From 8d48aa19f45d621d0ce234c81d3c930cb5b05eb5 Mon Sep 17 00:00:00 2001 From: Azat Bahawi Date: Thu, 4 May 2023 01:04:59 +0300 Subject: 2023-05-04 --- lib/my.nix | 1 + modules/nixos/default.nix | 1 + modules/nixos/jackett.nix | 33 +++++++++++++++++++++++++++++++++ modules/nixos/nsd.nix | 1 + modules/nixos/openssh.nix | 2 -- modules/nixos/unbound.nix | 1 + nixosConfigurations/yavanna/default.nix | 4 +--- 7 files changed, 38 insertions(+), 5 deletions(-) create mode 100644 modules/nixos/jackett.nix diff --git a/lib/my.nix b/lib/my.nix index 77d3ea1..a7f65ec 100644 --- a/lib/my.nix +++ b/lib/my.nix @@ -219,6 +219,7 @@ with lib; }; domains = with my.domain; [ "flood.${shire}" + "jackett.${shire}" "lidarr.${shire}" ]; syncthing.id = "@SYNCTHING_ID@"; diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 3c4192d..3c6e61b 100644 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -22,6 +22,7 @@ _: { ./grafana.nix ./hydra.nix ./ipfs.nix + ./jackett.nix ./k3s.nix ./kde.nix ./libvirtd.nix diff --git a/modules/nixos/jackett.nix b/modules/nixos/jackett.nix new file mode 100644 index 0000000..f8e45ba --- /dev/null +++ b/modules/nixos/jackett.nix @@ -0,0 +1,33 @@ +{ + config, + lib, + ... +}: +with lib; let + cfg = config.nixfiles.modules.jackett; +in { + options.nixfiles.modules.jackett = { + enable = mkEnableOption "Jackett"; + + domain = mkOption { + description = "Domain name sans protocol scheme."; + type = with types; str; + default = "jackett.${config.networking.domain}"; + }; + }; + + config = mkIf cfg.enable { + ark.directories = ["/var/lib/jackett"]; + + nixfiles.modules.nginx = { + enable = true; + upstreams.jackett.servers."127.0.0.1:9117" = {}; + virtualHosts.${cfg.domain} = { + locations."/".proxyPass = "http://jackett"; + extraConfig = nginxInternalOnly; + }; + }; + + services.jackett.enable = true; + }; +} diff --git a/modules/nixos/nsd.nix b/modules/nixos/nsd.nix index 3659a7a..255c787 100644 --- a/modules/nixos/nsd.nix +++ b/modules/nixos/nsd.nix @@ -118,6 +118,7 @@ in { vaultwarden = manwe; flood = yavanna; + jackett = yavanna; lidarr = yavanna; }; } diff --git a/modules/nixos/openssh.nix b/modules/nixos/openssh.nix index 164f5bb..22e4b51 100644 --- a/modules/nixos/openssh.nix +++ b/modules/nixos/openssh.nix @@ -17,8 +17,6 @@ in { }; config = mkIf cfg.server.enable { - # authorized_keys is not added here because it only contains my SSH keys and - # all non-declarative ones are located in the home directory. ark.files = [ "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_ed25519_key.pub" diff --git a/modules/nixos/unbound.nix b/modules/nixos/unbound.nix index d24b79e..7805b02 100644 --- a/modules/nixos/unbound.nix +++ b/modules/nixos/unbound.nix @@ -133,6 +133,7 @@ in { localControlSocketPath = "/run/unbound/unbound.socket"; }; + # TODO Switch to https://github.com/letsencrypt/unbound_exporter. prometheus.exporters.unbound = { enable = true; listenAddress = mkDefault this.wireguard.ipv4.address; diff --git a/nixosConfigurations/yavanna/default.nix b/nixosConfigurations/yavanna/default.nix index ba298f8..da74c03 100644 --- a/nixosConfigurations/yavanna/default.nix +++ b/nixosConfigurations/yavanna/default.nix @@ -9,9 +9,7 @@ with lib; { rtorrent.enable = true; lidarr.enable = true; - - # Eats too much CPU to run unattended :( - # ipfs.enable = true; + jackett.enable = true; }; boot.loader.grub = { -- cgit v1.2.3