chayleaf/dotfiles
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

server: add jellyfin

Browse source
This commit is contained in:
chayleaf 2023-12-01 23:45:17 +07:00
parent 9e11d15be9
commit 767420bfd1
Signed by: chayleaf
GPG key ID: 78171AD46227E68E
3 changed files with 40 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
system/hosts/server/files.nix
View file

@ -84,7 +84,10 @@ in {
services.qbittorrent-nox.ui.port = 19642; services.qbittorrent-nox.ui.port = 19642;
services.qbittorrent-nox.torrent.port = 45522; services.qbittorrent-nox.torrent.port = 45522;
services.nginx.virtualHosts."home.${cfg.domainName}".locations."/torrent/" = { services.jellyfin.enable = true;
services.nginx.virtualHosts."home.${cfg.domainName}".locations = {
"/torrent/" = {
extraConfig = '' extraConfig = ''
proxy_pass http://127.0.0.1:${toString config.services.qbittorrent-nox.ui.port}/; proxy_pass http://127.0.0.1:${toString config.services.qbittorrent-nox.ui.port}/;
proxy_http_version 1.1; proxy_http_version 1.1;
@ -95,7 +98,9 @@ in {
proxy_cookie_path / "/; Secure"; proxy_cookie_path / "/; Secure";
''; '';
}; };
"/jelly/" = {
services.jellyfin.enable = true; proxyPass = "http://127.0.0.1:8096";
services.jellyfin.openFirewall = true; proxyWebsockets = true;
};
};
} }

2
system/modules/impermanence.nix
View file

@ -91,6 +91,8 @@ in {
{ directory = /var/lib/heisenbridge; user = "heisenbridge"; group = "heisenbridge"; mode = "0755"; } { directory = /var/lib/heisenbridge; user = "heisenbridge"; group = "heisenbridge"; mode = "0755"; }
] ++ lib.optionals config.services.hydra.enable [ ] ++ lib.optionals config.services.hydra.enable [
{ directory = /var/lib/hydra; user = "hydra"; group = "hydra"; mode = "0755"; } { directory = /var/lib/hydra; user = "hydra"; group = "hydra"; mode = "0755"; }
] ++ lib.optionals config.services.jellyfin.enable [
{ directory = /var/lib/jellyfin; user = "jellyfin"; group = "jellyfin"; mode = "0750"; }
] ++ lib.optionals config.services.matrix-synapse.enable [ ] ++ lib.optionals config.services.matrix-synapse.enable [
{ directory = /var/lib/matrix-synapse; user = "matrix-synapse"; group = "matrix-synapse"; mode = "0700"; } { directory = /var/lib/matrix-synapse; user = "matrix-synapse"; group = "matrix-synapse"; mode = "0700"; }
] ++ lib.optionals config.services.maubot.enable [ ] ++ lib.optionals config.services.maubot.enable [

31
system/modules/qbittorrent.nix
View file

@ -1,11 +1,17 @@
{ config, lib, pkgs, ... }: { config
, lib
, pkgs
, ...
}:
let let
cfg = config.services.qbittorrent-nox; cfg = config.services.qbittorrent-nox;
in { in {
options.services.qbittorrent-nox = { options.services.qbittorrent-nox = {
enable = lib.mkEnableOption "qbittorrent-nox"; enable = lib.mkEnableOption "qbittorrent-nox";
package = lib.mkPackageOptionMD pkgs "qbittorrent-nox" { }; package = lib.mkPackageOptionMD pkgs "qbittorrent-nox" { };
ui.addToFirewall = lib.mkOption { ui.addToFirewall = lib.mkOption {
description = "Add the web UI port to firewall"; description = "Add the web UI port to firewall";
type = lib.types.bool; type = lib.types.bool;
@ -16,6 +22,7 @@ in {
type = lib.types.port; type = lib.types.port;
default = 8080; default = 8080;
}; };
torrent.addToFirewall = lib.mkOption { torrent.addToFirewall = lib.mkOption {
description = "Add the torrenting port to firewall"; description = "Add the torrenting port to firewall";
type = lib.types.bool; type = lib.types.bool;
@ -27,35 +34,37 @@ in {
default = null; default = null;
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = networking.firewall.allowedTCPPorts =
lib.optional (cfg.torrent.addToFirewall && cfg.torrent.port != null) cfg.torrent.port lib.optional (cfg.torrent.addToFirewall && cfg.torrent.port != null) cfg.torrent.port
++ lib.optional (cfg.ui.addToFirewall && cfg.ui.port != null) cfg.ui.port; ++ lib.optional cfg.ui.addToFirewall cfg.ui.port;
networking.firewall.allowedUDPPorts = networking.firewall.allowedUDPPorts =
lib.optional (cfg.torrent.addToFirewall && cfg.torrent.port != null) cfg.torrent.port; lib.optional (cfg.torrent.addToFirewall && cfg.torrent.port != null) cfg.torrent.port;
# users.users.qbittorrent-nox = {
# isSystemUser = true; users.users.qbittorrent-nox = {
# group = "qbittorrent-nox"; isSystemUser = true;
# home = "/var/lib/qbittorrent-nox"; group = "qbittorrent-nox";
# }; home = "/var/lib/qbittorrent-nox";
# groups.groups.qbittorrent-nox = { }; };
users.groups.qbittorrent-nox = { };
systemd.services.qbittorrent-nox = { systemd.services.qbittorrent-nox = {
description = "qBittorrent-nox service"; description = "qBittorrent-nox service";
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
after = [ "local-fs.target" "network-online.target" "nss-lookup.target" ]; after = [ "local-fs.target" "network-online.target" "nss-lookup.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
unitConfig.Documentation = "man:qbittorrent-nox(1)"; unitConfig.Documentation = "man:qbittorrent-nox(1)";
# required for reverse proxying
preStart = '' preStart = ''
if [[ ! -f /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf ]]; then if [[ ! -f /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf ]]; then
mkdir -p /var/lib/qbittorrent-nox/qBittorrent/config mkdir -p /var/lib/qbittorrent-nox/qBittorrent/config
echo "[Preferences]" > /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf echo "Preferences\WebUI\HostHeaderValidation=false" >> /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf
echo "WebUI\UseUPnP=false" > /var/lib/qbittorrent-nox/qBittorrent/config/qBittorrent.conf
fi fi
''; '';
serviceConfig = { serviceConfig = {
User = "qbittorrent-nox"; User = "qbittorrent-nox";
Group = "qbittorrent-nox"; Group = "qbittorrent-nox";
DynamicUser = true;
StateDirectory = "qbittorrent-nox"; StateDirectory = "qbittorrent-nox";
WorkingDirectory = "/var/lib/qbittorrent-nox"; WorkingDirectory = "/var/lib/qbittorrent-nox";
ExecStart = '' ExecStart = ''