fujin/nixarr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Undo nginx and add sub-merge

Browse Source
This commit is contained in:
rasmus-kirk
2024-09-19 22:18:53 +02:00
parent 31484ce375
commit e44c6f61f8
10 changed files with 189 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flake.nix
+16 -16
View File
@@ -8,25 +8,24 @@
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
vpnconfinement = {
url = "github:Maroka-chan/VPN-Confinement";
inputs.nixpkgs.follows = "nixpkgs";
};
flake-parts = { vpnconfinement.url = "github:Maroka-chan/VPN-Confinement";
url = "github:hercules-ci/flake-parts"; vpnconfinement.inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs-lib.follows = "nixpkgs";
}; sub-merge.url = "github:rasmus-kirk/sub-merge";
sub-merge.inputs.nixpkgs.follows = "nixpkgs";
# Flake stuff
flake-parts.url = "github:hercules-ci/flake-parts";
flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs";
flake-root.url = "github:srid/flake-root"; flake-root.url = "github:srid/flake-root";
devshell = { devshell.url = "github:numtide/devshell";
url = "github:numtide/devshell"; devshell.inputs.nixpkgs.follows = "nixpkgs";
inputs.nixpkgs.follows = "nixpkgs";
}; treefmt-nix.url = "github:numtide/treefmt-nix";
treefmt-nix = { treefmt-nix.inputs.nixpkgs.follows = "nixpkgs";
url = "github:numtide/treefmt-nix";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = inputs @ { outputs = inputs @ {
@@ -50,6 +49,7 @@
nixosModules = rec { nixosModules = rec {
nixarr = import ./nixarr vpnconfinement; nixarr = import ./nixarr vpnconfinement;
imports = [ vpnconfinement.nixosModules.default ]; imports = [ vpnconfinement.nixosModules.default ];
specialArgs = { inherit inputs; };
default = nixarr; default = nixarr;
}; };
}; };
nixarr/bazarr/default.nix
+22
View File
@@ -104,5 +104,27 @@ in {
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString config.bazarr.listenPort}" = {
listen = [
{
addr = "0.0.0.0";
port = config.bazarr.listenPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString config.bazarr.listenPort}";
};
};
};
}; };
} }
nixarr/jellyfin/default.nix
+15
View File
@@ -261,6 +261,21 @@ in
}; };
}; };
}) })
(mkIf cfg.vpn.enable {
virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = mkIf cfg.vpn.enable {
listen = [
{
addr = "0.0.0.0";
port = defaultPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
};
};
})
(mkIf cfg.expose.vpn.enable { (mkIf cfg.expose.vpn.enable {
virtualHosts."${builtins.toString cfg.expose.vpn.accessibleFrom}:${builtins.toString cfg.expose.vpn.port}" = { virtualHosts."${builtins.toString cfg.expose.vpn.accessibleFrom}:${builtins.toString cfg.expose.vpn.port}" = {
enableACME = true; enableACME = true;
nixarr/lidarr/default.nix
+22
View File
@@ -101,5 +101,27 @@ in {
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = {
listen = [
{
addr = "0.0.0.0";
port = defaultPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
};
};
};
}; };
} }
nixarr/nixarr.nix
+2 -1
View File
@@ -2,6 +2,7 @@
config, config,
lib, lib,
pkgs, pkgs,
inputs,
... ...
}: }:
with lib; let with lib; let
@@ -240,6 +241,7 @@ in {
]; ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
inputs.sub-merge.packages."${system}".default
jdupes jdupes
list-unlinked list-unlinked
fix-permissions fix-permissions
@@ -259,7 +261,6 @@ in {
wireguardConfigFile = cfg.vpn.wgConf; wireguardConfigFile = cfg.vpn.wgConf;
}; };
# TODO: openports
systemd.services.vpn-test-service = mkIf cfg.vpn.vpnTestService.enable { systemd.services.vpn-test-service = mkIf cfg.vpn.vpnTestService.enable {
enable = true; enable = true;
nixarr/prowlarr/default.nix
+22
View File
@@ -103,5 +103,27 @@ in {
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = {
listen = [
{
addr = "0.0.0.0";
port = defaultPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
};
};
};
}; };
} }
nixarr/radarr/default.nix
+22
View File
@@ -101,5 +101,27 @@ in {
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = {
listen = [
{
addr = "0.0.0.0";
port = defaultPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
};
};
};
}; };
} }
nixarr/readarr/default.nix
+24 -2
View File
@@ -94,10 +94,32 @@ in {
vpnnamespaces.wg = mkIf cfg.vpn.enable { vpnnamespaces.wg = mkIf cfg.vpn.enable {
portMappings = [ portMappings = [
{ {
from = 8787; from = defaultPort;
to = 8787; to = defaultPort;
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = {
listen = [
{
addr = "0.0.0.0";
port = defaultPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
};
};
};
}; };
} }
nixarr/sabnzbd/default.nix
+22
View File
@@ -226,5 +226,27 @@ in {
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString cfg.guiPort}" = {
listen = [
{
addr = "0.0.0.0";
port = cfg.guiPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString cfg.guiPort}";
};
};
};
}; };
} }
nixarr/sonarr/default.nix
+22
View File
@@ -101,5 +101,27 @@ in {
} }
]; ];
}; };
services.nginx = mkIf cfg.vpn.enable {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
virtualHosts."127.0.0.1:${builtins.toString defaultPort}" = {
listen = [
{
addr = "0.0.0.0";
port = defaultPort;
}
];
locations."/" = {
recommendedProxySettings = true;
proxyWebsockets = true;
proxyPass = "http://192.168.15.1:${builtins.toString defaultPort}";
};
};
};
}; };
} }