diff options
author | Nick Van Doorn <nick@nvandoorn.com> | 2023-03-03 19:53:59 +0000 |
---|---|---|
committer | Nick Van Doorn <nick@nvandoorn.com> | 2023-03-03 19:53:59 +0000 |
commit | 9c622dc0c7507e1b15043fea8f2b20c8f99da154 (patch) | |
tree | c34f863a1f1c05524d61d7f155681c5191f5b0a6 | |
parent | 8bc75e71c38b7e40bf58ec21782b5febd2df9873 (diff) |
Update for new NixOS install
-rw-r--r-- | configuration.nix | 63 |
1 files changed, 46 insertions, 17 deletions
diff --git a/configuration.nix b/configuration.nix index 8ba625d..e533725 100644 --- a/configuration.nix +++ b/configuration.nix @@ -74,12 +74,13 @@ tailscale python3 wget - telnet + inetutils vim + ngrok flac lame imagemagick - neofetch + neofetch ffmpeg htop parted @@ -89,7 +90,7 @@ config.services.samba.package git unzip - nodejs-14_x + nodejs-16_x libstdcxx5 cgit rclone @@ -109,6 +110,7 @@ services.openssh.enable = true; networking.firewall.enable = true; + networking.firewall.checkReversePath = "loose"; networking.firewall.allowedTCPPorts = [ 548 6789 @@ -127,11 +129,19 @@ networking.firewall.allowedUDPPorts = [ 137 138 ]; networking.firewall.allowPing = true; + services.cron = { + enable = true; + systemCronJobs = [ + "0 0 0 1 * * root echo repair > /sys/block/md126/md/sync_action" + "0 0 0 1 * * root echo repair > /sys/block/md127/md/sync_action" + ]; + }; + services = { netatalk = { enable = true; - volumes = { + settings = { "home" = { path = "/mnt/cluster1/home"; "valid users" = "nick"; @@ -247,7 +257,6 @@ services.postfix = { enable = true; - rootAlias = "vandoorn.nick@gmail.com"; }; @@ -268,6 +277,8 @@ "radarr" "nzbget" "nick" + "nginx" + "deemix" ]; users.groups.family.members = [ "nick" @@ -281,33 +292,52 @@ services.deluge.group = "media"; services.deluge.web.enable = true; - services.sonarr.enable = true; - services.sonarr.group = "media"; - services.radarr.enable = true; services.radarr.group = "media"; + services.sonarr.enable = true; + services.sonarr.group = "media"; + services.jellyfin.enable = true; - services.plex = { - enable = true; - openFirewall = true; + services.jellyfin.group = "media"; + + services.plex = let + master = import + (builtins.fetchTarball https://github.com/nixos/nixpkgs/tarball/master) + { config = config.nixpkgs.config; }; + in { + enable = true; + openFirewall = true; + package = master.plex; + group = "media"; + }; + + users.users.deemix = { + isSystemUser = true; + group = "media"; + home = "/var/lib/deemix"; }; systemd.services.deemix = { - script = '' - /home/nick/node/bin/node /home/nick/deemix-gui/server/dist/app.js --host 0.0.0.0 - ''; + description = "Deemix"; + after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; + serviceConfig = { - User = "root"; + Type = "simple"; + User = "deemix"; Group = "media"; + ExecStart = "${pkgs.nodejs-16_x}/bin/node ${pkgs.callPackage ./deemix.nix {}}/server/dist/app.js --host 0.0.0.0"; + Environment = "DEEMIX_DATA_DIR=/var/lib/deemix/"; + Restart = "on-failure"; }; }; services.fcgiwrap.enable = true; services.nginx.enable = true; - security.acme.email = "vandoorn.nick@gmail.com"; + security.acme.defaults.email = "vandoorn.nick@gmail.com"; security.acme.acceptTerms = true; + services.nginx.group = "media"; services.nginx.virtualHosts."localhost" = { cgit = { enable = true; @@ -323,7 +353,6 @@ }; }; - nixpkgs.config.allowUnfree = true; # This value determines the NixOS release from which the default |