Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

enabled jellyfin for defiant

Browse source
This commit is contained in:
Leyla Becker 2024-12-13 18:20:23 -06:00
parent 194287e22a
commit 2a3501fea4
3 changed files with 32 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

8
configurations/nixos/defiant/configuration.nix
View file

@ -67,6 +67,14 @@
directories = ["leyla" "eve"]; directories = ["leyla" "eve"];
}; };
}; };
reverse_proxy = {
enable = true;
hostname = "jan-leila.com";
};
jellyfin = {
enable = true;
subdomain = "media";
};
}; };
networking = { networking = {
hostId = "c51763d6"; hostId = "c51763d6";

8
modules/nixos-modules/server/jellyfin.nix
View file

@ -51,8 +51,9 @@ in {
]; ];
}; };
host.storage.pool.extraDatasets = [ fileSystems."/persist/system/jellyfin".neededForBoot = true;
{
host.storage.pool.extraDatasets = {
# sops age key needs to be available to pre persist for user generation # sops age key needs to be available to pre persist for user generation
"persist/system/jellyfin" = { "persist/system/jellyfin" = {
type = "zfs_fs"; type = "zfs_fs";
@ -63,8 +64,7 @@ in {
canmount = "on"; canmount = "on";
}; };
}; };
} };
];
}) })
] ]
); );

17
modules/nixos-modules/server/reverse_proxy.nix
View file

@ -6,16 +6,16 @@
options.host.reverse_proxy = { options.host.reverse_proxy = {
enable = lib.mkEnableOption "turn on the reverse proxy"; enable = lib.mkEnableOption "turn on the reverse proxy";
hostname = lib.mkOption { hostname = lib.mkOption {
type = lib.type.string; type = lib.types.string;
description = "what host name are we going to be proxying from"; description = "what host name are we going to be proxying from";
}; };
forceSSL = lib.mkOption { forceSSL = lib.mkOption {
type = lib.type.boolean; type = lib.types.bool;
description = "force connections to use https"; description = "force connections to use https";
default = true; default = true;
}; };
enableACME = lib.mkOption { enableACME = lib.mkOption {
type = lib.type.boolean; type = lib.types.bool;
description = "auto renew certificates"; description = "auto renew certificates";
default = true; default = true;
}; };
@ -34,12 +34,17 @@
# TODO: impermanence for ACME keys # TODO: impermanence for ACME keys
config = { config = {
security.acme = lib.mkIf config.host.reverse_proxy.enableACME {
acceptTerms = true;
defaults.email = "jan-leila@protonmail.com";
};
services.nginx = { services.nginx = {
enable = config.host.reverse_proxy.enable; enable = config.host.reverse_proxy.enable;
virtualHosts = lib.attrsets.mapAttrs' (name: value: virtualHosts = lib.attrsets.mapAttrs' (name: value:
lib.attrsets.nameValuePair "${name}.${config.home.reverse_proxy.hostname}" { lib.attrsets.nameValuePair "${name}.${config.host.reverse_proxy.hostname}" {
forceSSL = config.home.reverse_proxy.forceSSL; forceSSL = config.host.reverse_proxy.forceSSL;
enableACME = config.home.reverse_proxy.enableACME; enableACME = config.host.reverse_proxy.enableACME;
locations."/" = { locations."/" = {
proxyPass = value.target; proxyPass = value.target;
proxyWebsockets = value.websockets; proxyWebsockets = value.websockets;