From 50067c82ec8a3fd6ddadc8df7fb6c0337cdefa7d Mon Sep 17 00:00:00 2001 From: baduhai Date: Fri, 6 Jan 2023 16:46:37 -0300 Subject: [PATCH] another restructure --- .../{services => }/containerised.nix | 0 hosts/servers/alexandria/default.nix | 3 +- hosts/servers/alexandria/services/arr.nix | 38 ------ hosts/servers/alexandria/services/default.nix | 11 -- hosts/servers/alexandria/services/gaming.nix | 17 --- hosts/servers/alexandria/services/nginx.nix | 30 ----- hosts/servers/alexandria/services/utility.nix | 51 ------- .../alexandria/{services => }/variables.nix | 0 hosts/servers/alexandria/virtualisation.nix | 125 ++++++++++++++++++ 9 files changed, 127 insertions(+), 148 deletions(-) rename hosts/servers/alexandria/{services => }/containerised.nix (100%) delete mode 100644 hosts/servers/alexandria/services/arr.nix delete mode 100644 hosts/servers/alexandria/services/default.nix delete mode 100644 hosts/servers/alexandria/services/gaming.nix delete mode 100644 hosts/servers/alexandria/services/nginx.nix delete mode 100644 hosts/servers/alexandria/services/utility.nix rename hosts/servers/alexandria/{services => }/variables.nix (100%) create mode 100644 hosts/servers/alexandria/virtualisation.nix diff --git a/hosts/servers/alexandria/services/containerised.nix b/hosts/servers/alexandria/containerised.nix similarity index 100% rename from hosts/servers/alexandria/services/containerised.nix rename to hosts/servers/alexandria/containerised.nix diff --git a/hosts/servers/alexandria/default.nix b/hosts/servers/alexandria/default.nix index ca67997..f70a74f 100644 --- a/hosts/servers/alexandria/default.nix +++ b/hosts/servers/alexandria/default.nix @@ -3,8 +3,9 @@ { imports = [ ./hardware-configuration.nix + ./variables.nix + ./services.nix ./security.nix ./users.nix - ./services ]; } diff --git a/hosts/servers/alexandria/services/arr.nix b/hosts/servers/alexandria/services/arr.nix deleted file mode 100644 index 5cabb50..0000000 --- a/hosts/servers/alexandria/services/arr.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ specialArgs, inputs, config, pkgs, lib, ... }: - -{ - services = { - qbittorrent = { - enable = true; - user = "user"; - group = "hosted"; - port = lib.toInt "${config.ports.qbittorrent}"; - }; - - jellyfin = { - enable = true; - user = "user"; - group = "hosted"; - }; - - radarr = { - enable = true; - user = "user"; - group = "hosted"; - }; - - sonarr = { - enable = true; - user = "user"; - group = "hosted"; - }; - - bazarr = { - enable = true; - user = "user"; - group = "hosted"; - }; - - jackett.enable = true; - }; -} diff --git a/hosts/servers/alexandria/services/default.nix b/hosts/servers/alexandria/services/default.nix deleted file mode 100644 index e674e9e..0000000 --- a/hosts/servers/alexandria/services/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ ... }: - -{ - imports = [ - ./containerised.nix - ./variables.nix - ./utility.nix - ./nginx.nix - ./arr.nix - ]; -} diff --git a/hosts/servers/alexandria/services/gaming.nix b/hosts/servers/alexandria/services/gaming.nix deleted file mode 100644 index 35cd7d7..0000000 --- a/hosts/servers/alexandria/services/gaming.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ specialArgs, inputs, config, pkgs, lib, ... }: - -{ - services.minecraft-server = { - enable = true; - eula = true; - declarative = true; - openFirewall = true; - package = pkgs.papermc; - serverProperties = { - motd = "Bem-vindo a Alexandria"; - difficulty = "hard"; - gamemode = "survival"; - }; - dataDir = "/data/minecraft"; - }; -} diff --git a/hosts/servers/alexandria/services/nginx.nix b/hosts/servers/alexandria/services/nginx.nix deleted file mode 100644 index d7b2fa4..0000000 --- a/hosts/servers/alexandria/services/nginx.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ specialArgs, inputs, config, pkgs, lib, ... }: - -{ - services.nginx = { - enable = true; - group = "hosted"; - recommendedGzipSettings = true; - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - virtualHosts = { - "baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; root = inputs.homepage; }; - "bazarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.bazaar}"; }; - "bitwarden.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.vaultwarden}"; }; - "cinny.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.cinny}"; }; - "detect.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.changedetection-io}"; }; - "jackett.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.jackett}"; }; - "jellyfin.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.jellyfin}"; }; - "librespeed.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.librespeed}"; }; - "n8n.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.n8n}"; }; - "paperless.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.paperless}"; }; - "qbittorrent.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.qbittorrent}"; }; - "radarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}"; }; - "shiori.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.shiori}"; }; - "sonarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}"; }; - "sync.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.syncthing}"; }; - "whoogle.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.whoogle}"; }; - }; - }; -} diff --git a/hosts/servers/alexandria/services/utility.nix b/hosts/servers/alexandria/services/utility.nix deleted file mode 100644 index c4ccc26..0000000 --- a/hosts/servers/alexandria/services/utility.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ specialArgs, inputs, config, pkgs, lib, ... }: - -{ - age.secrets = { - paperless-pass = { - file = ../../../../secrets/paperless-pass.age; - owner = "paperless"; - group = "hosted"; - }; - }; - - services = { - vaultwarden = { - enable = true; - config = { - DOMAIN = "https://bitwarden.baduhai.me"; - SIGNUPS_ALLOWED = false; - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = "${config.ports.vaultwarden}"; - }; - }; - - changedetection-io = { - enable = true; - group = "hosted"; - behindProxy = true; - datastorePath = "/data/changedetection"; - port = lib.toInt "${config.ports.changedetection-io}"; - baseURL = "https://detect.baduhai.me"; - }; - - paperless = { - enable = true; - dataDir = "/data/paperless/data"; - mediaDir = "/data/paperless/media"; - passwordFile = config.age.secrets.paperless-pass.path; - port = lib.toInt "${config.ports.paperless}"; - consumptionDirIsPublic = true; - extraConfig = { - PAPERLESS_OCR_LANGUAGE = "eng+por+deu"; - }; - }; - - shiori = { - enable = true; - port = lib.toInt "${config.ports.shiori}"; - }; - - n8n.enable = true; - }; -} diff --git a/hosts/servers/alexandria/services/variables.nix b/hosts/servers/alexandria/variables.nix similarity index 100% rename from hosts/servers/alexandria/services/variables.nix rename to hosts/servers/alexandria/variables.nix diff --git a/hosts/servers/alexandria/virtualisation.nix b/hosts/servers/alexandria/virtualisation.nix new file mode 100644 index 0000000..0e795c7 --- /dev/null +++ b/hosts/servers/alexandria/virtualisation.nix @@ -0,0 +1,125 @@ +{ specialArgs, inputs, config, pkgs, lib, ... }: + +{ + age.secrets = { + paperless-pass = { + file = ../../../../secrets/paperless-pass.age; + owner = "paperless"; + group = "hosted"; + }; + }; + + services = { + bazarr = { + enable = true; + user = "user"; + group = "hosted"; + }; + + changedetection-io = { + enable = true; + group = "hosted"; + behindProxy = true; + datastorePath = "/data/changedetection"; + port = lib.toInt "${config.ports.changedetection-io}"; + baseURL = "https://detect.baduhai.me"; + }; + + jackett.enable = true; + + jellyfin = { + enable = true; + user = "user"; + group = "hosted"; + }; + + minecraft-server = { + enable = true; + eula = true; + declarative = true; + openFirewall = true; + package = pkgs.papermc; + serverProperties = { + motd = "Bem-vindo a Alexandria"; + difficulty = "hard"; + gamemode = "survival"; + }; + dataDir = "/data/minecraft"; + }; + + n8n.enable = true; + + nginx = { + enable = true; + group = "hosted"; + recommendedGzipSettings = true; + recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + virtualHosts = { + "baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; root = inputs.homepage; }; + "bazarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.bazaar}"; }; + "bitwarden.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.vaultwarden}"; }; + "cinny.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.cinny}"; }; + "detect.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.changedetection-io}"; }; + "jackett.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.jackett}"; }; + "jellyfin.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.jellyfin}"; }; + "librespeed.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.librespeed}"; }; + "n8n.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.n8n}"; }; + "paperless.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.paperless}"; }; + "qbittorrent.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.qbittorrent}"; }; + "radarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}"; }; + "shiori.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.shiori}"; }; + "sonarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}"; }; + "sync.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.syncthing}"; }; + "whoogle.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.whoogle}"; }; + }; + }; + + paperless = { + enable = true; + dataDir = "/data/paperless/data"; + mediaDir = "/data/paperless/media"; + passwordFile = config.age.secrets.paperless-pass.path; + port = lib.toInt "${config.ports.paperless}"; + consumptionDirIsPublic = true; + extraConfig = { + PAPERLESS_OCR_LANGUAGE = "eng+por+deu"; + }; + }; + + qbittorrent = { + enable = true; + user = "user"; + group = "hosted"; + port = lib.toInt "${config.ports.qbittorrent}"; + }; + + radarr = { + enable = true; + user = "user"; + group = "hosted"; + }; + + shiori = { + enable = true; + port = lib.toInt "${config.ports.shiori}"; + }; + + sonarr = { + enable = true; + user = "user"; + group = "hosted"; + }; + + vaultwarden = { + enable = true; + config = { + DOMAIN = "https://bitwarden.baduhai.me"; + SIGNUPS_ALLOWED = false; + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = "${config.ports.vaultwarden}"; + }; + }; + }; +}