marty/config.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of https://git.marty.tf/marty/config.nix

Browse source
This commit is contained in:
marty 2026-05-14 09:31:47 +02:00
commit dd45dd6380
7 changed files with 132 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

5
hosts/marty-server/options.nix
View file

@ -152,10 +152,5 @@
}; };
}; };
}; };
server = {
synapse = {
subdomain = "yap";
};
};
}; };
} }

63
modules/device/server.nix
View file

@ -6,5 +6,66 @@
}: }:
{ {
config = { }; config = {
server = {
arr = {
enable = true;
};
cloud = {
immich = {
enable = true;
public = true;
};
nextcloud = {
enable = true;
public = true;
};
};
media = {
jellyfin = {
enable = true;
public = false;
};
jellyseer = {
enable = true;
public = false;
};
kavita = {
enable = true;
public = false;
};
navidrome = {
enable = true;
public = false;
};
};
misc = {
dawarich = {
enable = true;
public = false;
};
forgejo = {
enable = true;
public = true;
};
lauti = {
enable = true;
public = true;
};
vaultwarden = {
enable = true;
public = true;
};
};
social = {
gotosocial = {
enable = true;
public = true;
};
synapse = {
enable = true;
};
};
};
};
} }

1
modules/server/media/default.nix
View file

@ -8,6 +8,7 @@
{ {
imports = [ imports = [
./jellyfin.nix ./jellyfin.nix
./kavita.nix
./navidrome.nix ./navidrome.nix
]; ];
} }

22
modules/server/media/jellyfin.nix
View file

@ -6,9 +6,9 @@
}: }:
{ {
options.server = { options.server.media = {
jellyfin = { jellyfin = {
enable = lib.mkEnableOption "enable jelyfin"; enable = lib.mkEnableOption "enable jellyfin";
port = lib.mkOption { port = lib.mkOption {
default = 8096; default = 8096;
description = "set jellyfin port"; description = "set jellyfin port";
@ -36,7 +36,7 @@
environment.systemPackages = environment.systemPackages =
[ ] [ ]
++ ( ++ (
if config.server.jellyfin.enable then if config.server.media.jellyfin.enable then
[ [
pkgs.jellyfin pkgs.jellyfin
pkgs.jellyfin-web pkgs.jellyfin-web
@ -46,30 +46,30 @@
[ ] [ ]
); );
services = { services = {
jellyfin = lib.mkIf config.server.jellyfin.enable { jellyfin = lib.mkIf config.server.media.jellyfin.enable {
enable = true; enable = true;
}; };
seerr = lib.mkIf config.server.jellyseer.enable { seerr = lib.mkIf config.server.media.jellyseer.enable {
enable = true; enable = true;
}; };
nginx.virtualHosts = { nginx.virtualHosts = {
"${config.server.jellyfin.subdomain}.${config.networking.domain}" = "${config.server.media.jellyfin.subdomain}.${config.networking.domain}" =
lib.mkIf config.server.jellyfin.public lib.mkIf config.server.media.jellyfin.public
{ {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${config.server.jellyfin.port}"; proxyPass = "http://127.0.0.1:${config.server.media.jellyfin.port}";
}; };
}; };
"${config.server.jellyseer.subdomain}.${config.networking.domain}" = "${config.server.media.jellyseer.subdomain}.${config.networking.domain}" =
lib.mkIf config.server.jellyfin.public lib.mkIf config.server.media.jellyseer.public
{ {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${config.server.jellyseer.port}"; proxyPass = "http://127.0.0.1:${config.server.media.jellyseer.port}";
}; };
}; };
}; };

49
modules/server/media/kavita.nix Normal file
View file

@ -0,0 +1,49 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.media.kavita = {
enable = lib.mkEnableOption "enable kavita";
port = lib.mkOption {
default = 3812;
description = "kavita port";
};
public = lib.mkEnableOption "make kavita public";
subdomain = lib.mkOption {
default = "books";
description = "kavita subdomain";
};
};
};
config = {
services = {
kavita = {
enable = config.server.media.kavita.enable;
user = config.user.userName;
settings = {
Port = config.server.media.kavita.port;
};
};
nginx = {
virtualHosts = {
"${config.server.media.kavita.subdomain}.${config.networking.domain}" =
if config.server.media.kavita.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.media.kavita.port}";
};
}
else
{ };
};
};
};
};
}

10
modules/server/misc/lauti.nix
View file

@ -4,9 +4,7 @@
pkgs, pkgs,
... ...
}: }:
let
domain = "${config.server.misc.lauti.subdomain}.${config.networking.domain}";
in
{ {
options = { options = {
server.misc.lauti = { server.misc.lauti = {
@ -17,7 +15,7 @@ in
}; };
public = lib.mkEnableOption "make lauti public"; public = lib.mkEnableOption "make lauti public";
domain = lib.mkOption { domain = lib.mkOption {
default = ""; default = "calendar";
description = "lauti domain"; description = "lauti domain";
}; };
subdomain = lib.mkOption { subdomain = lib.mkOption {
@ -32,7 +30,7 @@ in
enable = config.server.misc.lauti.enable; enable = config.server.misc.lauti.enable;
settings = { settings = {
LAUTI_ADMIN_EMAIL = "lauti@${config.networking.domain}"; LAUTI_ADMIN_EMAIL = "lauti@${config.networking.domain}";
LAUTI_BASE_URL = "https://${domain}"; LAUTI_BASE_URL = "https://${config.server.misc.lauti.subdomain}.${config.networking.domain}";
LAUTI_OSM_TILE_CACHE_DIR = "/var/lib/lauti/osm"; LAUTI_OSM_TILE_CACHE_DIR = "/var/lib/lauti/osm";
LAUTI_OSM_TILE_SERVER = "https://tile.openstreetmap.org/{z}/{x}/{y}.png"; LAUTI_OSM_TILE_SERVER = "https://tile.openstreetmap.org/{z}/{x}/{y}.png";
LAUTI_TIMEZONE = "Europe/Berlin"; LAUTI_TIMEZONE = "Europe/Berlin";
@ -42,7 +40,7 @@ in
}; };
nginx = { nginx = {
virtualHosts = { virtualHosts = {
"${domain}" = "${config.server.misc.lauti.subdomain}.${config.networking.domain}" =
if config.server.misc.lauti.public then if config.server.misc.lauti.public then
{ {
enableACME = true; enableACME = true;

10
modules/server/social/synapse.nix
View file

@ -19,7 +19,7 @@ in
{ {
options = { options = {
server.synapse = { server.social.synapse = {
enable = lib.mkEnableOption "enable synapse"; enable = lib.mkEnableOption "enable synapse";
subdomain = lib.mkOption { subdomain = lib.mkOption {
default = "yap"; default = "yap";
@ -33,7 +33,7 @@ in
}; };
config = { config = {
services = services =
if config.server.synapse.enable then if config.server.social.synapse.enable then
{ {
postgresql.enable = true; postgresql.enable = true;
matrix-synapse = { matrix-synapse = {
@ -68,7 +68,7 @@ in
}; };
listeners = [ listeners = [
{ {
port = config.server.synapse.port; port = config.server.social.synapse.port;
bind_addresses = [ "127.0.0.1" ]; bind_addresses = [ "127.0.0.1" ];
type = "http"; type = "http";
tls = false; tls = false;
@ -94,12 +94,12 @@ in
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
}; };
"${config.server.synapse.subdomain}.${config.networking.domain}" = { "${config.server.social.synapse.subdomain}.${config.networking.domain}" = {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations = { locations = {
"~ ^(/_matrix|/_synapse/client|/)" = { "~ ^(/_matrix|/_synapse/client|/)" = {
proxyPass = "http://127.0.0.1:${toString config.server.synapse.port}"; proxyPass = "http://127.0.0.1:${toString config.server.social.synapse.port}";
proxyWebsockets = true; proxyWebsockets = true;
extraConfig = extraConfig =
"proxy_set_header X-Forwarded-For $remote_addr;" "proxy_set_header X-Forwarded-For $remote_addr;"