{ inputs, config, pkgs, libs, ... }: { age.secrets = { paperless-pass.file = ../../../secrets/paperless-pass.age; }; services = { nginx = { enable = true; group = "hosted"; recommendedGzipSettings = true; recommendedOptimisation = true; recommendedProxySettings = true; recommendedTlsSettings = true; virtualHosts = { "baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; root = inputs.homepage; }; "cinny.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8002"; }; "librespeed.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8003"; }; "pyload.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8005"; }; "shiori.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8006"; }; "sync.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8007"; }; "whoogle.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8008"; }; }; }; vaultwarden = { enable = true; config = { DOMAIN = "https://bitwarden.baduhai.me"; SIGNUPS_ALLOWED = false; ROCKET_ADDRESS = "127.0.0.1"; ROCKET_PORT = 8000; }; }; nginx.virtualHosts."bitwarden.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}"; }; changedetection-io = { enable = true; group = "hosted"; behindProxy = true; datastorePath = "/data/changedetection"; port = 8001; baseURL = "https://detect.baduhai.me"; }; nginx.virtualHosts."detect.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${toString config.services.changedetection-io.port}"; }; jellyfin = { enable = true; group = "hosted"; openFirewall = true; }; nginx.virtualHosts."jellyfin.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:8096"; }; paperless = { enable = true; dataDir = "/data/paperless/data"; mediaDir = "/data/paperless/media"; passwordFile = config.age.secrets.paperless-pass.path; port = 8004; consumptionDirIsPublic = true; extraConfig = { PAPERLESS_OCR_LANGUAGE = "eng+por+deu"; }; }; nginx.virtualHosts."paperless.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${toString config.services.paperless.port}"; }; minecraft-server = { enable = true; eula = true; declarative = true; openFirewall = true; package = pkgs.papermc; serverProperties = { motd = "Bem-vindo a Alexandria"; difficulty = "hard"; gamemode = "survival"; }; dataDir = "/data/minecraft"; }; }; virtualisation = { docker.enable = true; oci-containers = { backend = "docker"; containers = { "cinny" = { image = "ghcr.io/cinnyapp/cinny:latest"; ports = [ "8002:80" ]; extraOptions = [ "--pull=always" ]; }; "librespeed" = { image = "lscr.io/linuxserver/librespeed:latest"; environment = { TZ = "Europe/Berlin"; }; ports = [ "8004:80" ]; extraOptions = [ "--pull=always" ]; }; # "paperless" = { # image = "lscr.io/linuxserver/paperless-ngx:latest"; # environment = { # PUID = "1000"; # PGID = "100"; # TZ = "Europe/Berlin"; # PAPERLESS_URL = "https://paperless.baduhai.me"; # PAPERLESS_OCR_LANGUAGE = "eng+deu+por"; # DOCKER_MODS = "linuxserver/mods:papermerge-multilangocr"; # OCRLANG = "eng,por,deu"; # }; # volumes = [ # "/data/paperless-ngx/config:/config" # "/data/paperless-ngx/data:/data" # ]; # ports = [ # "8005:8000" # ]; # extraOptions = [ # "--pull=always" # ]; # }; # "pyload" = { # Download manager # image = "lscr.io/linuxserver/pyload-ng:latest"; # environment = { # PUID = "1000"; # PGID = "100"; # TZ = "Europe/Berlin"; # }; # volumes = [ # "/data/pyload/config:/config" # "/data/pyload/downloads:/downloads" # ]; # ports = [ # "8005:8000" # "9666:9666" # ]; # extraOptions = [ # "--pull=always" # ]; # }; # "shiori" = { # image = "docker.io/nicholaswilde/shiori:latest"; # environment = { # TZ = "Europe/Berlin"; # PUID = "1000"; # PGID = "100"; # SHIORI_DIR = "/data"; # }; # volumes = [ # "/data/shiori:/data" # ]; # ports = [ # "8006:8080" # ]; # extraOptions = [ # "--pull=always" # ]; # }; # "syncthing" = { # image = "lscr.io/linuxserver/syncthing:1.20.4"; # environment = { # PUID = "1000"; # PGID = "100"; # TZ = "Europe/Berlin"; # }; # volumes = [ # "/data/syncthing/config:/config" # "/data/syncthing/data1:/data1" # "/data/syncthing/data2:/data2" # "/data/syncthing/notes:/sync/notes" # ]; # ports = [ # "8007:8384" # "22000:22000" # "21027:21027/udp" # ]; # extraOptions = [ # "--pull=always" # ]; # }; "whoogle" = { image = "benbusby/whoogle-search:latest"; environment = { HTTPS_ONLY = "1"; WHOOGLE_CONFIG_DISABLE = "1"; WHOOGLE_CONFIG_LANGUAGE = "lang_en"; WHOOGLE_CONFIG_SEARCH_LANGUAGE = "lang_en"; WHOOGLE_CONFIG_THEME = "system"; WHOOGLE_CONFIG_VIEW_IMAGE = "1"; WHOOGLE_CONFIG_GET_ONLY = "1"; }; ports = [ "8008:5000" ]; extraOptions = [ "--pull=always" ]; }; }; }; }; }