc4069cb292ff60d2699ccb", "type": "github" }, "original": { @@ -869,11 +869,11 @@ ] }, "locked": { - "lastModified": 1743950287, - "narHash": "sha256-/6IAEWyb8gC/NKZElxiHChkouiUOrVYNq9YqG0Pzm4Y=", + "lastModified": 1749135356, + "narHash": "sha256-Q8mAKMDsFbCEuq7zoSlcTuxgbIBVhfIYpX0RjE32PS0=", "owner": "hyprwm", "repo": "hyprutils", - "rev": "f2dc70e448b994cef627a157ee340135bd68fbc6", + "rev": "e36db00dfb3a3d3fdcc4069cb292ff60d2699ccb", "type": "github" }, "original": { @@ -894,11 +894,11 @@ ] }, "locked": { - "lastModified": 1747584298, - "narHash": "sha256-PH9qZqWLHvSBQiUnA0NzAyQA3tu2no2z8kz0ZeHWj4w=", + "lastModified": 1749145760, + "narHash": "sha256-IHaGWpGrv7seFWdw/1A+wHtTsPlOGIKMrk1TUIYJEFI=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "e511882b9c2e1d7a75d45d8fddd2160daeafcbc3", + "rev": "817918315ea016cc2d94004bfb3223b5fd9dfcc6", "type": "github" }, "original": { @@ -919,11 +919,11 @@ ] }, "locked": { - "lastModified": 1739870480, - "narHash": "sha256-SiDN5BGxa/1hAsqhgJsS03C3t2QrLgBT8u+ENJ0Qzwc=", + "lastModified": 1749145760, + "narHash": "sha256-IHaGWpGrv7seFWdw/1A+wHtTsPlOGIKMrk1TUIYJEFI=", "owner": "hyprwm", "repo": "hyprwayland-scanner", - "rev": "206367a08dc5ac4ba7ad31bdca391d098082e64b", + "rev": "817918315ea016cc2d94004bfb3223b5fd9dfcc6", "type": "github" }, "original": { @@ -935,14 +935,14 @@ "linux-src": { "flake": false, "locked": { - "lastModified": 1747948295, - "narHash": "sha256-exEj4FL1KYtyGiJHAycm5oIzsWE5FcXVzqYlZOIUDqo=", + "lastModified": 1748796643, + "narHash": "sha256-7ZDsGG11g6Dfm++3DrPGxWLk4cIgaVBeYo+uvdHZ9Vk=", "type": "tarball", - "url": "https://github.com/zen-browser/desktop/releases/download/1.12.8b/zen.linux-x86_64.tar.xz" + "url": "https://github.com/zen-browser/desktop/releases/download/1.12.10b/zen.linux-x86_64.tar.xz" }, "original": { "type": "tarball", - "url": "https://github.com/zen-browser/desktop/releases/download/1.12.8b/zen.linux-x86_64.tar.xz" + "url": "https://github.com/zen-browser/desktop/releases/download/1.12.10b/zen.linux-x86_64.tar.xz" } }, "lix": { @@ -991,11 +991,11 @@ "systems": "systems_5" }, "locked": { - "lastModified": 1748622925, - "narHash": "sha256-mB9F6/IdZFF7jWWmnEsUf87z3mxNJPIJlKNgNQmPf5k=", + "lastModified": 1749206978, + "narHash": "sha256-4M2/jIPOBtJJIftWTkvw1P8Nrv2AR4Fk2etP/6Idp50=", "owner": "ngi-nix", "repo": "ngipkgs", - "rev": "55dbfb268e7effdb8405dbb6cdd9c7dd83db36c2", + "rev": "7d64ab6cb074384af3c679afe47da2dc37294016", "type": "github" }, "original": { @@ -1016,11 +1016,11 @@ "xwayland-satellite-unstable": "xwayland-satellite-unstable" }, "locked": { - "lastModified": 1748797644, - "narHash": "sha256-zLkSMDE/4kEK+1q0Ep0fmSO7PJ/3ZxovvYNIA5TuN4I=", + "lastModified": 1749396815, + "narHash": "sha256-vwr2vLETE4CSi4c6SFoQyP+uBUnvwPPQmn+1D1207ts=", "owner": "sodiboo", "repo": "niri-flake", - "rev": "2036ef9e1bfac9d50d96c0771a412226b6998ba5", + "rev": "e6db401ff0aa3b03507b4819f9a44deab3cfcf2f", "type": "github" }, "original": { @@ -1049,11 +1049,11 @@ "niri-unstable": { "flake": false, "locked": { - "lastModified": 1748794937, - "narHash": "sha256-LQfI1BlFm+JeZGjg0MPKdsmyupETu/9HzGmxVd0G4fw=", + "lastModified": 1749327170, + "narHash": "sha256-mBrxeWd7L8oAIh6G2PgKuZAzqyZMyjBpHEAcSSTbhJg=", "owner": "YaLTeR", "repo": "niri", - "rev": "1911cf3f55ac3d9d24c8692434a93214dcbde9ba", + "rev": "f918eabe6a144e78c62c3fc0cfa7fe32e4623e5a", "type": "github" }, "original": { @@ -1070,11 +1070,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1748776124, - "narHash": "sha256-vs2cMCHX9wnWJutXhQyWkWOpMF/Xbw0ZAUAFGsKLifA=", + "lastModified": 1749424580, + "narHash": "sha256-mt45T2JVYPLwJs3Gi0Hr6Eo5TE+sPyWUDq/H6Qg66ek=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "e989a41092f6f0375e7afb789bc97cb30d01fdb8", + "rev": "fae5ebd4d5da1db8323a673728ebecc06b9dc653", "type": "github" }, "original": { @@ -1098,11 +1098,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1748437600, - "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", + "lastModified": 1749237914, + "narHash": "sha256-N5waoqWt8aMr/MykZjSErOokYH6rOsMMXu3UOVH5kiw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7282cb574e0607e65224d33be8241eae7cfe0979", + "rev": "70c74b02eac46f4e4aa071e45a6189ce0f6d9265", "type": "github" }, "original": { @@ -1114,11 +1114,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1748421225, - "narHash": "sha256-XXILOc80tvlvEQgYpYFnze8MkQQmp3eQxFbTzb3m/R0=", + "lastModified": 1749173751, + "narHash": "sha256-ENY3y3v6S9ZmLDDLI3LUT8MXmfXg/fSt2eA4GCnMVCE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "78add7b7abb61689e34fc23070a8f55e1d26185b", + "rev": "ed29f002b6d6e5e7e32590deb065c34a31dc3e91", "type": "github" }, "original": { @@ -1130,11 +1130,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1747467164, - "narHash": "sha256-JBXbjJ0t6T6BbVc9iPVquQI9XSXCGQJD8c8SgnUquus=", + "lastModified": 1748856973, + "narHash": "sha256-RlTsJUvvr8ErjPBsiwrGbbHYW8XbB/oek0Gi78XdWKg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3fcbdcfc707e0aa42c541b7743e05820472bdaec", + "rev": "e4b09e47ace7d87de083786b404bf232eb6c89d8", "type": "github" }, "original": { @@ -1146,11 +1146,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1749143949, + "narHash": "sha256-QuUtALJpVrPnPeozlUG/y+oIMSLdptHxb3GK6cpSVhA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "d3d2d80a2191a73d1e86456a751b83aa13085d7d", "type": "github" }, "original": { @@ -1162,11 +1162,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1749285348, + "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", "type": "github" }, "original": { @@ -1201,11 +1201,11 @@ "treefmt-nix": "treefmt-nix_2" }, "locked": { - "lastModified": 1748782935, - "narHash": "sha256-wjo1BhHoBFzdtj92LrAonR1eJ8j5dt1YhnkPpqaam38=", + "lastModified": 1749427072, + "narHash": "sha256-tj6RAZlnmtCgOeVNMYVUZYXoig6Eihz3pa6rqBv/CuE=", "owner": "nix-community", "repo": "NUR", - "rev": "73385c8de1fac0066f513adc9a7e59d69f2327c2", + "rev": "a06f01e16a5b44d3ee54f73541168d819e424f5d", "type": "github" }, "original": { @@ -1375,11 +1375,11 @@ ] }, "locked": { - "lastModified": 1748746145, - "narHash": "sha256-bwkCAK9pOyI2Ww4Q4oO1Ynv7O9aZPrsIAMMASmhVGp4=", + "lastModified": 1749350575, + "narHash": "sha256-ltLegOYrp69v/7BXlNfSwUPrt2DvF7N668pV4a6rWRA=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "12a0d94a2f2b06714f747ab97b2fa546f46b460c", + "rev": "24d5806474b0779d373f381f00d75ad51fd45099", "type": "github" }, "original": { @@ -1608,11 +1608,11 @@ ] }, "locked": { - "lastModified": 1746216483, - "narHash": "sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4=", + "lastModified": 1747912973, + "narHash": "sha256-XgxghfND8TDypxsMTPU2GQdtBEsHTEc3qWE6RVEk8O0=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "29ec5026372e0dec56f890e50dbe4f45930320fd", + "rev": "020cb423808365fa3f10ff4cb8c0a25df35065a3", "type": "github" }, "original": { @@ -1691,11 +1691,11 @@ ] }, "locked": { - "lastModified": 1745871725, - "narHash": "sha256-M24SNc2flblWGXFkGQfqSlEOzAGZnMc9QG3GH4K/KbE=", + "lastModified": 1749155346, + "narHash": "sha256-KIkJu3zF8MF3DuGwzAmo3Ww9wsWXolwV30SjJRTAxYE=", "owner": "hyprwm", "repo": "xdg-desktop-portal-hyprland", - "rev": "76bbf1a6b1378e4ab5230bad00ad04bc287c969e", + "rev": "44bf29f1df45786098920c655af523535a9191ae", "type": "github" }, "original": { @@ -1724,11 +1724,11 @@ "xwayland-satellite-unstable": { "flake": false, "locked": { - "lastModified": 1748488455, - "narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=", + "lastModified": 1749315541, + "narHash": "sha256-bEik1BfVOFnWvtOrcOHluos/edJ8f+G2y1QySbt/0Ak=", "owner": "Supreeeme", "repo": "xwayland-satellite", - "rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73", + "rev": "da2ecb5be816de35e2efe23a408a1c49fe8b11ba", "type": "github" }, "original": { @@ -1744,11 +1744,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1748740817, - "narHash": "sha256-Vj4QAPNXONRmpL9LdmZt2DTqLCqgIBFjuseQprs9Kvg=", + "lastModified": 1749428533, + "narHash": "sha256-4WoN0GckeMivwiIF2WT7rrRKH0wulw0/QDVlbsDQCmk=", "owner": "sxyazi", "repo": "yazi", - "rev": "d5038eeed52a459fa43b953c3b42a65a1b0d922c", + "rev": "c0615e5f45b30856a4fd1a8850f8ede93d97c9fd", "type": "github" }, "original": { @@ -1767,11 +1767,11 @@ "rust-overlay": "rust-overlay_4" }, "locked": { - "lastModified": 1748821806, - "narHash": "sha256-oG6ekeoCIABhRRIoz53zwhwvEgQT9+iRaQJvAEdB+RU=", + "lastModified": 1749418233, + "narHash": "sha256-jynbb4Kk6/pRh60ND2Aw/aHG337dTvN8AM0pykUBngY=", "owner": "zed-industries", "repo": "zed", - "rev": "ab6125ddde518c0c021ecae54f64d86b8c4f5008", + "rev": "b15aef4310e86aa31c2ceab74184ec7e5627a2c5", "type": "github" }, "original": { @@ -1789,11 +1789,11 @@ ] }, "locked": { - "lastModified": 1748066818, - "narHash": "sha256-eu5fJ2w0LnY0RQQ0BQ4GcE4B8gQJXWPaGqTsRHu4jEU=", + "lastModified": 1749037993, + "narHash": "sha256-5KUZDP91PpbU5uWPVzuEqbvsM4EQ1hc8t2pDyUKRTZE=", "owner": "InvraNet", "repo": "zen-flake", - "rev": "b293d1439fa82f7ef771e69371bd0cbd24f8ec6d", + "rev": "b493d25e44243dc2153b2984a3351670dbeaf11f", "type": "gitlab" }, "original": { diff --git a/modules/config/instances/config/kanboard.nix b/modules/config/instances/config/kanboard.nix old mode 100644 new mode 100755 diff --git a/modules/nixos/services/kanboard/default.nix b/modules/nixos/services/kanboard/default.nix old mode 100644 new mode 100755 From 7166c7fb94e0eed451299e0d1e1aac606e09f249 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 20:55:07 -0500 Subject: [PATCH 04/35] chore: lock n load --- flake.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/flake.lock b/flake.lock index be505b4..29e225c 100755 --- a/flake.lock +++ b/flake.lock @@ -948,11 +948,11 @@ "lix": { "flake": false, "locked": { - "lastModified": 1737234286, - "narHash": "sha256-pgDJZjj4jpzkFxsqBTI/9Yb0n3gW+DvDtuv9SwQZZcs=", - "rev": "079528098f5998ba13c88821a2eca1005c1695de", + "lastModified": 1742250400, + "narHash": "sha256-be2mY7VFiWcPw7GcaJBbUvpnpoLd39wxqTXagBNTR5w=", + "rev": "d8db15010d2059a23a17f70ef542b4d1e7d2c640", "type": "tarball", - "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/079528098f5998ba13c88821a2eca1005c1695de.tar.gz?rev=079528098f5998ba13c88821a2eca1005c1695de" + "url": "https://git.lix.systems/api/v1/repos/lix-project/lix/archive/d8db15010d2059a23a17f70ef542b4d1e7d2c640.tar.gz?rev=d8db15010d2059a23a17f70ef542b4d1e7d2c640" }, "original": { "type": "tarball", From b414829b7c8aeef3b4c8174d1a3419216cadb469 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:11:04 -0500 Subject: [PATCH 05/35] chore: lix fucked? --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index e388c55..6122a5f 100755 --- a/flake.nix +++ b/flake.nix @@ -147,7 +147,7 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - inputs.lix-module.nixosModules.default + # inputs.lix-module.nixosModules.default inputs.ngipkgs.nixosModules."services.peertube" inputs.ngipkgs.nixosModules.default inputs.sops-nix.nixosModules.sops From 45055d57971a931da875c0fc7d80985b02891998 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:11:42 -0500 Subject: [PATCH 06/35] chore: lix not fucked? --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 6122a5f..e388c55 100755 --- a/flake.nix +++ b/flake.nix @@ -147,7 +147,7 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - # inputs.lix-module.nixosModules.default + inputs.lix-module.nixosModules.default inputs.ngipkgs.nixosModules."services.peertube" inputs.ngipkgs.nixosModules.default inputs.sops-nix.nixosModules.sops From 373d733bdd9698687705dc06fcf9b9fde8239499 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:14:00 -0500 Subject: [PATCH 07/35] chore: ngipkgs fucked? --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index e388c55..a10da92 100755 --- a/flake.nix +++ b/flake.nix @@ -148,8 +148,8 @@ config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager inputs.lix-module.nixosModules.default - inputs.ngipkgs.nixosModules."services.peertube" - inputs.ngipkgs.nixosModules.default + # inputs.ngipkgs.nixosModules."services.peertube" + # inputs.ngipkgs.nixosModules.default inputs.sops-nix.nixosModules.sops ]; }; From 8183c9371b4a7873a3c5f5590f3a51b4ab259ce0 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:14:51 -0500 Subject: [PATCH 08/35] feat: test --- flake.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index a10da92..b97421b 100755 --- a/flake.nix +++ b/flake.nix @@ -143,13 +143,13 @@ ceres = inputs.self.lib.mkLinuxSystem [ ./systems/ceres ./profiles/user0 - config.nixosModules.ceres + # config.nixosModules.ceres config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager inputs.lix-module.nixosModules.default - # inputs.ngipkgs.nixosModules."services.peertube" - # inputs.ngipkgs.nixosModules.default + inputs.ngipkgs.nixosModules."services.peertube" + inputs.ngipkgs.nixosModules.default inputs.sops-nix.nixosModules.sops ]; }; From a72d09b67735eece5f2bd6683436405333e293a0 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:16:03 -0500 Subject: [PATCH 09/35] feat: test --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index b97421b..82b6590 100755 --- a/flake.nix +++ b/flake.nix @@ -147,8 +147,8 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - inputs.lix-module.nixosModules.default - inputs.ngipkgs.nixosModules."services.peertube" + # inputs.lix-module.nixosModules.default + # inputs.ngipkgs.nixosModules."services.peertube" inputs.ngipkgs.nixosModules.default inputs.sops-nix.nixosModules.sops ]; From df8420562f78159d1e64a72d569feee4408abe56 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:16:44 -0500 Subject: [PATCH 10/35] feat: test --- flake.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 82b6590..66ff3e5 100755 --- a/flake.nix +++ b/flake.nix @@ -147,9 +147,9 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - # inputs.lix-module.nixosModules.default + inputs.lix-module.nixosModules.default # inputs.ngipkgs.nixosModules."services.peertube" - inputs.ngipkgs.nixosModules.default + # inputs.ngipkgs.nixosModules.default inputs.sops-nix.nixosModules.sops ]; }; From 7495a33f8b6ddabff9c1f0f74c9248d0f7c3b1f3 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:17:32 -0500 Subject: [PATCH 11/35] feat: test --- flake.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 66ff3e5..a10da92 100755 --- a/flake.nix +++ b/flake.nix @@ -143,7 +143,7 @@ ceres = inputs.self.lib.mkLinuxSystem [ ./systems/ceres ./profiles/user0 - # config.nixosModules.ceres + config.nixosModules.ceres config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager From fb3ca092712706d6f82d2308bba6f3b40ea6e1d9 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:18:12 -0500 Subject: [PATCH 12/35] feat: test --- modules/nixos/services/peertube/default.nix | 22 ++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/modules/nixos/services/peertube/default.nix b/modules/nixos/services/peertube/default.nix index 091cd90..d53fa77 100755 --- a/modules/nixos/services/peertube/default.nix +++ b/modules/nixos/services/peertube/default.nix @@ -30,17 +30,17 @@ in localDomain = host; serviceEnvironmentFile = config.sops.secrets."${service.name}-root".path; user = service.name; - plugins = { - enable = true; - plugins = builtins.attrValues { - inherit (pkgs) - peertube-plugin-livechat - peertube-plugin-matomo - peertube-plugin-transcoding-custom-quality - peertube-theme-dark - ; - }; - }; + # plugins = { + # enable = true; + # plugins = builtins.attrValues { + # inherit (pkgs) + # peertube-plugin-livechat + # peertube-plugin-matomo + # peertube-plugin-transcoding-custom-quality + # peertube-theme-dark + # ; + # }; + # }; secrets = { secretsFile = config.sops.secrets."${service.name}-secret".path; From a24b73e5829c5d1f809bdc29b2ead0085438ec02 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:18:39 -0500 Subject: [PATCH 13/35] feat: test --- modules/nixos/default.nix | 28 ++++++++++----------- modules/nixos/services/peertube/default.nix | 22 ++++++++-------- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 05de450..49aeddf 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -75,20 +75,20 @@ in imports = builtins.attrValues { inherit (modules) acme - audiobookshelf - caddy - jellyfin - logrotate - mastodon - minecraft - ollama - website - postgresql - samba - searx - vaultwarden - forgejo - xserver + # audiobookshelf + # caddy + # jellyfin + # logrotate + # mastodon + # minecraft + # ollama + # website + # postgresql + # samba + # searx + # vaultwarden + # forgejo + # xserver # kanboard ; }; diff --git a/modules/nixos/services/peertube/default.nix b/modules/nixos/services/peertube/default.nix index d53fa77..091cd90 100755 --- a/modules/nixos/services/peertube/default.nix +++ b/modules/nixos/services/peertube/default.nix @@ -30,17 +30,17 @@ in localDomain = host; serviceEnvironmentFile = config.sops.secrets."${service.name}-root".path; user = service.name; - # plugins = { - # enable = true; - # plugins = builtins.attrValues { - # inherit (pkgs) - # peertube-plugin-livechat - # peertube-plugin-matomo - # peertube-plugin-transcoding-custom-quality - # peertube-theme-dark - # ; - # }; - # }; + plugins = { + enable = true; + plugins = builtins.attrValues { + inherit (pkgs) + peertube-plugin-livechat + peertube-plugin-matomo + peertube-plugin-transcoding-custom-quality + peertube-theme-dark + ; + }; + }; secrets = { secretsFile = config.sops.secrets."${service.name}-secret".path; From ac8d2861426cd64e06571d534eccbbc071fbbca2 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:19:04 -0500 Subject: [PATCH 14/35] feat: test --- modules/nixos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 49aeddf..4b1d796 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -75,7 +75,7 @@ in imports = builtins.attrValues { inherit (modules) acme - # audiobookshelf + audiobookshelf # caddy # jellyfin # logrotate From ab9acdb0b6e8037bf4f99f1c6b5f77f038afe765 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:19:27 -0500 Subject: [PATCH 15/35] feat: test --- modules/nixos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 4b1d796..da627a6 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -76,7 +76,7 @@ in inherit (modules) acme audiobookshelf - # caddy + caddy # jellyfin # logrotate # mastodon From d14ba150abf16a1280db5d955f6aa2528cce63ec Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:19:58 -0500 Subject: [PATCH 16/35] feat: test --- modules/nixos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index da627a6..8528863 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,7 +77,7 @@ in acme audiobookshelf caddy - # jellyfin + jellyfin # logrotate # mastodon # minecraft From f3a2119c26be89bb5872ed14bd25f694b70ae700 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:20:25 -0500 Subject: [PATCH 17/35] feat: test --- modules/nixos/default.nix | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 8528863..88a7a44 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,18 +77,18 @@ in acme audiobookshelf caddy - jellyfin - # logrotate - # mastodon - # minecraft - # ollama - # website - # postgresql - # samba - # searx - # vaultwarden - # forgejo - # xserver + # jellyfin + logrotate + mastodon + minecraft + ollama + website + postgresql + samba + searx + vaultwarden + forgejo + xserver # kanboard ; }; From 4186016230e7dbfe1f2c8dbf7dfce056813c28b1 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:23:54 -0500 Subject: [PATCH 18/35] feat: test --- modules/nixos/default.nix | 2 +- modules/nixos/services/jellyfin/default.nix | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 88a7a44..05de450 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,7 +77,7 @@ in acme audiobookshelf caddy - # jellyfin + jellyfin logrotate mastodon minecraft diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 9de69c2..b5bc5c0 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -57,14 +57,14 @@ in "/var/lib/${service.name}" = { device = service.paths.path0; } // settings; - "/var/cache/${service.name}" = { - device = "${service.paths.path0}/cache"; - } // settings; + # "/var/cache/${service.name}" = { + # device = "${service.paths.path0}/cache"; + # } // settings; }; systemd.tmpfiles.rules = [ "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - "Z ${service.paths.path0}/cache 0755 ${user0} ${service.name} -" + # "Z ${service.paths.path0}/cache 0755 ${user0} ${service.name} -" ]; networking = { From 8f79442382231f53aff73e90a9a8c9db1dc8fdfb Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:27:22 -0500 Subject: [PATCH 19/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index b5bc5c0..d67de9e 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -21,10 +21,10 @@ in openFirewall = true; user = user0; }; - jellyseerr = { - openFirewall = true; - enable = true; - }; + # jellyseerr = { + # openFirewall = true; + # enable = true; + # }; caddy = { virtualHosts = { "${host}" = { @@ -57,14 +57,14 @@ in "/var/lib/${service.name}" = { device = service.paths.path0; } // settings; - # "/var/cache/${service.name}" = { - # device = "${service.paths.path0}/cache"; - # } // settings; + "/var/cache/${service.name}" = { + device = "${service.paths.path0}/cache"; + } // settings; }; systemd.tmpfiles.rules = [ "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - # "Z ${service.paths.path0}/cache 0755 ${user0} ${service.name} -" + "Z ${service.paths.path0}/cache 0755 ${user0} ${service.name} -" ]; networking = { From 900e26c7ec38afa97c7b3e32b1e351c6c97a400b Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:28:19 -0500 Subject: [PATCH 20/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index d67de9e..1b42719 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -18,7 +18,7 @@ in services = { jellyfin = { enable = true; - openFirewall = true; + # openFirewall = true; user = user0; }; # jellyseerr = { From e82a5c423f32675a17f74ce1085045204085e996 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:28:52 -0500 Subject: [PATCH 21/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 1b42719..e137830 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -17,14 +17,14 @@ in { services = { jellyfin = { - enable = true; - # openFirewall = true; + enable = false; + openFirewall = true; user = user0; }; - # jellyseerr = { - # openFirewall = true; - # enable = true; - # }; + jellyseerr = { + openFirewall = true; + enable = true; + }; caddy = { virtualHosts = { "${host}" = { From 5582f88a6dfb1da167b80570e117fb211abc8c64 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:29:38 -0500 Subject: [PATCH 22/35] feat: test --- modules/nixos/default.nix | 2 +- modules/nixos/services/jellyfin/default.nix | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 05de450..88a7a44 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,7 +77,7 @@ in acme audiobookshelf caddy - jellyfin + # jellyfin logrotate mastodon minecraft diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index e137830..9de69c2 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -17,7 +17,7 @@ in { services = { jellyfin = { - enable = false; + enable = true; openFirewall = true; user = user0; }; From d662409859960b284b058aad55f11ae9d728a00d Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:39:09 -0500 Subject: [PATCH 23/35] feat: test --- modules/config/instances/config/jellyfin.nix | 1 + modules/nixos/default.nix | 2 +- modules/nixos/services/jellyfin/default.nix | 47 +++++++------------- 3 files changed, 19 insertions(+), 31 deletions(-) diff --git a/modules/config/instances/config/jellyfin.nix b/modules/config/instances/config/jellyfin.nix index 477a4a5..d4d7767 100755 --- a/modules/config/instances/config/jellyfin.nix +++ b/modules/config/instances/config/jellyfin.nix @@ -18,6 +18,7 @@ in subdomain = jellyfinName; paths = { path0 = "${servicePath}/${jellyfinLabel}"; + path1 = "${servicePath}/${jellyfinLabel}/cache"; }; ports = { port0 = 5055; # Jellyseer diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 88a7a44..05de450 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,7 +77,7 @@ in acme audiobookshelf caddy - # jellyfin + jellyfin logrotate mastodon minecraft diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 9de69c2..3055703 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -1,15 +1,8 @@ { flake, ... }: let - inherit (flake.config.people) - user0 - ; - inherit (flake.config.machines.devices) - ceres - ; - inherit (flake.config.services.instances) - jellyfin - web - ; + inherit (flake.config.people) user0; + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) jellyfin web; service = jellyfin; localhost = web.localhost.address0; host = "${service.subdomain}.${web.domains.url0}"; @@ -41,30 +34,24 @@ in }; }; - fileSystems = - let - settings = { - fsType = "none"; - options = [ - "bind" - ]; - depends = [ - ceres.storage0.mount - ]; - }; - in - { - "/var/lib/${service.name}" = { - device = service.paths.path0; - } // settings; - "/var/cache/${service.name}" = { - device = "${service.paths.path0}/cache"; - } // settings; + fileSystems = { + "/var/lib/${service.name}" = { + device = service.paths.path0; + fsType = "none"; + options = [ "bind" ]; + depends = [ ceres.storage0.mount ]; }; + "/var/cache/${service.name}" = { + device = service.paths.path1; + fsType = "none"; + options = [ "bind" ]; + depends = [ ceres.storage0.mount ]; + }; + }; systemd.tmpfiles.rules = [ "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - "Z ${service.paths.path0}/cache 0755 ${user0} ${service.name} -" + "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" ]; networking = { From bddc3fb8b857e1c7198f99e0e53daf678375ef12 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:40:38 -0500 Subject: [PATCH 24/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 38 +++++++++++++-------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 3055703..358ca73 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -34,24 +34,32 @@ in }; }; - fileSystems = { - "/var/lib/${service.name}" = { - device = service.paths.path0; - fsType = "none"; - options = [ "bind" ]; - depends = [ ceres.storage0.mount ]; + fileSystems = + let + settings = { + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + in + { + "/var/lib/${service.name}" = { + device = service.paths.path0; + } // settings; + "/var/cache/${service.name}" = { + device = "${service.paths.path1}"; + } // settings; }; - "/var/cache/${service.name}" = { - device = service.paths.path1; - fsType = "none"; - options = [ "bind" ]; - depends = [ ceres.storage0.mount ]; - }; - }; systemd.tmpfiles.rules = [ - "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" + "d ${service.paths.path0} 0755 ${user0} ${service.name} -" + "d ${service.paths.path1} 0755 ${user0} ${service.name} -" + "Z ${service.paths.path0} - ${user0} ${service.name} -" + "Z ${service.paths.path1} - ${user0} ${service.name} -" ]; networking = { From 4414a27938986bae15c4db90b3a69f1e8449a1a1 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:40:59 -0500 Subject: [PATCH 25/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 50 ++++++++++----------- 1 file changed, 24 insertions(+), 26 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 358ca73..251b5a2 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -34,33 +34,31 @@ in }; }; - fileSystems = - let - settings = { - fsType = "none"; - options = [ - "bind" - ]; - depends = [ - ceres.storage0.mount - ]; - }; - in - { - "/var/lib/${service.name}" = { - device = service.paths.path0; - } // settings; - "/var/cache/${service.name}" = { - device = "${service.paths.path1}"; - } // settings; - }; + # fileSystems = + # let + # settings = { + # fsType = "none"; + # options = [ + # "bind" + # ]; + # depends = [ + # ceres.storage0.mount + # ]; + # }; + # in + # { + # "/var/lib/${service.name}" = { + # device = service.paths.path0; + # } // settings; + # "/var/cache/${service.name}" = { + # device = "${service.paths.path1}"; + # } // settings; + # }; - systemd.tmpfiles.rules = [ - "d ${service.paths.path0} 0755 ${user0} ${service.name} -" - "d ${service.paths.path1} 0755 ${user0} ${service.name} -" - "Z ${service.paths.path0} - ${user0} ${service.name} -" - "Z ${service.paths.path1} - ${user0} ${service.name} -" - ]; + # systemd.tmpfiles.rules = [ + # "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + # "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" + # ]; networking = { firewall = { From 54490b968c3caf365737c1514ca8b05f8e2c3f13 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:41:41 -0500 Subject: [PATCH 26/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 72 ++++++++++----------- 1 file changed, 36 insertions(+), 36 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 251b5a2..a9a00a5 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -18,47 +18,47 @@ in openFirewall = true; enable = true; }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - redir /.well-known/carddav /remote.php/dav/ 301 - redir /.well-known/caldav /remote.php/dav/ 301 + # caddy = { + # virtualHosts = { + # "${host}" = { + # extraConfig = '' + # redir /.well-known/carddav /remote.php/dav/ 301 + # redir /.well-known/caldav /remote.php/dav/ 301 - reverse_proxy ${localhost}:${toString service.ports.port1} + # reverse_proxy ${localhost}:${toString service.ports.port1} - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; + # tls ${service.ssl.cert} ${service.ssl.key} + # ''; + # }; + # }; + # }; }; - # fileSystems = - # let - # settings = { - # fsType = "none"; - # options = [ - # "bind" - # ]; - # depends = [ - # ceres.storage0.mount - # ]; - # }; - # in - # { - # "/var/lib/${service.name}" = { - # device = service.paths.path0; - # } // settings; - # "/var/cache/${service.name}" = { - # device = "${service.paths.path1}"; - # } // settings; - # }; + fileSystems = + let + settings = { + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + in + { + "/var/lib/${service.name}" = { + device = service.paths.path0; + } // settings; + "/var/cache/${service.name}" = { + device = "${service.paths.path1}"; + } // settings; + }; - # systemd.tmpfiles.rules = [ - # "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - # "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" + ]; networking = { firewall = { From 5e554583da542803193f9db1c75018080794c2c5 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:42:02 -0500 Subject: [PATCH 27/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 44 ++++++++++----------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index a9a00a5..787c4a9 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -9,29 +9,29 @@ let in { services = { - jellyfin = { - enable = true; - openFirewall = true; - user = user0; - }; - jellyseerr = { - openFirewall = true; - enable = true; - }; - # caddy = { - # virtualHosts = { - # "${host}" = { - # extraConfig = '' - # redir /.well-known/carddav /remote.php/dav/ 301 - # redir /.well-known/caldav /remote.php/dav/ 301 - - # reverse_proxy ${localhost}:${toString service.ports.port1} - - # tls ${service.ssl.cert} ${service.ssl.key} - # ''; - # }; - # }; + # jellyfin = { + # enable = true; + # openFirewall = true; + # user = user0; # }; + # jellyseerr = { + # openFirewall = true; + # enable = true; + # }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 + + reverse_proxy ${localhost}:${toString service.ports.port1} + + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; }; fileSystems = From 974662b4e296bce5606ada85cdc431294aea16b8 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:42:51 -0500 Subject: [PATCH 28/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 112 ++++++++++---------- 1 file changed, 56 insertions(+), 56 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 787c4a9..b56c3f0 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -8,65 +8,65 @@ let host = "${service.subdomain}.${web.domains.url0}"; in { - services = { - # jellyfin = { - # enable = true; - # openFirewall = true; - # user = user0; - # }; - # jellyseerr = { - # openFirewall = true; - # enable = true; - # }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - redir /.well-known/carddav /remote.php/dav/ 301 - redir /.well-known/caldav /remote.php/dav/ 301 + # services = { + # jellyfin = { + # enable = true; + # openFirewall = true; + # user = user0; + # }; + # jellyseerr = { + # openFirewall = true; + # enable = true; + # }; + # caddy = { + # virtualHosts = { + # "${host}" = { + # extraConfig = '' + # redir /.well-known/carddav /remote.php/dav/ 301 + # redir /.well-known/caldav /remote.php/dav/ 301 - reverse_proxy ${localhost}:${toString service.ports.port1} + # reverse_proxy ${localhost}:${toString service.ports.port1} - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; - }; + # tls ${service.ssl.cert} ${service.ssl.key} + # ''; + # }; + # }; + # }; + # }; - fileSystems = - let - settings = { - fsType = "none"; - options = [ - "bind" - ]; - depends = [ - ceres.storage0.mount - ]; - }; - in - { - "/var/lib/${service.name}" = { - device = service.paths.path0; - } // settings; - "/var/cache/${service.name}" = { - device = "${service.paths.path1}"; - } // settings; - }; + # fileSystems = + # let + # settings = { + # fsType = "none"; + # options = [ + # "bind" + # ]; + # depends = [ + # ceres.storage0.mount + # ]; + # }; + # in + # { + # "/var/lib/${service.name}" = { + # device = service.paths.path0; + # } // settings; + # "/var/cache/${service.name}" = { + # device = "${service.paths.path1}"; + # } // settings; + # }; - systemd.tmpfiles.rules = [ - "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" - ]; + # systemd.tmpfiles.rules = [ + # "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + # "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" + # ]; - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - service.ports.port1 - service.ports.port2 - ]; - }; - }; + # networking = { + # firewall = { + # allowedTCPPorts = [ + # service.ports.port0 + # service.ports.port1 + # service.ports.port2 + # ]; + # }; + # }; } From 955a8036738d3a8d811e476398b7d799d3fe0a45 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:43:34 -0500 Subject: [PATCH 29/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index b56c3f0..e3ff8d4 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -1,12 +1,12 @@ -{ flake, ... }: -let - inherit (flake.config.people) user0; - inherit (flake.config.machines.devices) ceres; - inherit (flake.config.services.instances) jellyfin web; - service = jellyfin; - localhost = web.localhost.address0; - host = "${service.subdomain}.${web.domains.url0}"; -in +# { flake, ... }: +# let +# inherit (flake.config.people) user0; +# inherit (flake.config.machines.devices) ceres; +# inherit (flake.config.services.instances) jellyfin web; +# service = jellyfin; +# localhost = web.localhost.address0; +# host = "${service.subdomain}.${web.domains.url0}"; +# in { # services = { # jellyfin = { From bb4ee4a2e5dd765c656b81c6f9f25beb5ff902db Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:44:32 -0500 Subject: [PATCH 30/35] feat: test --- modules/nixos/default.nix | 2 +- modules/nixos/services/jellyfin/default.nix | 130 ++++++++++---------- 2 files changed, 66 insertions(+), 66 deletions(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 05de450..88a7a44 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,7 +77,7 @@ in acme audiobookshelf caddy - jellyfin + # jellyfin logrotate mastodon minecraft diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index e3ff8d4..7153901 100755 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -1,72 +1,72 @@ -# { flake, ... }: -# let -# inherit (flake.config.people) user0; -# inherit (flake.config.machines.devices) ceres; -# inherit (flake.config.services.instances) jellyfin web; -# service = jellyfin; -# localhost = web.localhost.address0; -# host = "${service.subdomain}.${web.domains.url0}"; -# in +{ flake, ... }: +let + inherit (flake.config.people) user0; + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) jellyfin web; + service = jellyfin; + localhost = web.localhost.address0; + host = "${service.subdomain}.${web.domains.url0}"; +in { - # services = { - # jellyfin = { - # enable = true; - # openFirewall = true; - # user = user0; - # }; - # jellyseerr = { - # openFirewall = true; - # enable = true; - # }; - # caddy = { - # virtualHosts = { - # "${host}" = { - # extraConfig = '' - # redir /.well-known/carddav /remote.php/dav/ 301 - # redir /.well-known/caldav /remote.php/dav/ 301 + services = { + jellyfin = { + enable = true; + openFirewall = true; + user = user0; + }; + jellyseerr = { + openFirewall = true; + enable = true; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 - # reverse_proxy ${localhost}:${toString service.ports.port1} + reverse_proxy ${localhost}:${toString service.ports.port1} - # tls ${service.ssl.cert} ${service.ssl.key} - # ''; - # }; - # }; - # }; - # }; + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; - # fileSystems = - # let - # settings = { - # fsType = "none"; - # options = [ - # "bind" - # ]; - # depends = [ - # ceres.storage0.mount - # ]; - # }; - # in - # { - # "/var/lib/${service.name}" = { - # device = service.paths.path0; - # } // settings; - # "/var/cache/${service.name}" = { - # device = "${service.paths.path1}"; - # } // settings; - # }; + fileSystems = + let + settings = { + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + in + { + "/var/lib/${service.name}" = { + device = service.paths.path0; + } // settings; + "/var/cache/${service.name}" = { + device = "${service.paths.path1}"; + } // settings; + }; - # systemd.tmpfiles.rules = [ - # "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - # "Z ${service.paths.path1} 0755 ${user0} ${service.name} -" - # ]; + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + ]; - # networking = { - # firewall = { - # allowedTCPPorts = [ - # service.ports.port0 - # service.ports.port1 - # service.ports.port2 - # ]; - # }; - # }; + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + service.ports.port1 + service.ports.port2 + ]; + }; + }; } From 1e3e2b820de83cbee66f0dca0e5a3ffadad857db Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:45:11 -0500 Subject: [PATCH 31/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 72 --------------------- 1 file changed, 72 deletions(-) delete mode 100755 modules/nixos/services/jellyfin/default.nix diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix deleted file mode 100755 index 7153901..0000000 --- a/modules/nixos/services/jellyfin/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ flake, ... }: -let - inherit (flake.config.people) user0; - inherit (flake.config.machines.devices) ceres; - inherit (flake.config.services.instances) jellyfin web; - service = jellyfin; - localhost = web.localhost.address0; - host = "${service.subdomain}.${web.domains.url0}"; -in -{ - services = { - jellyfin = { - enable = true; - openFirewall = true; - user = user0; - }; - jellyseerr = { - openFirewall = true; - enable = true; - }; - caddy = { - virtualHosts = { - "${host}" = { - extraConfig = '' - redir /.well-known/carddav /remote.php/dav/ 301 - redir /.well-known/caldav /remote.php/dav/ 301 - - reverse_proxy ${localhost}:${toString service.ports.port1} - - tls ${service.ssl.cert} ${service.ssl.key} - ''; - }; - }; - }; - }; - - fileSystems = - let - settings = { - fsType = "none"; - options = [ - "bind" - ]; - depends = [ - ceres.storage0.mount - ]; - }; - in - { - "/var/lib/${service.name}" = { - device = service.paths.path0; - } // settings; - "/var/cache/${service.name}" = { - device = "${service.paths.path1}"; - } // settings; - }; - - systemd.tmpfiles.rules = [ - "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" - ]; - - networking = { - firewall = { - allowedTCPPorts = [ - service.ports.port0 - service.ports.port1 - service.ports.port2 - ]; - }; - }; -} From b24ef4d52fe9691f74ab071f447c4a48e11bb2e7 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:45:37 -0500 Subject: [PATCH 32/35] feat: test --- modules/nixos/services/jellyfin/default.nix | 72 +++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 modules/nixos/services/jellyfin/default.nix diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix new file mode 100644 index 0000000..7153901 --- /dev/null +++ b/modules/nixos/services/jellyfin/default.nix @@ -0,0 +1,72 @@ +{ flake, ... }: +let + inherit (flake.config.people) user0; + inherit (flake.config.machines.devices) ceres; + inherit (flake.config.services.instances) jellyfin web; + service = jellyfin; + localhost = web.localhost.address0; + host = "${service.subdomain}.${web.domains.url0}"; +in +{ + services = { + jellyfin = { + enable = true; + openFirewall = true; + user = user0; + }; + jellyseerr = { + openFirewall = true; + enable = true; + }; + caddy = { + virtualHosts = { + "${host}" = { + extraConfig = '' + redir /.well-known/carddav /remote.php/dav/ 301 + redir /.well-known/caldav /remote.php/dav/ 301 + + reverse_proxy ${localhost}:${toString service.ports.port1} + + tls ${service.ssl.cert} ${service.ssl.key} + ''; + }; + }; + }; + }; + + fileSystems = + let + settings = { + fsType = "none"; + options = [ + "bind" + ]; + depends = [ + ceres.storage0.mount + ]; + }; + in + { + "/var/lib/${service.name}" = { + device = service.paths.path0; + } // settings; + "/var/cache/${service.name}" = { + device = "${service.paths.path1}"; + } // settings; + }; + + systemd.tmpfiles.rules = [ + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + "Z ${service.paths.path0} 0755 ${user0} ${service.name} -" + ]; + + networking = { + firewall = { + allowedTCPPorts = [ + service.ports.port0 + service.ports.port1 + service.ports.port2 + ]; + }; + }; +} From 82660c64df1f2a5528bf5649d8258a32595903e0 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:46:11 -0500 Subject: [PATCH 33/35] feat: test --- modules/nixos/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 88a7a44..05de450 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -77,7 +77,7 @@ in acme audiobookshelf caddy - # jellyfin + jellyfin logrotate mastodon minecraft From fe7cdbef8484727fa8321970421efd7487d2ccf9 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:50:34 -0500 Subject: [PATCH 34/35] feat: test --- modules/helpers.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/helpers.nix b/modules/helpers.nix index b6a664b..0abf19f 100755 --- a/modules/helpers.nix +++ b/modules/helpers.nix @@ -17,7 +17,7 @@ builtins.listToAttrs ( map (dir: { name = baseNameOf (toString dir); - value = import dir; + value = { ... }: import dir; # Wrap as module }) (collectDirs path) ); } From 4bb34b4ccde91a831f8382ef5655ad192cb563b5 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 8 Jun 2025 22:52:52 -0500 Subject: [PATCH 35/35] feat: test --- modules/helpers.nix | 2 +- modules/nixos/services/jellyfin/default.nix | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/helpers.nix b/modules/helpers.nix index 0abf19f..b6a664b 100755 --- a/modules/helpers.nix +++ b/modules/helpers.nix @@ -17,7 +17,7 @@ builtins.listToAttrs ( map (dir: { name = baseNameOf (toString dir); - value = { ... }: import dir; # Wrap as module + value = import dir; }) (collectDirs path) ); } diff --git a/modules/nixos/services/jellyfin/default.nix b/modules/nixos/services/jellyfin/default.nix index 7153901..cf05dc1 100644 --- a/modules/nixos/services/jellyfin/default.nix +++ b/modules/nixos/services/jellyfin/default.nix @@ -1,5 +1,6 @@ -{ flake, ... }: +{ config, ... }: let + flake = config.flake; inherit (flake.config.people) user0; inherit (flake.config.machines.devices) ceres; inherit (flake.config.services.instances) jellyfin web;