1 files changed, 116 insertions, 15 deletions
diff --git a/hosts/laurel/configuration.nix b/hosts/laurel/configuration.nix
index a40dafd..e824853 100644
--- a/hosts/laurel/configuration.nix
+++ b/hosts/laurel/configuration.nix
@@ -9,6 +9,8 @@
    [
      # Include the results of the hardware scan.
      ./hardware-configuration.nix
+      ./servarr.nix
+      ./media.nix
    ];
  # Use the systemd-boot EFI boot loader.
@@ -20,7 +22,7 @@
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
  networking.hostName = "laurel";
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedTCPPorts = [ 80 443 6197 ];
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_US.UTF-8";
@@ -31,9 +33,9 @@
  };
  # Enable sound.
-  sound.enable = true;
+  # sound.enable = true;
  hardware.pulseaudio.enable = true;
-  hardware.opengl = {
+  hardware.graphics = {
    enable = true;
    extraPackages = with pkgs; [
      intel-media-driver
@@ -44,15 +46,24 @@
    ];
  };
-  environment.systemPackages = with pkgs; [
+  environment.systemPackages = [
-    vim
+    pkgs.vim
-    wget
+    pkgs.wget
-    curl
+    pkgs.curl
+    pkgs.jellyfin
+    pkgs.jellyfin-web
+    pkgs.jellyfin-ffmpeg
+    pkgs.htop
+    pkgs.ripgrep
+    pkgs.git
  ];
  users.users.op = {
    isNormalUser = true;
-    extraGroups = [ "wheel" "tty" ];
+    extraGroups = [ "wheel" "tty" "syncthing" ];
    home = "/home/op";
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4oThdAy5wQtzCarxDPuzWX6ImYw0c1QfkF0+wZNE6o np@myrtle"
@@ -66,7 +77,7 @@
  };
  services.invidious = {
-    enable = true;
+    enable = false;
    port = 3333;
    domain = "tube.laurel";
    settings = {
@@ -103,27 +114,117 @@
    };
  };
-  services.podgrab = {
+  services.miniflux = {
    enable = true;
-    port = 3434;
+    adminCredentialsFile = "/etc/miniflux/admin";
+    config = {
+      FETCH_YOUTUBE_WATCH_TIME = 1;
+      PORT = 8383;
+      BASE_URL = "http://rss.laurel";
+    };
  };
-  services.nginx.virtualHosts."podcast.laurel" = {
+  services.nginx.virtualHosts."rss.laurel" = {
    listen = [{ port = 80; addr = "0.0.0.0"; }];
    locations."/" = {
-      proxyPass = "http://127.0.0.1:${builtins.toString config.services.podgrab.port}";
+      proxyPass = "http://127.0.0.1:${builtins.toString config.services.miniflux.config.PORT}";
-      proxyWebsockets = true;
    };
  };
  services.nginx.virtualHosts."oppi.li" = {
    listen = [{ port = 8282; addr = "0.0.0.0"; }];
-    root = "/home/op/site/docs";
+    root = "/www/site/docs";
    locations."/" = {
      tryFiles = "$uri $uri/ =404";
      index = "index.html";
    };
  };
+  services.matrix-conduit = {
+    enable = false;
+    settings = {
+      global = {
+        allow_encryption = true;
+        allow_federation = true;
+        allow_registration = false;
+        database_backend = "rocksdb";
+        server_name = "oppi.li";
+        address = "0.0.0.0";
+        port = 6197;
+        enable_lightning_bolt = false;
+      };
+    };
+  };
+  services.mautrix-whatsapp = {
+    enable = false;
+    settings = {
+      homeserver = {
+        address = "http://localhost:6197";
+        domain = "oppi.li";
+      };
+      appservice = { };
+      bridge = {
+        encryption = {
+          allow = true;
+          default = true;
+          require = true;
+        };
+        history_sync = {
+          request_full_sync = true;
+        };
+        mute_bridging = true;
+        permissions = {
+          "*" = "user";
+        };
+        private_chat_portal_meta = true;
+        provisioning = {
+          shared_secret = "disable";
+        };
+      };
+    };
+  };
+  services.radicale = {
+    enable = true;
+    settings = {
+      server.hosts = [ "0.0.0.0:5232" ];
+      auth = {
+        type = "htpasswd";
+        htpasswd_filename = "/etc/radicale/users";
+        htpasswd_encryption = "bcrypt";
+      };
+    };
+  };
+  services.nginx.virtualHosts."radicale.laurel" = {
+    listen = [{ port = 80; addr = "0.0.0.0"; }];
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:5232";
+    };
+  };
+  services.syncthing = {
+    enable = true;
+    dataDir = "/syncthing";
+  };
+  services.nginx.virtualHosts."sync.laurel" = {
+    listen = [{ port = 80; addr = "0.0.0.0"; }];
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:8384";
+    };
+  };
+  services.readit = {
+    enable = true;
+    port = 9495;
+  };
+  services.nginx.virtualHosts."read.laurel" = {
+    listen = [{ port = 80; addr = "0.0.0.0"; }];
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:9495";
+    };
+  };
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  # This option defines the first version of NixOS you have installed on this particular machine,

diff --git a/hosts/laurel/configuration.nix b/hosts/laurel/configuration.nix index a40dafd..e824853 100644 --- a/hosts/laurel/configuration.nix +++ b/hosts/laurel/configuration.nix
@@ -9,6 +9,8 @@
9	[	9	[
10	# Include the results of the hardware scan.	10	# Include the results of the hardware scan.
11	./hardware-configuration.nix	11	./hardware-configuration.nix
		12	./servarr.nix
		13	./media.nix
12	];	14	];
13		15
14	# Use the systemd-boot EFI boot loader.	16	# Use the systemd-boot EFI boot loader.
@@ -20,7 +22,7 @@
20	# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.	22	# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
21	# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.	23	# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
22	networking.hostName = "laurel";	24	networking.hostName = "laurel";
23	networking.firewall.allowedTCPPorts = [ 80 443 ];	25	networking.firewall.allowedTCPPorts = [ 80 443 6197 ];
24		26
25	time.timeZone = "Europe/London";	27	time.timeZone = "Europe/London";
26	i18n.defaultLocale = "en_US.UTF-8";	28	i18n.defaultLocale = "en_US.UTF-8";
@@ -31,9 +33,9 @@
31	};	33	};
32		34
33	# Enable sound.	35	# Enable sound.
34	sound.enable = true;	36	# sound.enable = true;
35	hardware.pulseaudio.enable = true;	37	hardware.pulseaudio.enable = true;
36	hardware.opengl = {	38	hardware.graphics = {
37	enable = true;	39	enable = true;
38	extraPackages = with pkgs; [	40	extraPackages = with pkgs; [
39	intel-media-driver	41	intel-media-driver
@@ -44,15 +46,24 @@
44	];	46	];
45	};	47	};
46		48
47	environment.systemPackages = with pkgs; [	49	environment.systemPackages = [
48	vim	50	pkgs.vim
49	wget	51	pkgs.wget
50	curl	52	pkgs.curl
		53
		54	pkgs.jellyfin
		55	pkgs.jellyfin-web
		56	pkgs.jellyfin-ffmpeg
		57
		58	pkgs.htop
		59	pkgs.ripgrep
		60	pkgs.git
		61
51	];	62	];
52		63
53	users.users.op = {	64	users.users.op = {
54	isNormalUser = true;	65	isNormalUser = true;
55	extraGroups = [ "wheel" "tty" ];	66	extraGroups = [ "wheel" "tty" "syncthing" ];
56	home = "/home/op";	67	home = "/home/op";
57	openssh.authorizedKeys.keys = [	68	openssh.authorizedKeys.keys = [
58	"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4oThdAy5wQtzCarxDPuzWX6ImYw0c1QfkF0+wZNE6o np@myrtle"	69	"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG4oThdAy5wQtzCarxDPuzWX6ImYw0c1QfkF0+wZNE6o np@myrtle"
@@ -66,7 +77,7 @@
66	};	77	};
67		78
68	services.invidious = {	79	services.invidious = {
69	enable = true;	80	enable = false;
70	port = 3333;	81	port = 3333;
71	domain = "tube.laurel";	82	domain = "tube.laurel";
72	settings = {	83	settings = {
@@ -103,27 +114,117 @@
103	};	114	};
104	};	115	};
105		116
106	services.podgrab = {	117	services.miniflux = {
107	enable = true;	118	enable = true;
108	port = 3434;	119	adminCredentialsFile = "/etc/miniflux/admin";
		120	config = {
		121	FETCH_YOUTUBE_WATCH_TIME = 1;
		122	PORT = 8383;
		123	BASE_URL = "http://rss.laurel";
		124	};
109	};	125	};
110	services.nginx.virtualHosts."podcast.laurel" = {	126	services.nginx.virtualHosts."rss.laurel" = {
111	listen = [{ port = 80; addr = "0.0.0.0"; }];	127	listen = [{ port = 80; addr = "0.0.0.0"; }];
112	locations."/" = {	128	locations."/" = {
113	proxyPass = "http://127.0.0.1:${builtins.toString config.services.podgrab.port}";	129	proxyPass = "http://127.0.0.1:${builtins.toString config.services.miniflux.config.PORT}";
114	proxyWebsockets = true;
115	};	130	};
116	};	131	};
117		132
118	services.nginx.virtualHosts."oppi.li" = {	133	services.nginx.virtualHosts."oppi.li" = {
119	listen = [{ port = 8282; addr = "0.0.0.0"; }];	134	listen = [{ port = 8282; addr = "0.0.0.0"; }];
120	root = "/home/op/site/docs";	135	root = "/www/site/docs";
121	locations."/" = {	136	locations."/" = {
122	tryFiles = "$uri $uri/ =404";	137	tryFiles = "$uri $uri/ =404";
123	index = "index.html";	138	index = "index.html";
124	};	139	};
125	};	140	};
126		141
		142	services.matrix-conduit = {
		143	enable = false;
		144	settings = {
		145	global = {
		146	allow_encryption = true;
		147	allow_federation = true;
		148	allow_registration = false;
		149	database_backend = "rocksdb";
		150	server_name = "oppi.li";
		151	address = "0.0.0.0";
		152	port = 6197;
		153	enable_lightning_bolt = false;
		154	};
		155	};
		156	};
		157	services.mautrix-whatsapp = {
		158	enable = false;
		159	settings = {
		160	homeserver = {
		161	address = "http://localhost:6197";
		162	domain = "oppi.li";
		163	};
		164	appservice = { };
		165	bridge = {
		166	encryption = {
		167	allow = true;
		168	default = true;
		169	require = true;
		170	};
		171	history_sync = {
		172	request_full_sync = true;
		173	};
		174	mute_bridging = true;
		175	permissions = {
		176	"*" = "user";
		177	};
		178	private_chat_portal_meta = true;
		179	provisioning = {
		180	shared_secret = "disable";
		181	};
		182	};
		183
		184	};
		185	};
		186
		187	services.radicale = {
		188	enable = true;
		189	settings = {
		190	server.hosts = [ "0.0.0.0:5232" ];
		191	auth = {
		192	type = "htpasswd";
		193	htpasswd_filename = "/etc/radicale/users";
		194	htpasswd_encryption = "bcrypt";
		195	};
		196	};
		197	};
		198	services.nginx.virtualHosts."radicale.laurel" = {
		199	listen = [{ port = 80; addr = "0.0.0.0"; }];
		200	locations."/" = {
		201	proxyPass = "http://127.0.0.1:5232";
		202	};
		203	};
		204
		205	services.syncthing = {
		206	enable = true;
		207	dataDir = "/syncthing";
		208	};
		209	services.nginx.virtualHosts."sync.laurel" = {
		210	listen = [{ port = 80; addr = "0.0.0.0"; }];
		211	locations."/" = {
		212	proxyPass = "http://127.0.0.1:8384";
		213	};
		214	};
		215
		216	services.readit = {
		217	enable = true;
		218	port = 9495;
		219	};
		220	services.nginx.virtualHosts."read.laurel" = {
		221	listen = [{ port = 80; addr = "0.0.0.0"; }];
		222	locations."/" = {
		223	proxyPass = "http://127.0.0.1:9495";
		224	};
		225	};
		226
		227
127	nix.settings.experimental-features = [ "nix-command" "flakes" ];	228	nix.settings.experimental-features = [ "nix-command" "flakes" ];
128		229
129	# This option defines the first version of NixOS you have installed on this particular machine,	230	# This option defines the first version of NixOS you have installed on this particular machine,