diff --git a/common/server/dashy.nix b/common/server/dashy.nix new file mode 100644 index 0000000..2e29af8 --- /dev/null +++ b/common/server/dashy.nix @@ -0,0 +1,53 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.dashy; +in +{ + options.services.dashy = { + enable = mkEnableOption "dashy"; + imageTag = mkOption { + type = types.str; + default = "latest"; + }; + port = mkOption { + type = types.int; + default = 56815; + }; + configFile = lib.mkOption { + type = lib.types.path; + description = "Path to the YAML configuration file"; + }; + }; + + config = mkIf cfg.enable { + virtualisation.oci-containers.containers = { + dashy = { + image = "lissy93/dashy:${cfg.imageTag}"; + environment = { + TZ = "${config.time.timeZone}"; + }; + ports = [ + "127.0.0.1:${toString cfg.port}:80" + ]; + volumes = [ + "${cfg.configFile}:/app/public/conf.yml" + ]; + }; + }; + + services.nginx.enable = true; + services.nginx.virtualHosts."s0.koi-bebop.ts.net" = { + default = true; + addSSL = true; + serverAliases = [ "s0" ]; + sslCertificate = "/secret/ssl/s0.koi-bebop.ts.net.crt"; + sslCertificateKey = "/secret/ssl/s0.koi-bebop.ts.net.key"; + locations."/" = { + proxyPass = "http://localhost:${toString cfg.port}"; + }; + }; + }; +} diff --git a/common/server/default.nix b/common/server/default.nix index 840f835..9c84c5b 100644 --- a/common/server/default.nix +++ b/common/server/default.nix @@ -19,5 +19,6 @@ ./iodine.nix ./searx.nix ./gitea-actions-runner.nix + ./dashy.nix ]; } diff --git a/machines/storage/s0/dashy.yaml b/machines/storage/s0/dashy.yaml new file mode 100644 index 0000000..dc11ec6 --- /dev/null +++ b/machines/storage/s0/dashy.yaml @@ -0,0 +1,249 @@ +appConfig: + theme: vaporware + customColors: + material-dark-original: + primary: '#f36558' + background: '#39434C' + background-darker: '#eb615c' + material-light: '#f36558' + item-text-color: '#ff948a' + curve-factor: 5px + enableErrorReporting: false + layout: auto + iconSize: large + language: en + startingView: default + defaultOpeningMethod: sametab + statusCheck: true + statusCheckInterval: 20 + faviconApi: faviconkit + routingMode: history + enableMultiTasking: false + webSearch: + disableWebSearch: false + searchEngine: duckduckgo + openingMethod: sametab + searchBangs: {} + enableFontAwesome: true + cssThemes: [] + externalStyleSheet: [] + hideComponents: + hideHeading: false + hideNav: false + hideSearch: false + hideSettings: false + hideFooter: false + hideSplashScreen: false + auth: + enableGuestAccess: false + users: [] + enableKeycloak: false + keycloak: {} + allowConfigEdit: true + enableServiceWorker: false + disableContextMenu: false + disableUpdateChecks: false + disableSmartSort: false +pageInfo: + title: s0 + description: s0 +sections: + - name: Media & Entertainment + icon: fas fa-photo-video + displayData: + sortBy: most-used + cols: 1 + rows: 1 + collapsed: false + hideForGuests: false + items: + - &ref_0 + title: Jellyfin + icon: hl-jellyfin + url: http://s0:8097 + target: sametab + statusCheck: true + statusCheckUrl: http://jellyfin.s0 + id: 0_1956_jellyfin + - &ref_1 + title: Sonarr + description: Manage TV + icon: hl-sonarr + url: http://s0:8989 + target: sametab + statusCheck: true + statusCheckUrl: http://sonarr.s0 + id: 1_1956_sonarr + - &ref_2 + title: Radarr + description: Manage Movies + icon: hl-radarr + url: http://s0:7878 + target: sametab + statusCheck: true + statusCheckUrl: http://radarr.s0 + id: 2_1956_radarr + - &ref_3 + title: Lidarr + description: Manage Music + icon: hl-lidarr + url: http://s0:8686 + target: sametab + statusCheck: true + statusCheckUrl: http://lidarr.s0 + id: 3_1956_lidarr + - &ref_4 + title: Prowlarr + description: Indexers + icon: hl-prowlarr + url: http://prowlarr.s0 + target: sametab + statusCheck: true + statusCheckUrl: http://prowlarr.s0 + id: 4_1956_prowlarr + - &ref_5 + title: Bazarr + description: Subtitles + icon: hl-bazarr + url: http://s0:6767 + target: sametab + statusCheck: true + statusCheckUrl: http://bazarr.s0 + id: 5_1956_bazarr + - &ref_6 + title: Navidrome + description: Play Music + icon: hl-navidrome + url: http://s0:4534 + target: sametab + statusCheck: true + statusCheckUrl: http://music.s0 + id: 6_1956_navidrome + - &ref_7 + title: Transmission + description: Torrenting + icon: hl-transmission + url: http://s0:9091 + target: sametab + statusCheck: true + statusCheckUrl: http://transmission.s0 + id: 7_1956_transmission + filteredItems: + - *ref_0 + - *ref_1 + - *ref_2 + - *ref_3 + - *ref_4 + - *ref_5 + - *ref_6 + - *ref_7 + - name: Network + icon: fas fa-network-wired + items: + - &ref_8 + title: Gateway + description: openwrt + icon: hl-openwrt + url: http://openwrt.lan/ + target: sametab + statusCheck: true + id: 0_746_gateway + - &ref_9 + title: Wireless + description: openwrt (ish) + icon: hl-openwrt + url: http://PacketProvocateur.lan + target: sametab + statusCheck: true + id: 1_746_wireless + filteredItems: + - *ref_8 + - *ref_9 + displayData: + sortBy: default + rows: 1 + cols: 1 + collapsed: false + hideForGuests: false + - name: Services + icon: fas fa-monitor-heart-rate + items: + - &ref_10 + title: Matrix + description: '' + icon: hl-matrix + url: https://chat.neet.space + target: sametab + statusCheck: true + id: 0_836_matrix + - &ref_11 + title: Radio + description: Radio service + icon: generative + url: https://radio.runyan.org + target: sametab + statusCheck: true + id: 1_836_radio + - &ref_12 + title: Mumble + description: voice.neet.space + icon: hl-mumble + url: https://voice.neet.space + target: sametab + statusCheck: false + id: 2_836_mumble + - &ref_13 + title: IRC + description: irc.neet.dev + icon: hl-thelounge + url: https://irc.neet.dev + target: sametab + statusCheck: true + id: 3_836_irc + - &ref_14 + title: Git + description: git.neet.dev + icon: hl-gitea + url: https://git.neet.dev + target: sametab + statusCheck: true + id: 4_836_git + - &ref_15 + title: Nextcloud + description: neet.cloud + icon: hl-nextcloud + url: https://neet.cloud + target: sametab + statusCheck: true + id: 5_836_nextcloud + - &ref_16 + title: Roundcube + description: mail.neet.dev + icon: hl-roundcube + url: https://mail.neet.dev + target: sametab + statusCheck: true + id: 6_836_roundcube + - &ref_17 + title: Jitsi Meet + description: meet.neet.space + icon: hl-jitsimeet + url: https://meet.neet.space + target: sametab + statusCheck: true + id: 7_836_jitsimeet + filteredItems: + - *ref_10 + - *ref_11 + - *ref_12 + - *ref_13 + - *ref_14 + - *ref_15 + - *ref_16 + - *ref_17 + displayData: + sortBy: default + rows: 1 + cols: 1 + collapsed: false + hideForGuests: false diff --git a/machines/storage/s0/default.nix b/machines/storage/s0/default.nix index e2ffdda..f53799b 100644 --- a/machines/storage/s0/default.nix +++ b/machines/storage/s0/default.nix @@ -39,9 +39,6 @@ # samba services.samba.enable = true; - # disable suspend on lid close - services.logind.lidSwitch = "ignore"; - # navidrome services.navidrome = { enable = true; @@ -51,7 +48,6 @@ MusicFolder = "/data/samba/Public/Media/Music"; }; }; - networking.firewall.allowedTCPPorts = [ config.services.navidrome.settings.Port ]; # allow access to transmisson data users.users.googlebot.extraGroups = [ "transmission" ]; @@ -163,22 +159,64 @@ # nginx services.nginx.enable = true; - services.nginx.virtualHosts."bazarr.s0".locations."/".proxyPass = "http://vpn.containers:6767"; - services.nginx.virtualHosts."radarr.s0".locations."/".proxyPass = "http://vpn.containers:7878"; - services.nginx.virtualHosts."lidarr.s0".locations."/".proxyPass = "http://vpn.containers:8686"; - services.nginx.virtualHosts."sonarr.s0".locations."/".proxyPass = "http://vpn.containers:8989"; - services.nginx.virtualHosts."prowlarr.s0".locations."/".proxyPass = "http://vpn.containers:9696"; - services.nginx.virtualHosts."music.s0".locations."/".proxyPass = "http://localhost:4533"; - services.nginx.virtualHosts."jellyfin.s0".locations."/" = { - proxyPass = "http://localhost:8096"; - proxyWebsockets = true; + services.nginx.virtualHosts."bazarr.s0" = { + listen = [{ addr = "0.0.0.0"; port = 6767; } { addr = "0.0.0.0"; port = 80; }]; + locations."/".proxyPass = "http://vpn.containers:6767"; + }; + services.nginx.virtualHosts."radarr.s0" = { + listen = [{ addr = "0.0.0.0"; port = 7878; } { addr = "0.0.0.0"; port = 80; }]; + locations."/".proxyPass = "http://vpn.containers:7878"; + }; + services.nginx.virtualHosts."lidarr.s0" = { + listen = [{ addr = "0.0.0.0"; port = 8686; } { addr = "0.0.0.0"; port = 80; }]; + locations."/".proxyPass = "http://vpn.containers:8686"; + }; + services.nginx.virtualHosts."sonarr.s0" = { + listen = [{ addr = "0.0.0.0"; port = 8989; } { addr = "0.0.0.0"; port = 80; }]; + locations."/".proxyPass = "http://vpn.containers:8989"; + }; + services.nginx.virtualHosts."prowlarr.s0" = { + listen = [{ addr = "0.0.0.0"; port = 9696; } { addr = "0.0.0.0"; port = 80; }]; + locations."/".proxyPass = "http://vpn.containers:9696"; + }; + services.nginx.virtualHosts."music.s0" = { + listen = [{ addr = "0.0.0.0"; port = 4534; } { addr = "0.0.0.0"; port = 80; }]; + locations."/".proxyPass = "http://localhost:4533"; + }; + services.nginx.virtualHosts."jellyfin.s0" = { + listen = [{ addr = "0.0.0.0"; port = 8097; } { addr = "0.0.0.0"; port = 80; }]; + locations."/" = { + proxyPass = "http://localhost:8096"; + proxyWebsockets = true; + }; }; services.nginx.virtualHosts."jellyfin.neet.cloud".locations."/" = { proxyPass = "http://localhost:8096"; proxyWebsockets = true; }; - services.nginx.virtualHosts."transmission.s0".locations."/" = { - proxyPass = "http://vpn.containers:9091"; - proxyWebsockets = true; + services.nginx.virtualHosts."transmission.s0" = { + listen = [{ addr = "0.0.0.0"; port = 9091; } { addr = "0.0.0.0"; port = 80; }]; + locations."/" = { + proxyPass = "http://vpn.containers:9091"; + proxyWebsockets = true; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 6767 + 7878 + 8686 + 8989 + 9696 + 4534 + 8097 + 9091 + ]; + + virtualisation.oci-containers.backend = "podman"; + virtualisation.podman.dockerSocket.enable = true; # TODO needed? + services.dashy = { + enable = true; + configFile = ./dashy.yaml; }; }