diff --git a/.jq/format.jq b/.jq/format.jq new file mode 100644 index 0000000..5c65495 --- /dev/null +++ b/.jq/format.jq @@ -0,0 +1,34 @@ +def RESET: "0"; +def BOLD: "1"; +def DIM: "2"; +def ITALIC: "3"; +def UNDERLINE: "4"; +def BLINKING: "5"; +def INVERSE: "7"; +def HIDDEN: "8"; +def STRIKETHROUGH: "9"; +def RESET_FONT: "22"; + +def BLACK: 0; +def RED: 1; +def GREEN: 2; +def YELLOW: 3; +def BLUE: 4; +def MAGENTA: 5; +def CYAN: 6; +def WHITE: 7; +def DEFAULT: 9; + +def foreground(color): 30 + color; +def background(color): 40 + color; +def bright(color): 60 + color; + +def escape(options): + (if ((options|type) == "array") then options else [options] end) as $o + | "\u001b[\($o | map(tostring) | join(";"))m"; + +def style(options): escape(options) + . + escape([RESET]); + +def to_title: + (.|ascii_upcase) as $str + | escape([BOLD, foreground(BLACK), background(WHITE)]) + " " + $str + " " + escape([RESET]); diff --git a/.jq/table.jq b/.jq/table.jq new file mode 100644 index 0000000..83b98f2 --- /dev/null +++ b/.jq/table.jq @@ -0,0 +1,59 @@ +import "format" as _ {search:"./"}; + +def n_max(limit): + if . > limit then limit else . end; + +def n_min(limit): + if . < limit then limit else . end; + +def pad_right(width): + (. | tostring) as $s + | ($s | length) as $l + | ((width - $l) | n_min(0)) as $w + | ($s + (" " * $w)); + +def to_cells(sizes; fn): + to_entries + | map( + (sizes[.key]) as $size + | (" " + .value) + | pad_right($size + 2) + | fn // . + ); + +def to_cells(sizes): to_cells(sizes; null); + +def to_line(left; joiner; right): + [left, .[1], (.[1:] | map([joiner, .]) ), right] | flatten | join(""); + +def to_table(data; header_callback; cell_callback): + (data[0] | to_entries | map(.key)) as $keys + | ([$keys]) as $header + | (data | map(to_entries | map(.value))) as $rows + | ($header + $rows) as $cells + | ( + $keys # Use keys so that we have an array of the correct size + | to_entries + | map( + (.key) as $i + | $cells + | map(.[$i] | length) + | max + ) + ) as $column_sizes + | ( + [ + ($column_sizes | map("═" * (. + 2)) | to_line("╔"; "╤"; "╗")), + ($keys | to_cells($column_sizes; header_callback) | to_line("║"; "│"; "║")), + ($rows | map([ + ($column_sizes | map("─" * (. + 2)) | to_line("╟"; "┼"; "╢")), + (. | to_cells($column_sizes; cell_callback) | to_line("║"; "│"; "║")) + ])), + ($column_sizes | map("═" * (. + 2)) | to_line("╚"; "╧"; "╝")) + ] + | flatten + | join("\n") + ); + +def to_table(data; header_callback): to_table(data; header_callback; null); +def to_table(data): to_table(data; _::style(_::BOLD); null); diff --git a/.just/users.just b/.just/users.just new file mode 100644 index 0000000..cecd74b --- /dev/null +++ b/.just/users.just @@ -0,0 +1,27 @@ +set unstable := true +set quiet := true + +_default: + just --list + +[script] +list: + cd .. && just vars get ulmo zitadel/users \ + | jq fromjson \ + | jq -r -C ' + include ".jq/table"; + include ".jq/format"; + + to_entries + | sort_by(.key) + | map( + (.key|to_title) + ":\n" + + to_table( + .value + | to_entries + | sort_by(.key) + | map({username:.key} + .value) + ) + ) + | join("\n\n┄┄┄\n\n") + ' diff --git a/.just/vars.just b/.just/vars.just index 29a3e56..230f00c 100644 --- a/.just/vars.just +++ b/.just/vars.just @@ -3,12 +3,6 @@ set quiet := true base_path := invocation_directory() / "systems/x86_64-linux" -# sops := "nix shell nixpkgs#sops --command sops" -# yq := "nix shell nixpkgs#yq --command yq" - -sops := "sops" -yq := "yq" - _default: just --list diff --git a/.justfile b/.justfile index 75537e1..cee0db9 100644 --- a/.justfile +++ b/.justfile @@ -4,6 +4,9 @@ [doc('Manage vars')] mod vars '.just/vars.just' +[doc('Manage users')] +mod users '.just/users.just' + [doc('Manage machines')] mod machine '.just/machine.just' diff --git a/modules/nixos/services/communication/matrix/default.nix b/modules/nixos/services/communication/matrix/default.nix index 8bab5d0..33af8e4 100644 --- a/modules/nixos/services/communication/matrix/default.nix +++ b/modules/nixos/services/communication/matrix/default.nix @@ -121,10 +121,11 @@ in { bot_token = "disabled"; catch_up = true; - sequential_updates = false; + sequential_updates = true; }; appservice = { + port = 40011; provisioning.enabled = false; }; diff --git a/modules/nixos/services/media/mydia/default.nix b/modules/nixos/services/media/mydia/default.nix index 2bee38a..7e082a3 100644 --- a/modules/nixos/services/media/mydia/default.nix +++ b/modules/nixos/services/media/mydia/default.nix @@ -36,7 +36,7 @@ in { # uri = "file:///var/lib/mydia/mydia.db"; type = "postgres"; uri = "postgres://mydia@localhost:5432/mydia?sslmode=disable"; - passwordFile = config.sops.secrets."mydia/qbittorrent_password".path; + passwordFile = config.sops.templates."mydia/database_password".path; }; secretKeyBaseFile = config.sops.secrets."mydia/secret_key_base".path; @@ -82,5 +82,14 @@ in { key = "qbittorrent/password"; }; }; + + sops.templates."mydia/database_password" = { + owner = config.services.mydia.user; + group = config.services.mydia.group; + restartUnits = ["mydia.service"]; + content = '' + DATABASE_PASSWORD="" + ''; + }; }; } diff --git a/modules/nixos/services/media/servarr/default.nix b/modules/nixos/services/media/servarr/default.nix index c09e66f..bb90352 100644 --- a/modules/nixos/services/media/servarr/default.nix +++ b/modules/nixos/services/media/servarr/default.nix @@ -96,7 +96,8 @@ in { sabnzbd = { enable = true; openFirewall = true; - configFile = config.sops.templates."sabnzbd/config.ini".path; + configFile = "/var/media/sabnzbd/config.ini"; + # configFile = config.sops.templates."sabnzbd/config.ini".path; user = "sabnzbd"; group = "media"; @@ -301,12 +302,48 @@ in { })) |> lib.concat [ { + secrets = { + "sabnzbd/apikey" = {}; + "sabnzbd/sunnyweb/username" = {}; + "sabnzbd/sunnyweb/password" = {}; + }; + templates = { "sabnzbd/config.ini" = { owner = "sabnzbd"; group = "media"; + mode = "0660"; content = '' + __version__ = 19 + __encoding__ = utf-8 + [misc] + download_dir = /var/media/downloads/incomplete + complete_dir = /var/media/downloads/done + api_key = ${config.sops.placeholder."sabnzbd/apikey"} + log_dir = logs + [servers] + [[news.sunnyusenet.com]] + name = news.sunnyusenet.com + displayname = news.sunnyusenet.com + host = news.sunnyusenet.com + port = 563 + timeout = 60 + username = ${config.sops.placeholder."sabnzbd/sunnyweb/username"} + password = ${config.sops.placeholder."sabnzbd/sunnyweb/password"} + connections = 8 + ssl = 1 + ssl_verify = 3 + ssl_ciphers = "" + enable = 1 + required = 0 + optional = 0 + retention = 0 + expire_date = "" + quota = "" + usage_at_start = 0 + priority = 1 + notes = "" ''; }; }; diff --git a/sabnzbd.ini b/sabnzbd.ini new file mode 100644 index 0000000..fd60f57 --- /dev/null +++ b/sabnzbd.ini @@ -0,0 +1,395 @@ +__version__ = 19 +__encoding__ = utf-8 +[misc] +helpful_warnings = 1 +queue_complete = hibernate_pc +queue_complete_pers = 0 +bandwidth_perc = 100 +refresh_rate = 1 +interface_settings = '{"dateFormat":"YYYY-MM-DD HH:mm","extraQueueColumns":[],"extraHistoryColumns":[],"displayCompact":false,"displayFullWidth":false,"confirmDeleteQueue":true,"confirmDeleteHistory":true,"keyboardShortcuts":true}' +queue_limit = 20 +config_lock = 0 +fixed_ports = 1 +notified_new_skin = 2 +direct_unpack_tested = 1 +sorters_converted = 1 +check_new_rel = 1 +auto_browser = 0 +language = en +enable_https_verification = 0 +host = 0.0.0.0 +port = 8080 +https_port = "" +username = "" +password = "" +bandwidth_max = "" +cache_limit = 1G +web_dir = Glitter +web_color = Auto +https_cert = server.cert +https_key = server.key +https_chain = "" +enable_https = 0 +inet_exposure = 0 +api_key = 0052eba0db9d4b4f93a8a96f0cb85198 +nzb_key = 171ebeb3e0044c379dc7719bef6b3144 +socks5_proxy_url = "" +permissions = "" +download_dir = /var/media/downloads/incomplete +download_free = "" +complete_dir = /var/media/downloads/done +complete_free = "" +fulldisk_autoresume = 0 +script_dir = "" +nzb_backup_dir = "" +admin_dir = admin +backup_dir = "" +dirscan_dir = "" +dirscan_speed = 5 +password_file = "" +log_dir = logs +max_art_tries = 3 +top_only = 0 +sfv_check = 1 +script_can_fail = 0 +enable_recursive = 1 +flat_unpack = 0 +par_option = "" +pre_check = 0 +nice = "" +win_process_prio = 3 +ionice = "" +fail_hopeless_jobs = 1 +fast_fail = 1 +auto_disconnect = 1 +pre_script = None +end_queue_script = None +no_dupes = 0 +no_series_dupes = 0 +no_smart_dupes = 0 +dupes_propercheck = 1 +pause_on_pwrar = 1 +ignore_samples = 0 +deobfuscate_final_filenames = 1 +auto_sort = "" +direct_unpack = 0 +propagation_delay = 0 +folder_rename = 1 +replace_spaces = 0 +replace_underscores = 0 +replace_dots = 0 +safe_postproc = 1 +pause_on_post_processing = 0 +enable_all_par = 0 +sanitize_safe = 0 +cleanup_list = , +unwanted_extensions = , +action_on_unwanted_extensions = 0 +unwanted_extensions_mode = 0 +new_nzb_on_failure = 0 +history_retention = "" +history_retention_option = all +history_retention_number = 1 +quota_size = "" +quota_day = "" +quota_resume = 0 +quota_period = m +enable_tv_sorting = 0 +tv_sort_string = "" +tv_categories = tv, +enable_movie_sorting = 0 +movie_sort_string = "" +movie_sort_extra = -cd%1 +movie_categories = movies, +enable_date_sorting = 0 +date_sort_string = "" +date_categories = tv, +schedlines = , +rss_rate = 60 +ampm = 0 +start_paused = 0 +preserve_paused_state = 0 +enable_par_cleanup = 1 +process_unpacked_par2 = 1 +enable_multipar = 1 +enable_unrar = 1 +enable_7zip = 1 +enable_filejoin = 1 +enable_tsjoin = 1 +overwrite_files = 0 +ignore_unrar_dates = 0 +backup_for_duplicates = 0 +empty_postproc = 0 +wait_for_dfolder = 0 +rss_filenames = 0 +api_logging = 1 +html_login = 1 +warn_dupl_jobs = 0 +keep_awake = 1 +tray_icon = 1 +allow_incomplete_nzb = 0 +enable_broadcast = 1 +ipv6_hosting = 0 +ipv6_staging = 0 +api_warnings = 1 +no_penalties = 0 +x_frame_options = 1 +allow_old_ssl_tls = 0 +enable_season_sorting = 1 +verify_xff_header = 0 +rss_odd_titles = nzbindex.nl/, nzbindex.com/, nzbclub.com/ +quick_check_ext_ignore = nfo, sfv, srr +req_completion_rate = 100.2 +selftest_host = self-test.sabnzbd.org +movie_rename_limit = 100M +episode_rename_limit = 20M +size_limit = 0 +direct_unpack_threads = 3 +history_limit = 5 +wait_ext_drive = 5 +max_foldername_length = 246 +nomedia_marker = "" +ipv6_servers = 1 +url_base = /sabnzbd +host_whitelist = usenet.kruining.eu, ulmo +local_ranges = , +max_url_retries = 10 +downloader_sleep_time = 10 +receive_threads = 2 +switchinterval = 0.005 +ssdp_broadcast_interval = 15 +ext_rename_ignore = , +email_server = "" +email_to = , +email_from = "" +email_account = "" +email_pwd = "" +email_endjob = 0 +email_full = 0 +email_dir = "" +email_rss = 0 +email_cats = *, +config_conversion_version = 4 +disable_par2cmdline = 0 +disable_archive = 0 +unrar_parameters = "" +outgoing_nntp_ip = "" +[logging] +log_level = 1 +max_log_size = 5242880 +log_backups = 5 +[ncenter] +ncenter_enable = 0 +ncenter_cats = *, +ncenter_prio_startup = 0 +ncenter_prio_download = 0 +ncenter_prio_pause_resume = 0 +ncenter_prio_pp = 0 +ncenter_prio_complete = 1 +ncenter_prio_failed = 1 +ncenter_prio_disk_full = 1 +ncenter_prio_new_login = 0 +ncenter_prio_warning = 0 +ncenter_prio_error = 0 +ncenter_prio_queue_done = 0 +ncenter_prio_other = 1 +ncenter_prio_quota = 1 +[acenter] +acenter_enable = 0 +acenter_cats = *, +acenter_prio_startup = 0 +acenter_prio_download = 0 +acenter_prio_pause_resume = 0 +acenter_prio_pp = 0 +acenter_prio_complete = 1 +acenter_prio_failed = 1 +acenter_prio_disk_full = 1 +acenter_prio_new_login = 0 +acenter_prio_warning = 0 +acenter_prio_error = 0 +acenter_prio_queue_done = 0 +acenter_prio_other = 1 +acenter_prio_quota = 1 +[ntfosd] +ntfosd_enable = 1 +ntfosd_cats = *, +ntfosd_prio_startup = 0 +ntfosd_prio_download = 0 +ntfosd_prio_pause_resume = 0 +ntfosd_prio_pp = 0 +ntfosd_prio_complete = 1 +ntfosd_prio_failed = 1 +ntfosd_prio_disk_full = 1 +ntfosd_prio_new_login = 0 +ntfosd_prio_warning = 0 +ntfosd_prio_error = 0 +ntfosd_prio_queue_done = 0 +ntfosd_prio_other = 1 +ntfosd_prio_quota = 1 +[prowl] +prowl_enable = 0 +prowl_cats = *, +prowl_apikey = "" +prowl_prio_startup = -3 +prowl_prio_download = -3 +prowl_prio_pause_resume = -3 +prowl_prio_pp = -3 +prowl_prio_complete = 0 +prowl_prio_failed = 1 +prowl_prio_disk_full = 1 +prowl_prio_new_login = -3 +prowl_prio_warning = -3 +prowl_prio_error = -3 +prowl_prio_queue_done = -3 +prowl_prio_other = 0 +prowl_prio_quota = 0 +[pushover] +pushover_token = "" +pushover_userkey = "" +pushover_device = "" +pushover_emergency_expire = 3600 +pushover_emergency_retry = 60 +pushover_enable = 0 +pushover_cats = *, +pushover_prio_startup = -3 +pushover_prio_download = -2 +pushover_prio_pause_resume = -2 +pushover_prio_pp = -3 +pushover_prio_complete = -1 +pushover_prio_failed = -1 +pushover_prio_disk_full = 1 +pushover_prio_new_login = -3 +pushover_prio_warning = 1 +pushover_prio_error = 1 +pushover_prio_queue_done = -3 +pushover_prio_other = -1 +pushover_prio_quota = -1 +[pushbullet] +pushbullet_enable = 0 +pushbullet_cats = *, +pushbullet_apikey = "" +pushbullet_device = "" +pushbullet_prio_startup = 0 +pushbullet_prio_download = 0 +pushbullet_prio_pause_resume = 0 +pushbullet_prio_pp = 0 +pushbullet_prio_complete = 1 +pushbullet_prio_failed = 1 +pushbullet_prio_disk_full = 1 +pushbullet_prio_new_login = 0 +pushbullet_prio_warning = 0 +pushbullet_prio_error = 0 +pushbullet_prio_queue_done = 0 +pushbullet_prio_other = 1 +pushbullet_prio_quota = 1 +[apprise] +apprise_enable = 0 +apprise_cats = *, +apprise_urls = "" +apprise_target_startup = "" +apprise_target_startup_enable = 0 +apprise_target_download = "" +apprise_target_download_enable = 0 +apprise_target_pause_resume = "" +apprise_target_pause_resume_enable = 0 +apprise_target_pp = "" +apprise_target_pp_enable = 0 +apprise_target_complete = "" +apprise_target_complete_enable = 1 +apprise_target_failed = "" +apprise_target_failed_enable = 1 +apprise_target_disk_full = "" +apprise_target_disk_full_enable = 0 +apprise_target_new_login = "" +apprise_target_new_login_enable = 1 +apprise_target_warning = "" +apprise_target_warning_enable = 0 +apprise_target_error = "" +apprise_target_error_enable = 0 +apprise_target_queue_done = "" +apprise_target_queue_done_enable = 0 +apprise_target_other = "" +apprise_target_other_enable = 1 +apprise_target_quota = "" +apprise_target_quota_enable = 1 +[nscript] +nscript_enable = 0 +nscript_cats = *, +nscript_script = "" +nscript_parameters = "" +nscript_prio_startup = 0 +nscript_prio_download = 0 +nscript_prio_pause_resume = 0 +nscript_prio_pp = 0 +nscript_prio_complete = 1 +nscript_prio_failed = 1 +nscript_prio_disk_full = 1 +nscript_prio_new_login = 0 +nscript_prio_warning = 0 +nscript_prio_error = 0 +nscript_prio_queue_done = 0 +nscript_prio_other = 1 +nscript_prio_quota = 1 +[categories] +[[*]] +name = * +order = 0 +pp = 3 +script = None +dir = "" +newzbin = "" +priority = 0 +[[movies]] +name = movies +order = 1 +pp = "" +script = Default +dir = "" +newzbin = "" +priority = -100 +[[tv]] +name = tv +order = 2 +pp = "" +script = Default +dir = "" +newzbin = "" +priority = -100 +[[audio]] +name = audio +order = 3 +pp = "" +script = Default +dir = "" +newzbin = "" +priority = -100 +[[software]] +name = software +order = 4 +pp = "" +script = Default +dir = "" +newzbin = "" +priority = -100 +[servers] +[[news.sunnyusenet.com]] +name = news.sunnyusenet.com +displayname = news.sunnyusenet.com +host = news.sunnyusenet.com +port = 563 +timeout = 60 +username = michiel@hazelhof.nl +password = dasusenet +connections = 8 +ssl = 1 +ssl_verify = 3 +ssl_ciphers = "" +enable = 1 +required = 0 +optional = 0 +retention = 0 +expire_date = "" +quota = "" +usage_at_start = 0 +priority = 1 +notes = ""