From e63d103cc888dadb50d9e20d70f3814080669cee Mon Sep 17 00:00:00 2001
From: Chris Kruining <chris@kruining.eu>
Date: Mon, 15 Jul 2024 17:32:47 +0200
Subject: [PATCH] add some of the config from the server to the repo

---
 modules/programs/media.nix                    | 101 +++++++++---------
 modules/programs/shell.nix                    |  19 +++-
 modules/programs/shell/rust.nix               |   1 -
 ssh/server                                    |   7 --
 ssh/server.pub                                |   1 -
 systems/x86_64-linux/hostname/default.nix     |   0
 .../x86_64-linux/hostname/hardware-config.nix |   0
 7 files changed, 70 insertions(+), 59 deletions(-)
 delete mode 100644 ssh/server
 delete mode 100644 ssh/server.pub
 delete mode 100644 systems/x86_64-linux/hostname/default.nix
 delete mode 100644 systems/x86_64-linux/hostname/hardware-config.nix

diff --git a/modules/programs/media.nix b/modules/programs/media.nix
index b621a6c..91f8719 100644
--- a/modules/programs/media.nix
+++ b/modules/programs/media.nix
@@ -1,4 +1,12 @@
 { config, pkgs, lib, sensitive, ... }:
+
+with lib;
+
+let
+    user = "media";
+    group = "media";
+    directory = "/var/media";
+in
 {
   imports = [
     ../common/qbittorrent.nix
@@ -14,43 +22,60 @@
 
   users = {
     groups = {
-      "jellyfin" = {};
+      ${group} = {};
     };
     users = {
-      "sonarr".extraGroups = [ "jellyfin" ];
-      "radarr".extraGroups = [ "jellyfin" ];
+      ${user} = {
+        isSystemUser = true;
+        group = group;
+      }
     };
   };
 
+  system.activationScripts.var = mkForce ''
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/series
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/movies
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/qbittorrent
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/sabnzbd
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/reiverr/config
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/downloads/incomplete
+    install -d -m 0755 -o ${user} -g ${group} ${directory}/downloads/done
+  '';
+
   services = {
     jellyfin = {
       enable = true;
       openFirewall = true;
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
     radarr = {
       enable = true;
       openFirewall = true;
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
     sonarr = {
       enable = true;
       openFirewall = true;
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
     bazarr = {
       enable = true;
       openFirewall = true;
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
     lidarr = {
       enable = true;
       openFirewall = true;
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
     jellyseerr = {
@@ -66,46 +91,41 @@
     qbittorrent = {
       enable = true;
       openFirewall = true;
-      dataDir = "/var/media/qbittorrent";
-      port = 58080;
+      dataDir = "${directory}/qbittorrent";
+      port = 5000;
 
-      user = "qbittorrent";
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
     sabnzbd = {
       enable = true;
       openFirewall = true;
-      configFile = "/var/media/sabnzbd/config.ini";
+      configFile = "${directory}/sabnzbd/config.ini";
+      port = 5001;
 
-      user = "sabnzbd";
-      group = "jellyfin";
+      user = user;
+      group = group;
     };
 
-#    authelia = {
-#      enable = true;
-#    };
-    
     caddy = {
       enable = true;
       virtualHosts = {
-#        "movies.kruining.eu".extraConfig = ''
-#          reverse_proxy http://127.0.0.1:8989
-#        '';
-#        "series.kruining.eu".extraConfig = ''
-#          reverse_proxy http://127.0.0.1:7878
-#        '';
-        "http://media.kruining.eu".extraConfig = ''
-          basicauth {
-            chris $2a$12$JrsmxrEJj2wLMdcFmEHbWeMJF9gWH/fnE/1Zv67cKvBtq4E4xsSEe
-          }
+        "media.kruining.eu".extraConfig = ''
+          #basicauth {
+          #  chris $2a$12$JrsmxrEJj2wLMdcFmEHbWeMJF9gWH/fnE/1Zv67cKvBtq4E4xsSEe
+          #}
           reverse_proxy http://127.0.0.1:9494
+          tls internal
         '';
-        "https://media.kruining.eu".extraConfig = ''
+        "cloud.kruining.eu".extraConfig = ''
           basicauth {
             chris $2a$12$JrsmxrEJj2wLMdcFmEHbWeMJF9gWH/fnE/1Zv67cKvBtq4E4xsSEe
           }
-          reverse_proxy http://127.0.0.1:9494
+          php_fastcgi unix//run/phpfpm/nextcloud.sock {
+            env front_controller_active true
+          }
+          tls internal
         '';
       };
     };
@@ -129,32 +149,17 @@
           autoStart = true;
           ports = [ "127.0.0.1:8191:8191" ];
         };
-        
-        homarr = {
-          image = "ghcr.io/ajnart/homarr:latest";
-          autoStart = true;
-          ports = [ "127.0.0.1:7575:7575" ];
-        };
 
         reiverr = {
-          image = "ghcr.io/aleksilassila/reiverr:v2.0.0-alpha.5";
+          image = "ghcr.io/aleksilassila/reiverr:v2.0.0-alpha.6";
           autoStart = true;
           ports = [ "127.0.0.1:9494:9494" ];
-          volumes = [ "/var/media/reiverr/config:/config" ];
+          volumes = [ "${directory}/reiverr/config:/config" ];
         };
       };
     };
   };
 
-  # Config file for nabnzbd
-#  environment.etc."nabnzbd.ini" = {
-#    mode = "0775"
-#    text = ''
-#      host = 127.0.0.1
-#      port = 9595
-#    '';
-#  };
-
   # Open firewall for caddy
   networking.firewall.allowedTCPPorts = [ 80 443 ];
 
diff --git a/modules/programs/shell.nix b/modules/programs/shell.nix
index 111ab4e..cd8a254 100644
--- a/modules/programs/shell.nix
+++ b/modules/programs/shell.nix
@@ -12,6 +12,7 @@
     zed-editor
     corepack_22
     bun
+    nano
   ];
 
   users.defaultUserShell = pkgs.zsh;
@@ -31,8 +32,22 @@
       (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; })
     ];
   };
-  
+
   programs.zsh.enable = true;
   programs.starship.enable = true;
-}
 
+  programs.nano = {
+    enable = true;
+    syntaxHighlight = true;
+    nanorc = ''
+      set autoindent
+      set jumpyscrolling
+      set linenumbers
+      set mouse
+      set saveonexit
+      set smarthome
+      set tabstospaces
+      set tabsize 2
+    '';
+  };
+}
diff --git a/modules/programs/shell/rust.nix b/modules/programs/shell/rust.nix
index a12e7e0..7475f15 100644
--- a/modules/programs/shell/rust.nix
+++ b/modules/programs/shell/rust.nix
@@ -2,7 +2,6 @@
 let
   overrides = (builtins.fromTOML (builtins.readFile ./rust-toolchain.toml));
   libPath = with pkgs; lib.makeLibraryPath [];
-
 in
 {
   pkgs.mkShell rec {
diff --git a/ssh/server b/ssh/server
deleted file mode 100644
index 59cc1ce..0000000
--- a/ssh/server
+++ /dev/null
@@ -1,7 +0,0 @@
------BEGIN OPENSSH PRIVATE KEY-----
-b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
-QyNTUxOQAAACC3ZNPLQnZnaEFOhHgOfWZz6blXsxQZSZl1T4ZFJn3gWwAAAJDtFyAB7Rcg
-AQAAAAtzc2gtZWQyNTUxOQAAACC3ZNPLQnZnaEFOhHgOfWZz6blXsxQZSZl1T4ZFJn3gWw
-AAAEDi4rTcY08810d2512b6IN9/O5618CfabqoG22OyF/HIbdk08tCdmdoQU6EeA59ZnPp
-uVezFBlJmXVPhkUmfeBbAAAADXJvb3RAY2hyaXMtcGM=
------END OPENSSH PRIVATE KEY-----
diff --git a/ssh/server.pub b/ssh/server.pub
deleted file mode 100644
index 82ec806..0000000
--- a/ssh/server.pub
+++ /dev/null
@@ -1 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdk08tCdmdoQU6EeA59ZnPpuVezFBlJmXVPhkUmfeBb root@chris-pc
diff --git a/systems/x86_64-linux/hostname/default.nix b/systems/x86_64-linux/hostname/default.nix
deleted file mode 100644
index e69de29..0000000
diff --git a/systems/x86_64-linux/hostname/hardware-config.nix b/systems/x86_64-linux/hostname/hardware-config.nix
deleted file mode 100644
index e69de29..0000000