diff --git a/.just/machine.just b/.just/machine.just index 3cb4587..420197a 100644 --- a/.just/machine.just +++ b/.just/machine.just @@ -11,10 +11,4 @@ cd .. && just vars _check {{ machine }} echo "" just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')" - nixos-rebuild switch -L --sudo --target-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json - -[doc('Check if target machine builds')] -[no-exit-message] -@check machine: - just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')" - nix build ..#nixosConfigurations.{{ machine }}.config.system.build.toplevel + nixos-rebuild switch -L --sudo --target-host {{ machine }} --build-host {{ machine }} --flake ..#{{ machine }} --log-format internal-json -v |& nom --json diff --git a/modules/nixos/services/media/glance/default.nix b/modules/nixos/services/media/glance/default.nix index b042297..ec6e851 100644 --- a/modules/nixos/services/media/glance/default.nix +++ b/modules/nixos/services/media/glance/default.nix @@ -15,7 +15,7 @@ in { config = mkIf cfg.enable { ${namespace}.services.networking.caddy.hosts = { "https://${config.networking.hostName}:443" = '' - reverse_proxy http://[::1]:2000 + reverse_proxy http://[::]:2000 ''; }; diff --git a/modules/nixos/services/media/servarr/default.nix b/modules/nixos/services/media/servarr/default.nix index c7a066c..6953421 100644 --- a/modules/nixos/services/media/servarr/default.nix +++ b/modules/nixos/services/media/servarr/default.nix @@ -80,7 +80,18 @@ in { enable = true; openFirewall = true; webuiPort = 2008; - serverConfig = lib.mkForce {}; + + serverConfig = { + LegalNotice.Accepted = true; + + Prefecences.WebUI = { + AlternativeUIEnabled = true; + RootFolder = "''${pkgs.vuetorrent}/share/vuetorrent"; + + Username = "admin"; + Password_PBKDF2 = "@ByteArray(Yhyk8fzgSHuKcgcmIxhYzg==:9njltqI5znb98+n+eOqUvpe4xYj6Dcub994o2fe9kpTa1fczMdHf/fNoifLaGmEf69xkTNSztEuh6BqcR4/CbQ==)"; #config.sops.secrets."qbittorrent/password_hash".path; + }; + }; user = "qbittorrent"; group = "media"; @@ -99,9 +110,7 @@ in { settings = { misc = { - host = "0.0.0.0"; port = 2009; - host_whitelist = "${config.networking.hostName}"; download_dir = "/var/media/downloads/incomplete"; complete_dir = "/var/media/downloads/done"; @@ -237,7 +246,7 @@ in { host = "localhost"; api_key = lib.tfRef "var.sabnzbd_api_key"; url_base = "/"; - port = 2009; + port = 8080; }; }; } @@ -317,6 +326,77 @@ in { } ]; }; + + # "_1337x" = { + # enable = true; + + # app_profile_id = 1; + # priority = 1; + + # name = "1337x"; + # implementation = "Cardigann"; + # config_contract = "CardigannSettings"; + # protocol = "torrent"; + # tags = [1]; + + # fields = [ + # { + # name = "definitionFile"; + # text_value = "1337x"; + # } + # { + # name = "baseSettings.limitsUnit"; + # number_value = 0; + # } + # { + # name = "torrentBaseSettings.preferMagnetUrl"; + # bool_value = false; + # } + # { + # name = "disablesort"; + # bool_value = false; + # } + # { + # name = "sort"; + # number_value = 2; + # } + # { + # name = "type"; + # number_value = 1; + # } + # ]; + # }; + + # "nzbgeek" = { + # enable = true; + + # app_profile_id = 2; + # priority = 1; + + # name = "NZBgeek"; + # implementation = "Newznab"; + # config_contract = "NewznabSettings"; + # protocol = "usenet"; + + # fields = [ + # { + # name = "baseUrl"; + # text_value = "https://api.nzbgeek.info"; + # } + # { + # name = "apiPath"; + # text_value = "/api"; + # } + # { + # name = "apiKey"; + # text_value = "__TODO_API_KEY_SECRET__"; + # } + # { + # name = "baseSettings.limitsUnit"; + # number_value = 5; + # } + # ]; + # }; }; } ] @@ -345,7 +425,7 @@ in { # Sleep for a bit to give the service a chance to start up sleep 5s - if [ "$(systemctl is-active "${service}")" != "active" ]; then + if [ "$(systemctl is-active ${service})" != "active" ]; then echo "${service} is not running" exit 1 fi @@ -384,18 +464,6 @@ in { })) |> lib.mkMerge; - system.activationScripts.qbittorrent-config = { - deps = lib.optional (!config.sops.useSystemdActivation) "setupSecrets"; - # TODO: If sops-nix is switched to systemd activation, add a systemd unit - # for this install step that runs after sops-install-secrets.service, - # because this activation-script dependency only orders against setupSecrets. - text = '' - install -Dm0600 -o ${config.services.qbittorrent.user} -g ${config.services.qbittorrent.group} \ - ${config.sops.templates."qbittorrent/qBittorrent.conf".path} \ - ${config.services.qbittorrent.profileDir}/qBittorrent/config/qBittorrent.conf - ''; - }; - users = cfg |> lib.mapAttrsToList (service: {enable, ...}: (mkIf enable { @@ -464,22 +532,6 @@ in { sabnzbd_api_key = "${config.sops.placeholder."sabnzbd/apikey"}" ''; }; - "qbittorrent/qBittorrent.conf" = { - owner = "qbittorrent"; - group = "media"; - mode = "0600"; - restartUnits = ["qbittorrent.service"]; - content = '' - [LegalNotice] - Accepted=true - - [Preferences] - WebUI\AlternativeUIEnabled=true - WebUI\RootFolder=${pkgs.vuetorrent}/share/vuetorrent - WebUI\Username=admin - WebUI\Password_PBKDF2=${config.sops.placeholder."qbittorrent/password_hash"} - ''; - }; "sabnzbd/config.ini" = { owner = "sabnzbd"; group = "media"; diff --git a/systems/x86_64-linux/orome/default.nix b/systems/x86_64-linux/orome/default.nix index e155461..48e049b 100644 --- a/systems/x86_64-linux/orome/default.nix +++ b/systems/x86_64-linux/orome/default.nix @@ -1,22 +1,16 @@ -{pkgs, ...}: { +{ ... }: +{ imports = [ ./disks.nix ./hardware.nix ]; - environment.systemPackages = with pkgs; [ - azure-cli - github-copilot-cli - ]; - sneeuwvlok = { hardware.has = { bluetooth = true; audio = true; }; - authentication.himmelblau.enable = true; - application = { steam.enable = true; };