felixalb/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Configure transmission and gitea

Browse Source
This commit is contained in:
Felix Albrigtsen
2023-05-11 14:34:13 +02:00
parent 66645843db
commit 2850d19f76
6 changed files with 143 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hosts/voyager/configuration.nix
View File

@@ -16,8 +16,10 @@
./services/kanidm.nix
./services/matrix
./services/jellyfin.nix
./services/transmission.nix
./services/metrics
./services/flame.nix
./services/gitea.nix
./services/hedgedoc.nix
./services/code-server.nix
# TODO:
@@ -26,7 +28,7 @@
# x Monitoring server
# x Podman
# x Flame
# - Transmission
# x Transmission
# x Jellyfin
# x NFS imports
# x NFS exports

49
hosts/voyager/services/gitea.nix Normal file
View File

@@ -0,0 +1,49 @@
{ config, pkgs, ... }:
let
cfg = config.services.gitea;
in {
services.gitea = {
enable = true;
package = pkgs.unstable.gitea;
appName = "felixalbs Gitea";
database = {
type = "postgres";
#passwordFile = "/var/gitea/passwdfile";
};
domain = "git.feal.no";
rootUrl = "https://git.feal.no";
httpPort = 3004;
settings = {
server.LANDING_PAGE=''"/felixalb"'';
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;
packages.ENABLED = false;
oauth2_client = {
ENABLE_AUTO_REGISTRATION = true;
OPENID_CONNECT_SCOPES = "email profile openid";
UPDATE_AVATAR = true;
ACCOUNT_LINKING = "auto";
USERNAME = "email";
};
log.LEVEL = "Info";
database.LOG_SQL = false;
ui = {
THEMES="gitea,arc-green,nord";
DEFAULT_THEME="nord";
};
};
# TODO:
# - dump (automatic backups)
# - configure mailer
};
networking.firewall.allowedTCPPorts = [ cfg.httpPort ];
}

4
hosts/voyager/services/postgres.nix
View File

@@ -4,10 +4,14 @@
enable = true;
/* enableTCPIP = true; # Expose on the network */
authentication = pkgs.lib.mkOverride 10 ''
local gitea all ident map=gitea-users
local all all trust
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
'';
identMap = ''
gitea-users gitea gitea
'';
};
services.postgresqlBackup = {

74
hosts/voyager/services/transmission.nix Normal file
View File

@@ -0,0 +1,74 @@
{ config, pkgs, lib, ... }:
let
host = "127.0.1.2";
port = "5003";
uid = 778;
gid = 778;
in {
sops.secrets."transmission/vpncreds" = {
owner = "transmission";
group = "transmission";
};
users.users.transmission = {
inherit uid;
group = "transmission";
isSystemUser = true;
useDefaultShell = true;
description = "Transmission torrent service";
};
users.groups.transmission = {
inherit gid;
};
# Transmission+PIA: Torrent client, Integrated VPN, Web interface
virtualisation.oci-containers.containers.transmission = {
image = "haugene/transmission-openvpn";
ports = [ "${host}:${port}:9091" ];
volumes = [
"/var/lib/transmission/config:/config"
"/tank/media/transmission:/data"
];
environment = {
OPENVPN_PROVIDER = "PIA";
OPENVPN_CONFIG = "norway,sweden,de_frankfurt";
LOCAL_NETWORK = "192.168.10.0/24";
PUID = toString uid;
PGID = toString gid;
};
environmentFiles = [
# OPENVPN_USERNAME and password is set here
# and optionally TRANSMISSION_RPC_USERNAME and password
config.sops.secrets."transmission/vpncreds".path
];
extraOptions = [
"--cap-add=net_admin,net_raw,mknod"
"--device=/dev/net/tun"
];
};
services.nginx.virtualHosts."transmission.home.feal.no" = {
locations."/" = {
proxyPass = "http://${host}:${port}";
};
};
fileSystems = {
"/tank/media/transmission/jellyfin" = {
device = "/tank/media/jellyfin";
options = [ "bind" ];
};
"/tank/media/transmission/music" = {
device = "/tank/media/music";
options = [ "bind" ];
};
"/tank/media/transmission/inbox" = {
device = "/tank/inbox";
options = [ "bind" ];
};
"/tank/media/transmission/other" = {
device = "/tank/media/other";
options = [ "bind" ];
};
};
}