Updated docs
This commit is contained in:
rasmus-kirk
@@ -0,0 +1,54 @@
|
||||
---
|
||||
title: Basic Example
|
||||
---
|
||||
|
||||
This example does the following:
|
||||
|
||||
- Runs a jellyfin server and exposes it to the internet with HTTPS support.
|
||||
- Runs the transmission torrent client through a vpn
|
||||
- Runs all "*Arrs" supported by this module
|
||||
|
||||
```nix {.numberLines}
|
||||
nixarr = {
|
||||
enable = true;
|
||||
# These two values are also the default, but you can set them to whatever
|
||||
# else you want
|
||||
# WARNING: Do _not_ set them to `/home/user/whatever`, it will not work!
|
||||
mediaDir = "/data/media";
|
||||
stateDir = "/data/media/.state/nixarr";
|
||||
|
||||
vpn = {
|
||||
enable = true;
|
||||
# WARNING: This file must _not_ be in the config git directory
|
||||
# You can usually get this wireguard file from your VPN provider
|
||||
wgConf = "/data/.secret/wg.conf";
|
||||
};
|
||||
|
||||
jellyfin = {
|
||||
enable = true;
|
||||
# These options set up a nginx HTTPS reverse proxy, so you can access
|
||||
# Jellyfin on your domain with HTTPS
|
||||
expose.https = {
|
||||
enable = true;
|
||||
domainName = "your.domain.com";
|
||||
acmeMail = "your@email.com"; # Required for ACME-bot
|
||||
};
|
||||
};
|
||||
|
||||
transmission = {
|
||||
enable = true;
|
||||
vpn.enable = true;
|
||||
peerPort = 50000; # Set this to the port forwarded by your VPN
|
||||
};
|
||||
|
||||
# It is possible for this module to run the *Arrs through a VPN, but it
|
||||
# is generally not recommended, as it can cause rate-limiting issues.
|
||||
bazarr.enable = true;
|
||||
lidarr.enable = true;
|
||||
prowlarr.enable = true;
|
||||
radarr.enable = true;
|
||||
readarr.enable = true;
|
||||
sonarr.enable = true;
|
||||
};
|
||||
```
|
||||
|
||||
@@ -0,0 +1,91 @@
|
||||
---
|
||||
title: Example Configuration where Port Forwarding is not an Option
|
||||
---
|
||||
|
||||
An example where port forwarding is not an option. This is useful if,
|
||||
for example, you're living in a dorm that does not allow it. This
|
||||
example does the following:
|
||||
|
||||
- Runs Jellyfin and exposes it to the internet on a set port
|
||||
- Starts openssh and runs it through the VPN so that it can be accessed
|
||||
outside your home network
|
||||
- Runs all the supported "*Arrs"
|
||||
|
||||
**Warning:** This is largely untested ATM!
|
||||
|
||||
```nix {.numberLines}
|
||||
nixarr = {
|
||||
enable = true;
|
||||
|
||||
vpn = {
|
||||
enable = true;
|
||||
wgConf = "/data/.secret/wg.conf";
|
||||
};
|
||||
|
||||
jellyfin = {
|
||||
enable = true;
|
||||
vpn.enable = true;
|
||||
|
||||
# Access the Jellyfin web-ui from the internet.
|
||||
# Get this port from your VPN provider
|
||||
expose.vpn = {
|
||||
enable = true;
|
||||
port = 12345;
|
||||
};
|
||||
};
|
||||
|
||||
# Setup SSH service that runs through VPN.
|
||||
# Lets you connect through ssh from the internet without having access to
|
||||
# port forwarding
|
||||
openssh.expose.vpn.enable = true;
|
||||
|
||||
transmission = {
|
||||
enable = true;
|
||||
vpn.enable = true;
|
||||
peerPort = 50000; # Set this to the port forwarded by your VPN
|
||||
};
|
||||
|
||||
bazarr.enable = true;
|
||||
sonarr.enable = true;
|
||||
radarr.enable = true;
|
||||
prowlarr.enable = true;
|
||||
readarr.enable = true;
|
||||
lidarr.enable = true;
|
||||
};
|
||||
|
||||
# The `openssh.vpn.enable` option does not enable openssh, so we do that here:
|
||||
# We disable password authentication as it's generally insecure.
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings.PasswordAuthentication = false;
|
||||
# Get this port from your VPN provider
|
||||
ports = [ 54321 ]
|
||||
};
|
||||
# Adds your public keys as trusted devices
|
||||
users.extraUsers.username.openssh.authorizedKeys.keyFiles = [
|
||||
./path/to/public/key/machine.pub}
|
||||
];
|
||||
```
|
||||
|
||||
This example uses SSH tunneling to expose most of your services. See the
|
||||
[expose](/wiki/expose) wiki page for more info on how to safely access
|
||||
your services.
|
||||
|
||||
In this example, you don't have access to any services without being on your
|
||||
home network or accessing them through localhost. If you have SSH setup you
|
||||
can use SSH tunneling. Simply run:
|
||||
|
||||
```sh
|
||||
ssh -N user@ip \
|
||||
-L 6001:localhost:9091 \
|
||||
-L 6002:localhost:9696 \
|
||||
-L 6003:localhost:8989 \
|
||||
-L 6004:localhost:7878 \
|
||||
-L 6005:localhost:8686 \
|
||||
-L 6006:localhost:8787 \
|
||||
-L 6007:localhost:6767
|
||||
```
|
||||
|
||||
Replace `user` with your user and `ip` with the public ip, or domain if set
|
||||
up, of your server. This lets you access the services on `localhost:6001`
|
||||
through `localhost:6007`.
|
||||
Reference in New Issue
Block a user