From 8ce458e2d30707385daf00e71ab1227e002fb828 Mon Sep 17 00:00:00 2001
From: Felix Albrigtsen <felixalbrigtsen@gmail.com>
Date: Thu, 29 Jun 2023 23:31:55 +0200
Subject: [PATCH] Add stash, adjust gitea

---
 hosts/voyager/configuration.nix  |  1 +
 hosts/voyager/services/gitea.nix |  4 +++
 hosts/voyager/services/stash.nix | 54 ++++++++++++++++++++++++++++++++
 3 files changed, 59 insertions(+)
 create mode 100644 hosts/voyager/services/stash.nix

diff --git a/hosts/voyager/configuration.nix b/hosts/voyager/configuration.nix
index 7b1ef98..52dd6bf 100644
--- a/hosts/voyager/configuration.nix
+++ b/hosts/voyager/configuration.nix
@@ -24,6 +24,7 @@
       ./services/hedgedoc.nix
       ./services/vaultwarden.nix
       ./services/calibre.nix
+      ./services/stash.nix
       # ./services/code-server.nix
   ];
 
diff --git a/hosts/voyager/services/gitea.nix b/hosts/voyager/services/gitea.nix
index 728da7b..1385815 100644
--- a/hosts/voyager/services/gitea.nix
+++ b/hosts/voyager/services/gitea.nix
@@ -3,6 +3,7 @@ let
   cfg = config.services.gitea;
   domain = "git.feal.no";
   httpPort = 3004;
+  /* sshPort = 2222; */
 in {
     services.gitea = {
       enable = true;
@@ -16,6 +17,8 @@ in {
         server = {
           LANDING_PAGE=''"/felixalb"'';
           HTTP_PORT = httpPort;
+          /* SSH_PORT = sshPort; */
+          SSH_DOMAIN = "voyager.home.feal.no";
           DOMAIN = domain;
           ROOT_URL = "https://${domain}";
         };
@@ -48,5 +51,6 @@ in {
       # - configure mailer
     };
 
+    /* networking.firewall.allowedTCPPorts = [ httpPort sshPort ]; */
     networking.firewall.allowedTCPPorts = [ httpPort ];
 }
diff --git a/hosts/voyager/services/stash.nix b/hosts/voyager/services/stash.nix
new file mode 100644
index 0000000..b78f4b4
--- /dev/null
+++ b/hosts/voyager/services/stash.nix
@@ -0,0 +1,54 @@
+{ config, pkgs, lib, ... }:
+let
+  host = "127.0.1.2";
+  port = "5008";
+  # Some uid I will never use for anything else
+  uid = config.ids.uids.amule; 
+  gid = config.ids.gids.amule;
+in {
+  sops.secrets."transmission/vpncreds" = {
+    owner = "transmission";
+    group = "transmission";
+  };
+
+  users.users.stash = {
+    inherit uid;
+    group = "stash";
+    isSystemUser = true;
+    useDefaultShell = true;
+    description = "Stash media hosting platform";
+  };
+
+  users.groups.stash = {
+    inherit gid;
+  };
+
+  # Stash media hosting platform
+  virtualisation.oci-containers.containers.stash = {
+    image = "stashapp/stash";
+    ports = [ "${host}:${port}:9999" ];
+    volumes = [
+      "/var/lib/stash/config:/root/.stash"
+      "/var/lib/stash/cache:/cache"
+      "/tank/media/stash/data:/data"
+      "/tank/media/stash/other/metadata:/metadata"
+      "/tank/media/stash/other/blobs:/blobs"
+      "/tank/media/stash/other/generated:/generated"
+    ];
+    environment = {
+      STASH_STASH     = "/data/";
+      STASH_GENERATED = "/generated/";
+      STASH_METADATA  = "/metadata";
+      STASH_CACHE     = "/cache";
+      STASH_PORT = "9999";
+    };
+    environmentFiles = [
+    ];
+  };
+  services.nginx.virtualHosts."stash.home.feal.no" = {
+    locations."/" = {
+      proxyPass = "http://${host}:${port}";
+    };
+  };
+
+}