diff --git a/configurations/host/valkyrie/secrets/private/default.nix b/configurations/host/valkyrie/secrets/private/default.nix index e647eea..ec004d8 100644 Binary files a/configurations/host/valkyrie/secrets/private/default.nix and b/configurations/host/valkyrie/secrets/private/default.nix differ diff --git a/configurations/host/waffentrager/default.nix b/configurations/host/waffentrager/default.nix index 634375c..133cd26 100644 --- a/configurations/host/waffentrager/default.nix +++ b/configurations/host/waffentrager/default.nix @@ -10,6 +10,9 @@ virtualisation.podman.autoPrune.enable = true; virtualisation.podman.autoPrune.dates = "daily"; + virtualisation.podman.defaultNetwork.settings = { + default_subnet = "10.88.0.0/16"; + }; virtualisation.oci-containers.backend = "podman"; } diff --git a/configurations/host/waffentrager/services/multimedia/scrobbling.nix b/configurations/host/waffentrager/services/multimedia/scrobbling.nix index b57a606..a6e3d0d 100644 --- a/configurations/host/waffentrager/services/multimedia/scrobbling.nix +++ b/configurations/host/waffentrager/services/multimedia/scrobbling.nix @@ -11,71 +11,27 @@ in - #### MALOJA + #### MALOJA -------------------------------------------------------------------- lib.mkIf cfg.enable { sops.templates."maloja.env".content = '' MALOJA_DATA_DIRECTORY=/data - MALOJA_DIRECTORY_CONFIG=/data/config MALOJA_DIRECTORY_STATE=/data/state MALOJA_DIRECTORY_CACHE=/data/cache - MALOJA_NAME="Melody" - MALOJA_LASTFM_USERNAME=${config.sops.placeholder.lastfm-user} - MALOJA_LASTFM_PASSWORD=${config.sops.placeholder.lastfm-pass} - MALOJA_LASTFM_API_KEY=${config.sops.placeholder.lastfm-api} - MALOJA_LASTFM_API_SECRET=${config.sops.placeholder.lastfm-secret} - MALOJA_LASTFM_API_SK=${config.sops.placeholder.lastfm-token} + MALOJA_SKIP_SETUP=yes MALOJA_FORCE_PASSWORD=${config.sops.placeholder.maloja} MALOJA_SPOTIFY_API_ID=${config.sops.placeholder.spotify-client-id} MALOJA_SPOTIFY_API_SECRET=${config.sops.placeholder.spotify-client-secret} + + MALOJA_NAME=Melody + + MALOJA_WEEK_OFFSET=1 + + PUID=${builtins.toString config.users.users.scrobbler.uid} + PGID=${builtins.toString config.users.groups.scrobbler.gid} + TC=Europe/Warsaw + TIMEZONE=Europe/Warsaw ''; - - virtualisation.oci-containers.containers.maloja = { - image = "krateng/maloja:latest"; - ports = [ - "42010:42010" - ]; - volumes = [ - "${config.waffentragerService.elements.malojaDir}:/data" - ]; - environmentFiles = [ - config.sops.templates."maloja.env".path - ]; - }; - systemd.services."${config.virtualisation.oci-containers.backend}-maloja" = { - requires = [ "elements-mount.service" ]; - after = [ "elements-mount.service" ]; - }; - - #### MULTI SCROBBLER - sops.templates."multi-scrobbler.env".content = '' - BASE_URL="https://melody.materus.pl/multi-scrobbler" - TC=Europe/Warsaw - - JELLYFIN_SERVER="https://noot.materus.pl/" - SPOTIFY_CLIENT_ID=${config.sops.placeholder.spotify-client-id} - SPOTIFY_CLIENT_SECRET=${config.sops.placeholder.spotify-client-secret} - MALOJA_URL="https://melody.materus.pl" - MALOJA_API_KEY="${config.sops.placeholder.maloja-api}" - LASTFM_API_KEY=${config.sops.placeholder.lastfm-api} - LASTFM_SECRET=${config.sops.placeholder.lastfm-secret} - ''; - virtualisation.oci-containers.containers.multi-scrobbler = { - image = "foxxmd/multi-scrobbler:latest"; - ports = [ - "42011:9078" - ]; - volumes = [ - "${config.waffentragerService.elements.malojaDir}/multi-scrobbler:/data" - ]; - environmentFiles = [ - config.sops.templates."multi-scrobbler.env".path - ]; - }; - - - - #### Proxy services.nginx.virtualHosts = { "melody.materus.pl" = { sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem"; @@ -84,7 +40,6 @@ addSSL = true; http2 = false; http3 = true; - # Maloja locations."/" = { proxyPass = "http://127.0.0.1:42010"; extraConfig = '' @@ -94,13 +49,156 @@ proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - + ''; }; - locations."/multi-scrobbler" = { + }; + + }; + + + virtualisation.oci-containers.containers.maloja = + { + + image = "krateng/maloja:latest"; + ports = [ + "42010:42010" + ]; + volumes = [ + "${config.waffentragerService.elements.malojaDir}:/data" + ]; + environmentFiles = [ + config.sops.templates."maloja.env".path + ]; + }; + systemd.services."${config.virtualisation.oci-containers.backend}-maloja" = + + let + malojaCfg = pkgs.writeText "settings.ini" ''[MALOJA] +directory_config = /data +lastfm_api_key = False +audiodb_api_key = False +spotify_api_id = False +spotify_api_secret = False +delimiters_feat = ["ft.","ft","feat.","feat","featuring","Ft.","Ft","Feat.","Feat","Featuring"] +delimiters_informal = ["vs.","vs","&","with"] +delimiters_formal = ["; ",";"] +metadata_providers = ["spotify","deezer","lastfm","audiodb","musicbrainz"] + +''; + in + { + requires = [ "elements-mount.service" ]; + after = [ "elements-mount.service" ]; + preStart = ''cp --update=none ${malojaCfg} ${config.waffentragerService.elements.malojaDir}/settings.ini''; + + }; + + #### MULTI SCROBBLER -------------------------------------------------------------------- + users.groups.scrobbler = { gid = 3000; }; + users.users.scrobbler = { + group = "scrobbler"; + uid = 3000; + isSystemUser = true; + }; + sops.templates."multi-scrobbler.env".content = '' + TC=Europe/Warsaw + CONFIG_DIR=/config + PUID=${builtins.toString config.users.users.scrobbler.uid} + PGID=${builtins.toString config.users.groups.scrobbler.gid} + ''; + sops.templates."multi-scrobbler.json".owner = "scrobbler"; + sops.templates."multi-scrobbler.json".group = "scrobbler"; + sops.templates."multi-scrobbler.json".content = builtins.toJSON { + baseUrl = "https://scrobbler.materus.pl"; + disableWeb = false; + debugMode = false; + sources = [ + { + name = "materus-spotify"; + enable = true; + clients = [ "maloja" ]; + data = { + clientId = "${config.sops.placeholder.spotify-client-id}"; + clientSecret = "${config.sops.placeholder.spotify-client-secret}"; + redirectUri = "https://scrobbler.materus.pl/callback"; + interval = 30; + }; + type = "spotify"; + } + { + name = "materus-jellyfin"; + enable = true; + clients = [ "maloja" ]; + data = { + users = [ + "materus" + ]; + servers = [ + "waffentrager" + ]; + }; + options = { + logPayload = false; + logFilterFailure = "warn"; + }; + type = "jellyfin"; + } + ]; + clients = [ + { + name = "maloja"; + enable = true; + data = { + url = "https://melody.materus.pl/"; + apiKey = "${config.sops.placeholder.maloja-api}"; + }; + type = "maloja"; + } + { + name = "materus-brainz"; + enable = true; + configureAs = "client"; + data = { + token = "${config.sops.placeholder.listenbrainz-api}"; + username = "materus"; + }; + type = "listenbrainz"; + } + { + name = "materus-lastfm"; + enable = true; + configureAs = "client"; + data = { + apiKey = "${config.sops.placeholder.lastfm-api}"; + secret = "${config.sops.placeholder.lastfm-secret}"; + redirectUri = "https://scrobbler.materus.pl/lastfm/callback"; + }; + type = "lastfm"; + } + + ]; + + }; + + + + + services.nginx.virtualHosts = { + "scrobbler.materus.pl" = { + sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem"; + sslCertificateKey = "/var/lib/mnt_acme/materus.pl/key.pem"; + sslCertificate = "/var/lib/mnt_acme/materus.pl/fullchain.pem"; + addSSL = true; + http2 = false; + http3 = true; + locations."/" = { proxyPass = "http://127.0.0.1:42011"; extraConfig = '' + allow ${materusArg.ip-masks.wireguard.private}; + allow 192.168.100.0/24; + deny all; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; @@ -114,6 +212,28 @@ }; }; + systemd.services."${config.virtualisation.oci-containers.backend}-multi-scrobbler" = + { + preStart = ''cp -f ${config.sops.templates."multi-scrobbler.json".path} ${config.waffentragerService.elements.malojaDir}/multi-scrobbler/config.json''; + requires = [ "elements-mount.service" ]; + after = [ "elements-mount.service" ]; + }; + virtualisation.oci-containers.containers.multi-scrobbler = { + image = "foxxmd/multi-scrobbler:latest"; + ports = [ + "127.0.0.1:42011:9078" + ]; + volumes = [ + "${config.waffentragerService.elements.malojaDir}/multi-scrobbler:/config" + ]; + environmentFiles = [ + config.sops.templates."multi-scrobbler.env".path + ]; + }; + + + + }; diff --git a/configurations/host/waffentrager/services/storage/elements.nix b/configurations/host/waffentrager/services/storage/elements.nix index 1f6ec3e..15e3209 100644 --- a/configurations/host/waffentrager/services/storage/elements.nix +++ b/configurations/host/waffentrager/services/storage/elements.nix @@ -25,7 +25,22 @@ mkdir -p ${cfg.path} cryptsetup luksOpen /dev/disk/by-uuid/${cfg.uuid} elements -d ${config.sops.secrets.elements.path} mount /dev/mapper/elements ${cfg.path} - '' + lib.optionalString config.waffentragerService.postgresql.enable '' + '' + + ; + preStop = '' + umount ${cfg.path} + cryptsetup luksClose elements + ''; + }; + + systemd.services.elements-dirmake = { + description = "Create dirs in elements drive"; + path = [ pkgs.cryptsetup pkgs.coreutils pkgs.util-linux ]; + + serviceConfig.Type = "oneshot"; + serviceConfig.RemainAfterExit = false; + script = lib.optionalString config.waffentragerService.postgresql.enable '' mkdir -p ${cfg.postgresqlDir}/${config.waffentragerService.postgresql.version} chown -R postgres:postgres ${cfg.postgresqlDir} '' + lib.optionalString config.waffentragerService.nextcloud.enable '' @@ -39,15 +54,11 @@ chown -R materus:nextcloud ${cfg.jellyfinDir} '' + lib.optionalString config.waffentragerService.scrobbling.enable '' mkdir -p ${cfg.malojaDir}/multi-scrobbler - chown -R ${cfg.malojaDir} + chown -R scrobbler:scrobbler ${cfg.malojaDir} '' ; - preStop = '' - umount ${cfg.path} - cryptsetup luksClose elements - ''; }; };