Skip to content

Commit

Permalink
updated flake
Browse files Browse the repository at this point in the history
  • Loading branch information
rasmus-kirk committed Feb 21, 2024
1 parent cac2199 commit be44a85
Show file tree
Hide file tree
Showing 5 changed files with 21 additions and 22 deletions.
12 changes: 6 additions & 6 deletions flake.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 0 additions & 5 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -7,12 +7,7 @@
};

inputs = {
#nixpkgs.url = "github:nixos/nixpkgs/22.11";
nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
nixpkgs-flood.url = "github:3JlOy-PYCCKUi/nixpkgs/flood-module";
#nixpkgs-unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";

home-manager.url = "github:nix-community/home-manager";

flake-parts = {
url = "github:hercules-ci/flake-parts";
Expand Down
18 changes: 9 additions & 9 deletions nixarr/jellyfin/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ in {

expose = {
enable = mkEnableOption ''
Enable nginx for Jellyfin, exposing the web service to the internet.
Enable expose for Jellyfin, exposing the web service to the internet.
'';

upnp = mkOption {
Expand All @@ -50,8 +50,8 @@ in {

config =
# TODO: this doesn't work. I don't know why :(
#assert (!(cfg.vpn.enable && cfg.nginx.enable)) || abort "vpn.enable not compatible with nginx.enable.";
#assert (cfg.nginx.enable -> (cfg.nginx.domainName != null && cfg.nginx.acmeMail != null)) || abort "Both nginx.domain and nginx.acmeMail needs to be set if nginx.enable is set.";
#assert (!(cfg.vpn.enable && cfg.expose.enable)) || abort "vpn.enable not compatible with expose.enable.";
#assert (cfg.expose.enable -> (cfg.expose.domainName != null && cfg.expose.acmeMail != null)) || abort "Both expose.domain and expose.acmeMail needs to be set if expose.enable is set.";
mkIf cfg.enable
{
services.jellyfin = {
Expand All @@ -62,23 +62,23 @@ in {
configDir = "${cfg.stateDir}/config";
};

networking.firewall = mkIf cfg.nginx.enable {
networking.firewall = mkIf cfg.expose.enable {
allowedTCPPorts = [ 80 443 ];
};

util.upnp = mkIf cfg.nginx.upnp.enable {
util.upnp = mkIf cfg.expose.upnp.enable {
enable = true;
openTcpPorts = [ 80 443 ];
};

services.nginx = mkIf (cfg.nginx.enable || cfg.vpn.enable) {
services.expose = mkIf (cfg.expose.enable || cfg.vpn.enable) {
enable = true;

recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;

virtualHosts."${builtins.replaceStrings ["\n"] [""] cfg.nginx.domainName}" = mkIf cfg.nginx.enable {
virtualHosts."${builtins.replaceStrings ["\n"] [""] cfg.expose.domainName}" = mkIf cfg.expose.enable {
enableACME = true;
forceSSL = true;
locations."/" = {
Expand All @@ -103,9 +103,9 @@ in {
};
};

security.acme = mkIf cfg.nginx.enable {
security.acme = mkIf cfg.expose.enable {
acceptTerms = true;
defaults.email = cfg.nginx.acmeMail;
defaults.email = cfg.expose.acmeMail;
};

util.vpnnamespace.portMappings = [
Expand Down
8 changes: 6 additions & 2 deletions nixarr/prowlarr/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ with lib; let
nixarr = config.nixarr;
cfg = config.nixarr.prowlarr;
in {
imports = [
./prowlarr-module
];

options.nixarr.prowlarr = {
enable = mkEnableOption "Enable the Prowlarr service.";

Expand All @@ -29,7 +33,7 @@ in {
config = mkIf cfg.enable {
util.services.prowlarr = mkIf (!cfg.vpn.enable) {
enable = true;
dataDir = cfg.statedir;
dataDir = cfg.stateDir;
};

util.vpnnamespace.portMappings = [
Expand All @@ -45,7 +49,7 @@ in {
autoStart = true;
ephemeral = true;
extraFlags = ["--network-namespace-path=/var/run/netns/wg"];
bindMounts."${cfg.statedir}".isReadOnly = false;
bindMounts."${cfg.stateDir}".isReadOnly = false;

config = {
users.groups.prowlarr = {};
Expand Down
File renamed without changes.

0 comments on commit be44a85

Please sign in to comment.