materus
/
nixos-config
mirror of https://github.com/materusPL/nixos-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

waffentrager: add maloja and multi-scrobbler, file restructure. valkyrie: reverse proxy (correct commit)

This commit is contained in:
Mateusz Słodkowicz 2024-09-12 11:56:18 +02:00
parent e233dc9efa
commit 448e1c58ae
Signed by: materus
GPG Key ID: 28D140BCA60B4FD1
4 changed files with 198 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
configurations/host/valkyrie/secrets/private/default.nix
View File

Binary file not shown.

3
configurations/host/waffentrager/default.nix
View File

@ -10,6 +10,9 @@
virtualisation.podman.autoPrune.enable = true; virtualisation.podman.autoPrune.enable = true;
virtualisation.podman.autoPrune.dates = "daily"; virtualisation.podman.autoPrune.dates = "daily";
virtualisation.podman.defaultNetwork.settings = {
default_subnet = "10.88.0.0/16";
};
virtualisation.oci-containers.backend = "podman"; virtualisation.oci-containers.backend = "podman";
} }

236
configurations/host/waffentrager/services/multimedia/scrobbling.nix
View File

@ -11,71 +11,27 @@
in in
#### MALOJA #### MALOJA --------------------------------------------------------------------
lib.mkIf cfg.enable { lib.mkIf cfg.enable {
sops.templates."maloja.env".content = '' sops.templates."maloja.env".content = ''
MALOJA_DATA_DIRECTORY=/data MALOJA_DATA_DIRECTORY=/data
MALOJA_DIRECTORY_CONFIG=/data/config
MALOJA_DIRECTORY_STATE=/data/state MALOJA_DIRECTORY_STATE=/data/state
MALOJA_DIRECTORY_CACHE=/data/cache MALOJA_DIRECTORY_CACHE=/data/cache
MALOJA_NAME="Melody"
MALOJA_LASTFM_USERNAME=${config.sops.placeholder.lastfm-user}
MALOJA_LASTFM_PASSWORD=${config.sops.placeholder.lastfm-pass}
MALOJA_LASTFM_API_KEY=${config.sops.placeholder.lastfm-api}
MALOJA_LASTFM_API_SECRET=${config.sops.placeholder.lastfm-secret}
MALOJA_LASTFM_API_SK=${config.sops.placeholder.lastfm-token}
MALOJA_SKIP_SETUP=yes MALOJA_SKIP_SETUP=yes
MALOJA_FORCE_PASSWORD=${config.sops.placeholder.maloja} MALOJA_FORCE_PASSWORD=${config.sops.placeholder.maloja}
MALOJA_SPOTIFY_API_ID=${config.sops.placeholder.spotify-client-id} MALOJA_SPOTIFY_API_ID=${config.sops.placeholder.spotify-client-id}
MALOJA_SPOTIFY_API_SECRET=${config.sops.placeholder.spotify-client-secret} MALOJA_SPOTIFY_API_SECRET=${config.sops.placeholder.spotify-client-secret}
MALOJA_NAME=Melody
MALOJA_WEEK_OFFSET=1
PUID=${builtins.toString config.users.users.scrobbler.uid}
PGID=${builtins.toString config.users.groups.scrobbler.gid}
TC=Europe/Warsaw
TIMEZONE=Europe/Warsaw
''; '';
virtualisation.oci-containers.containers.maloja = {
image = "krateng/maloja:latest";
ports = [
"42010:42010"
];
volumes = [
"${config.waffentragerService.elements.malojaDir}:/data"
];
environmentFiles = [
config.sops.templates."maloja.env".path
];
};
systemd.services."${config.virtualisation.oci-containers.backend}-maloja" = {
requires = [ "elements-mount.service" ];
after = [ "elements-mount.service" ];
};
#### MULTI SCROBBLER
sops.templates."multi-scrobbler.env".content = ''
BASE_URL="https://melody.materus.pl/multi-scrobbler"
TC=Europe/Warsaw
JELLYFIN_SERVER="https://noot.materus.pl/"
SPOTIFY_CLIENT_ID=${config.sops.placeholder.spotify-client-id}
SPOTIFY_CLIENT_SECRET=${config.sops.placeholder.spotify-client-secret}
MALOJA_URL="https://melody.materus.pl"
MALOJA_API_KEY="${config.sops.placeholder.maloja-api}"
LASTFM_API_KEY=${config.sops.placeholder.lastfm-api}
LASTFM_SECRET=${config.sops.placeholder.lastfm-secret}
'';
virtualisation.oci-containers.containers.multi-scrobbler = {
image = "foxxmd/multi-scrobbler:latest";
ports = [
"42011:9078"
];
volumes = [
"${config.waffentragerService.elements.malojaDir}/multi-scrobbler:/data"
];
environmentFiles = [
config.sops.templates."multi-scrobbler.env".path
];
};
#### Proxy
services.nginx.virtualHosts = { services.nginx.virtualHosts = {
"melody.materus.pl" = { "melody.materus.pl" = {
sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem"; sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem";
@ -84,7 +40,6 @@
addSSL = true; addSSL = true;
http2 = false; http2 = false;
http3 = true; http3 = true;
# Maloja
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:42010"; proxyPass = "http://127.0.0.1:42010";
extraConfig = '' extraConfig = ''
@ -94,13 +49,156 @@
proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
''; '';
}; };
locations."/multi-scrobbler" = { };
};
virtualisation.oci-containers.containers.maloja =
{
image = "krateng/maloja:latest";
ports = [
"42010:42010"
];
volumes = [
"${config.waffentragerService.elements.malojaDir}:/data"
];
environmentFiles = [
config.sops.templates."maloja.env".path
];
};
systemd.services."${config.virtualisation.oci-containers.backend}-maloja" =
let
malojaCfg = pkgs.writeText "settings.ini" ''[MALOJA]
directory_config = /data
lastfm_api_key = False
audiodb_api_key = False
spotify_api_id = False
spotify_api_secret = False
delimiters_feat = ["ft.","ft","feat.","feat","featuring","Ft.","Ft","Feat.","Feat","Featuring"]
delimiters_informal = ["vs.","vs","&","with"]
delimiters_formal = ["; ",";"]
metadata_providers = ["spotify","deezer","lastfm","audiodb","musicbrainz"]
'';
in
{
requires = [ "elements-mount.service" ];
after = [ "elements-mount.service" ];
preStart = ''cp --update=none ${malojaCfg} ${config.waffentragerService.elements.malojaDir}/settings.ini'';
};
#### MULTI SCROBBLER --------------------------------------------------------------------
users.groups.scrobbler = { gid = 3000; };
users.users.scrobbler = {
group = "scrobbler";
uid = 3000;
isSystemUser = true;
};
sops.templates."multi-scrobbler.env".content = ''
TC=Europe/Warsaw
CONFIG_DIR=/config
PUID=${builtins.toString config.users.users.scrobbler.uid}
PGID=${builtins.toString config.users.groups.scrobbler.gid}
'';
sops.templates."multi-scrobbler.json".owner = "scrobbler";
sops.templates."multi-scrobbler.json".group = "scrobbler";
sops.templates."multi-scrobbler.json".content = builtins.toJSON {
baseUrl = "https://scrobbler.materus.pl";
disableWeb = false;
debugMode = false;
sources = [
{
name = "materus-spotify";
enable = true;
clients = [ "maloja" ];
data = {
clientId = "${config.sops.placeholder.spotify-client-id}";
clientSecret = "${config.sops.placeholder.spotify-client-secret}";
redirectUri = "https://scrobbler.materus.pl/callback";
interval = 30;
};
type = "spotify";
}
{
name = "materus-jellyfin";
enable = true;
clients = [ "maloja" ];
data = {
users = [
"materus"
];
servers = [
"waffentrager"
];
};
options = {
logPayload = false;
logFilterFailure = "warn";
};
type = "jellyfin";
}
];
clients = [
{
name = "maloja";
enable = true;
data = {
url = "https://melody.materus.pl/";
apiKey = "${config.sops.placeholder.maloja-api}";
};
type = "maloja";
}
{
name = "materus-brainz";
enable = true;
configureAs = "client";
data = {
token = "${config.sops.placeholder.listenbrainz-api}";
username = "materus";
};
type = "listenbrainz";
}
{
name = "materus-lastfm";
enable = true;
configureAs = "client";
data = {
apiKey = "${config.sops.placeholder.lastfm-api}";
secret = "${config.sops.placeholder.lastfm-secret}";
redirectUri = "https://scrobbler.materus.pl/lastfm/callback";
};
type = "lastfm";
}
];
};
services.nginx.virtualHosts = {
"scrobbler.materus.pl" = {
sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem";
sslCertificateKey = "/var/lib/mnt_acme/materus.pl/key.pem";
sslCertificate = "/var/lib/mnt_acme/materus.pl/fullchain.pem";
addSSL = true;
http2 = false;
http3 = true;
locations."/" = {
proxyPass = "http://127.0.0.1:42011"; proxyPass = "http://127.0.0.1:42011";
extraConfig = '' extraConfig = ''
allow ${materusArg.ip-masks.wireguard.private};
allow 192.168.100.0/24;
deny all;
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@ -114,6 +212,28 @@
}; };
}; };
systemd.services."${config.virtualisation.oci-containers.backend}-multi-scrobbler" =
{
preStart = ''cp -f ${config.sops.templates."multi-scrobbler.json".path} ${config.waffentragerService.elements.malojaDir}/multi-scrobbler/config.json'';
requires = [ "elements-mount.service" ];
after = [ "elements-mount.service" ];
};
virtualisation.oci-containers.containers.multi-scrobbler = {
image = "foxxmd/multi-scrobbler:latest";
ports = [
"127.0.0.1:42011:9078"
];
volumes = [
"${config.waffentragerService.elements.malojaDir}/multi-scrobbler:/config"
];
environmentFiles = [
config.sops.templates."multi-scrobbler.env".path
];
};
}; };

23
configurations/host/waffentrager/services/storage/elements.nix
View File

@ -25,7 +25,22 @@
mkdir -p ${cfg.path} mkdir -p ${cfg.path}
cryptsetup luksOpen /dev/disk/by-uuid/${cfg.uuid} elements -d ${config.sops.secrets.elements.path} cryptsetup luksOpen /dev/disk/by-uuid/${cfg.uuid} elements -d ${config.sops.secrets.elements.path}
mount /dev/mapper/elements ${cfg.path} mount /dev/mapper/elements ${cfg.path}
'' + lib.optionalString config.waffentragerService.postgresql.enable '' ''
;
preStop = ''
umount ${cfg.path}
cryptsetup luksClose elements
'';
};
systemd.services.elements-dirmake = {
description = "Create dirs in elements drive";
path = [ pkgs.cryptsetup pkgs.coreutils pkgs.util-linux ];
serviceConfig.Type = "oneshot";
serviceConfig.RemainAfterExit = false;
script = lib.optionalString config.waffentragerService.postgresql.enable ''
mkdir -p ${cfg.postgresqlDir}/${config.waffentragerService.postgresql.version} mkdir -p ${cfg.postgresqlDir}/${config.waffentragerService.postgresql.version}
chown -R postgres:postgres ${cfg.postgresqlDir} chown -R postgres:postgres ${cfg.postgresqlDir}
'' + lib.optionalString config.waffentragerService.nextcloud.enable '' '' + lib.optionalString config.waffentragerService.nextcloud.enable ''
@ -39,15 +54,11 @@
chown -R materus:nextcloud ${cfg.jellyfinDir} chown -R materus:nextcloud ${cfg.jellyfinDir}
'' + lib.optionalString config.waffentragerService.scrobbling.enable '' '' + lib.optionalString config.waffentragerService.scrobbling.enable ''
mkdir -p ${cfg.malojaDir}/multi-scrobbler mkdir -p ${cfg.malojaDir}/multi-scrobbler
chown -R ${cfg.malojaDir} chown -R scrobbler:scrobbler ${cfg.malojaDir}
'' ''
; ;
preStop = ''
umount ${cfg.path}
cryptsetup luksClose elements
'';
}; };
}; };