From e233dc9efac83ede16c4d11c670c566d0f6e14e3 Mon Sep 17 00:00:00 2001 From: materus Date: Thu, 12 Sep 2024 11:55:35 +0200 Subject: [PATCH] waffentrager: add maloja and multi-scrobbler, file restructure. valkyrie: reverse proxy --- configurations/host/valkyrie/default.nix | 5 + .../host/valkyrie/services/dcbot.nix | 281 ++---------------- configurations/host/waffentrager/default.nix | 5 + .../host/waffentrager/secrets/default.nix | 10 + .../host/waffentrager/secrets/secrets.yaml | 16 +- .../host/waffentrager/services/default.nix | 21 +- .../services/{ => multimedia}/jellyfin.nix | 0 .../services/multimedia/scrobbling.nix | 120 ++++++++ .../services/{ => storage}/elements.nix | 6 + .../services/{ => storage}/gitea.nix | 0 .../services/{ => storage}/mount-acme.nix | 0 .../services/{ => storage}/nextcloud.nix | 0 .../services/{ => storage}/samba.nix | 0 .../services/{ => storage}/syncthing.nix | 0 14 files changed, 193 insertions(+), 271 deletions(-) rename configurations/host/waffentrager/services/{ => multimedia}/jellyfin.nix (100%) create mode 100644 configurations/host/waffentrager/services/multimedia/scrobbling.nix rename configurations/host/waffentrager/services/{ => storage}/elements.nix (88%) rename configurations/host/waffentrager/services/{ => storage}/gitea.nix (100%) rename configurations/host/waffentrager/services/{ => storage}/mount-acme.nix (100%) rename configurations/host/waffentrager/services/{ => storage}/nextcloud.nix (100%) rename configurations/host/waffentrager/services/{ => storage}/samba.nix (100%) rename configurations/host/waffentrager/services/{ => storage}/syncthing.nix (100%) diff --git a/configurations/host/valkyrie/default.nix b/configurations/host/valkyrie/default.nix index 3109177..9586372 100644 --- a/configurations/host/valkyrie/default.nix +++ b/configurations/host/valkyrie/default.nix @@ -142,6 +142,11 @@ }; + virtualisation.podman.autoPrune.enable = true; + virtualisation.podman.autoPrune.dates = "daily"; + virtualisation.oci-containers.backend = "podman"; + + security.acme.acceptTerms = true; security.acme.defaults.email = "materus+acme@podkos.pl"; security.acme.defaults.credentialsFile = config.sops.secrets.certs.path; diff --git a/configurations/host/valkyrie/services/dcbot.nix b/configurations/host/valkyrie/services/dcbot.nix index 6c05ca3..d861849 100644 --- a/configurations/host/valkyrie/services/dcbot.nix +++ b/configurations/host/valkyrie/services/dcbot.nix @@ -1,6 +1,6 @@ { config, pkgs, lib, materusArg, ... }: { - options.valkyrieService.dcbot.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable dcbot"; + options.valkyrieService.dcbot.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable muse bot"; @@ -10,269 +10,32 @@ cfg = config.valkyrieService.dcbot; in lib.mkIf cfg.enable { + sops.templates."muse.env".content = '' + CACHE_LIMIT=512MB + BOT_STATUS=online + BOT_ACTIVITY_TYPE=LISTENING + BOT_ACTIVITY=Coś + DISCORD_TOKEN=${config.sops.placeholder.discord-token} + YOUTUBE_API_KEY=${config.sops.placeholder.youtube-api} + SPOTIFY_CLIENT_ID=${config.sops.placeholder.spotify-client-id} + SPOTIFY_CLIENT_SECRET=${config.sops.placeholder.spotify-client-secret} + ''; systemd.tmpfiles.rules = [ - "d /var/lib/dcbot 0776 dcbot dcbot -" + "d /var/lib/muse 0776 root root -" ]; - users.groups.dcbot = { }; - users.users.dcbot = { - group = "dcbot"; - isSystemUser = true; + + virtualisation.oci-containers.containers.dcbot = { + image = "ghcr.io/museofficial/muse:latest"; + volumes = [ + "/var/lib/muse:/data" + ]; + environmentFiles = [ + config.sops.templates."muse.env".path + ]; }; - systemd.services.dcbot = { - description = "Make some noise!"; - serviceConfig = { - User="dcbot"; - Group="dcbot"; - }; - wantedBy = [ "multi-user.target" ]; - path = [ pkgs.jdk ]; - script = let - musicbot = let version = "0.4.3"; in (pkgs.fetchurl { - url = "https://github.com/jagrosh/MusicBot/releases/download/${version}/JMusicBot-${version}.jar"; - sha256 = "sha256-7CHFc94Fe6ip7RY+XJR9gWpZPKM5JY7utHp8C3paU9s="; - }); - - in '' - cd /var/lib/dcbot - java -Dconfig=${config.sops.templates."dcbot.config.txt".path} -Xmx1G -Dnogui=true -Djava.util.concurrent.ForkJoinPool.common.parallelism=1 -jar ${musicbot} - ''; - }; - - - - sops.templates."dcbot.config.txt".owner = "dcbot"; - sops.templates."dcbot.config.txt".group = "dcbot"; - sops.templates."dcbot.config.txt".content = '' -///////////////////////////////////////////////////////// -// Config for the JMusicBot // -///////////////////////////////////////////////////////// -// Any line starting with // is ignored // -// You MUST set the token and owner // -// All other items have defaults if you don't set them // -// Open in Notepad++ for best results // -///////////////////////////////////////////////////////// - - -// This sets the token for the bot to log in with -// This MUST be a bot token (user tokens will not work) -// If you don't know how to get a bot token, please see the guide here: -// https://github.com/jagrosh/MusicBot/wiki/Getting-a-Bot-Token - -token = ${config.sops.placeholder.discord-token} - - -// This sets the owner of the bot -// This needs to be the owner's ID (a 17-18 digit number) -// https://github.com/jagrosh/MusicBot/wiki/Finding-Your-User-ID - -owner = 141287334627901440 - - -// This sets the prefix for the bot -// The prefix is used to control the commands -// If you use !!, the play command will be !!play -// If you do not set this, the prefix will be a mention of the bot (@Botname play) - -prefix = "@mention" - - -// If you set this, it modifies the default game of the bot -// Set this to NONE to have no game -// Set this to DEFAULT to use the default game -// You can make the game "Playing X", "Listening to X", or "Watching X" -// where X is the title. If you don't include an action, it will use the -// default of "Playing" - -game = "DEFAULT" - - -// If you set this, it will modify the default status of bot -// Valid values: ONLINE IDLE DND INVISIBLE - -status = ONLINE - - -// If you set this to true, the bot will list the title of the song it is currently playing in its -// "Playing" status. Note that this will ONLY work if the bot is playing music on ONE guild; -// if the bot is playing on multiple guilds, this will not work. - -songinstatus=true - - -// If you set this, the bot will also use this prefix in addition to -// the one provided above - -altprefix = "-" - - -// If you set these, it will change the various emojis - -success = "🎶" -warning = "💡" -error = "🚫" -loading = "⌚" -searching = "🔎" - - -// If you set this, you change the word used to view the help. -// For example, if you set the prefix to !! and the help to cmds, you would type -// !!cmds to see the help text - -help = help - - -// If you set this, the "nowplaying" command will show youtube thumbnails -// Note: If you set this to true, the nowplaying boxes will NOT refresh -// This is because refreshing the boxes causes the image to be reloaded -// every time it refreshes. - -npimages = false - - -// If you set this, the bot will not leave a voice channel after it finishes a queue. -// Keep in mind that being connected to a voice channel uses additional bandwith, -// so this option is not recommended if bandwidth is a concern. - -stayinchannel = false - - -// This sets the maximum amount of seconds any track loaded can be. If not set or set -// to any number less than or equal to zero, there is no maximum time length. This time -// restriction applies to songs loaded from any source. - -maxtime = 0 - -// This sets the maximum number of pages of songs that can be loaded from a YouTube -// playlist. Each page can contain up to 100 tracks. Playing a playlist with more -// pages than the maximum will stop loading after the provided number of pages. -// For example, if the max was set to 15 and a playlist contained 1850 tracks, -// only the first 1500 tracks (15 pages) would be loaded. By default, this is -// set to 10 pages (1000 tracks). - -maxytplaylistpages = 10 - - -// This sets the ratio of users that must vote to skip the currently playing song. -// Guild owners can define their own skip ratios, but this will be used if a guild -// has not defined their own skip ratio. - -skipratio = 0.55 - - -// This sets the amount of seconds the bot will stay alone on a voice channel until it -// automatically leaves the voice channel and clears the queue. If not set or set -// to any number less than or equal to zero, the bot won't leave when alone. - -alonetimeuntilstop = 120 - - -// This sets an alternative folder to be used as the Playlists folder -// This can be a relative or absolute path - -playlistsfolder = "Playlists" - - -// By default, the bot will DM the owner if the bot is running and a new version of the bot -// becomes available. Set this to false to disable this feature. - -updatealerts=false - - -// Changing this changes the lyrics provider -// Currently available providers: "A-Z Lyrics", "Genius", "MusicMatch", "LyricsFreak" -// At the time of writing, I would recommend sticking with A-Z Lyrics or MusicMatch, -// as Genius tends to have a lot of non-song results and you might get something -// completely unrelated to what you want. -// If you are interested in contributing a provider, please see -// https://github.com/jagrosh/JLyrics - -lyrics.default = "A-Z Lyrics" - - -// These settings allow you to configure custom aliases for all commands. -// Multiple aliases may be given, separated by commas. -// -// Example 1: Giving command "play" the alias "p": -// play = [ p ] -// -// Example 2: Giving command "search" the aliases "yts" and "find": -// search = [ yts, find ] - -aliases { - // General commands - settings = [ status ] - - // Music commands - lyrics = [] - nowplaying = [ np, current ] - play = [] - playlists = [ pls ] - queue = [ list ] - remove = [ delete ] - scsearch = [] - search = [ ytsearch ] - shuffle = [] - skip = [ voteskip ] - - // Admin commands - prefix = [ setprefix ] - setdj = [] - setskip = [ setskippercent, skippercent, setskipratio ] - settc = [] - setvc = [] - - // DJ Commands - forceremove = [ forcedelete, modremove, moddelete, modelete ] - forceskip = [ modskip ] - movetrack = [ move ] - pause = [] - playnext = [] - queuetype = [] - repeat = [] - skipto = [ jumpto ] - stop = [ leave ] - volume = [ vol ] -} - - -// This sets the logging verbosity. -// Available levels: off, error, warn, info, debug, trace, all -// -// It is recommended to leave this at info. Debug log levels might help with troubleshooting, -// but can contain sensitive data. - -loglevel = info - - -// Transforms are used to modify specific play inputs and convert them to different kinds of inputs -// These are quite complicated to use, and have limited use-cases, but in theory allow for rough -// whitelists or blacklists, roundabout loading from some sources, and customization of how things are -// requested. -// -// These are NOT EASY to set up, so if you want to use these, you'll need to look through the code -// for how they work and what fields are needed. Also, it's possible this feature might get entirely -// removed in the future if I find a better way to do this. - -transforms = {} - - -// If you set this to true, it will enable the eval command for the bot owner. This command -// allows the bot owner to run arbitrary code from the bot's account. -// -// WARNING: -// This command can be extremely dangerous. If you don't know what you're doing, you could -// cause horrific problems on your Discord server or on whatever computer this bot is running -// on. Never run this command unless you are completely positive what you are running. -// -// DO NOT ENABLE THIS IF YOU DON'T KNOW WHAT THIS DOES OR HOW TO USE IT -// IF SOMEONE ASKS YOU TO ENABLE THIS, THERE IS AN 11/10 CHANCE THEY ARE TRYING TO SCAM YOU - -eval=false -evalengine="Nashorn" -''; }; -} +} \ No newline at end of file diff --git a/configurations/host/waffentrager/default.nix b/configurations/host/waffentrager/default.nix index bed2407..634375c 100644 --- a/configurations/host/waffentrager/default.nix +++ b/configurations/host/waffentrager/default.nix @@ -7,4 +7,9 @@ ./secrets ./services ]; + + virtualisation.podman.autoPrune.enable = true; + virtualisation.podman.autoPrune.dates = "daily"; + virtualisation.oci-containers.backend = "podman"; + } diff --git a/configurations/host/waffentrager/secrets/default.nix b/configurations/host/waffentrager/secrets/default.nix index 774f324..8a49847 100644 --- a/configurations/host/waffentrager/secrets/default.nix +++ b/configurations/host/waffentrager/secrets/default.nix @@ -25,4 +25,14 @@ sops.secrets."users/materus" = { neededForUsers = true; }; sops.secrets.elements = { }; sops.secrets.nextcloud-adminpass = { }; + sops.secrets.maloja = { }; + sops.secrets.maloja-api = { }; + sops.secrets.spotify-client-id = {}; + sops.secrets.spotify-client-secret = {}; + sops.secrets.lastfm-user= {}; + sops.secrets.lastfm-pass = {}; + sops.secrets.lastfm-api = {}; + sops.secrets.lastfm-secret = {}; + sops.secrets.lastfm-token = {}; + sops.secrets.listenbrainz-api = {}; } diff --git a/configurations/host/waffentrager/secrets/secrets.yaml b/configurations/host/waffentrager/secrets/secrets.yaml index a90af4f..1743843 100644 --- a/configurations/host/waffentrager/secrets/secrets.yaml +++ b/configurations/host/waffentrager/secrets/secrets.yaml @@ -1,4 +1,4 @@ -wireguard: ENC[AES256_GCM,data:QLngCAtEa6wfRRrZwywbARhsS1oGj9+hGTlC1QV6xnRmlZLorAoftGb8jTg=,iv:rNbE0tfJKTjo0pPwfw3oKxOZmSO9PGgW/xDo9zi8lCU=,tag:ZT4mfXaToiR6SjzOwSz4HA==,type:str] +ireguard: ENC[AES256_GCM,data:wBeMFAZ1Dib84bIzQ3m0DiVpz92ZqvJiDz+IXV5rLtJ3OjpNFqbiTSVZnlU=,iv:mJqbXafDv0FqUlY1s69DXbcN7Sd+rxas7IPefFKsMNE=,tag:Ic94bnY0MULfow70KkBWmA==,type:str] nextcloud-adminpass: ENC[AES256_GCM,data:5vohRPEcJJ8gIRro38O73ufSYYEp1DXpBgjCPdPnMcg=,iv:STh3k5wUwx3AfSDTPCXhuXbPb3d+Vi1cAaQN2a9eW1w=,tag:Ef/Z2Idvl6575Jvs2GDJ8A==,type:str] jwt: ENC[AES256_GCM,data:1Qn7DaBZr8vEa8VZiv2BpwePPOBYRTdHEiDv0asUbvhCtfHvhG4mX5/plyRPlQok6FLEjEzKZTEdnvyyOtFEgA==,iv:kqfHkEr0jkKAro9gQup6CeopQnjfMGhEqbVL81wnDgc=,tag:gP/WACy5cOzzmQOh1v8wsQ==,type:str] lldap-database: ENC[AES256_GCM,data:rNLS4WwvqRd3TFWDXaf8UmDTRsHZNPPS,iv:URV4Oz4ik2vHb03+Zh7ND+AbozSmoXpxENpvad4yvRI=,tag:6TbuMCnHwtTaG5mMWVN/mQ==,type:str] @@ -8,6 +8,16 @@ ldap-master: ENC[AES256_GCM,data:jiinK8xzuKiTwB9k44okgj+sWWEgbeay,iv:Slvci3EBylI elements: ENC[AES256_GCM,data:Kh6ueReXpj9h5yQ3P0qY8X1ow4RRZD9zyXZLS6DUIIVuthgqgu9dPzBc7ojnz6nXoYTHt1I2LJJKLOGQYZC+iVxXOk+QADJMPwY4NCyeZ3prgvYMghlD,iv:WFA/UQ0XDFjpbgaDEacrBxkteLitXv3CJP54ANVSJHM=,tag:M+tTpTR0alvQxvUiP2MWlA==,type:str] users: materus: ENC[AES256_GCM,data:MhPrMJ4/0oxEsFZDUKcYb3WMUWLI2ZbRTgnh1fQZG1Ly2J781jcUWtA8vVAdMBedNfWky0mDq5+KEQ/2fJNGU4IkTBvLdAqnWw==,iv:Dpl+M+x1weNIVkEsf3I/uXpG0SM6bDz+d9w7AYwn/MY=,tag:yGc1D2ODp6Te/QAztOj7yA==,type:str] +maloja: ENC[AES256_GCM,data:V/WV0181zupKLiDtf5pinwYFFzL1hg+j,iv:KmGHapsD7thnmgkHwnTYFP/fvBS6dft9ZmmFN4AZEXs=,tag:uEmZaFkvBIQfu+3+0gQFlg==,type:str] +maloja-api: ENC[AES256_GCM,data:8vLC1a5pL8ldS7LWXqA/HOqtnyYFQk7/oisGgOOYH7TtnpBL93I2O3mWQIGCZUwWqMWFLvbOxIAnpoS0Qmg=,iv:swziHFypoh1YZkyEpDhqH2BhqUrWi0J63CqzORyY4s4=,tag:B9kkYHqyWP0KGPMD4S1I1A==,type:str] +spotify-client-id: ENC[AES256_GCM,data:2vC2E7rHBrZ2VHTGqYRJp1fWNWprDaYq4J6gJ7tTfF0=,iv:KQJgzUiD70N2vQeTO9r8ucC96xc9mSW9VlU2IGmKT7Y=,tag:kWR+1Hhb4yGK/AAqxMCd3A==,type:str] +spotify-client-secret: ENC[AES256_GCM,data:MKHo36AF1hHiXERltKdeMiuMhiGyyH8E3TqQfTf1tqc=,iv:/dPWUqjDtxZUOLZRx2lrHuU5Sf2fch2Fvnl+20KZ5dk=,tag:ZgsbCFBNHXSUuHbdSlrm4w==,type:str] +lastfm-user: ENC[AES256_GCM,data:o/FUjIiB9PcFTQ==,iv:UtovNmHISz9jUj+HFZPIduZj6h3ayjA5RyVlh11k8LM=,tag:bS3ReGR2BRcs3lcutt95UQ==,type:str] +lastfm-pass: ENC[AES256_GCM,data:g90kxN+HkSqN+B9XFH6AvbD376bHFPVI,iv:ZRxKxdKXIgKOm7TKKPLR1yLzTBjuCWQk4tTJN5d/0N4=,tag:soIJI75WAhoiXwVYlxkmQA==,type:str] +lastfm-api: ENC[AES256_GCM,data:UxGOqFEsjDb5zBXjm6G+66zlr5M0pk/NdTad3a5MBVE=,iv:3v9Lg0bjmlAhcSOjCW44CN7FezSdNG3KVVLrk1G9Ies=,tag:amgDr25PYiB+E7+D/fVEOw==,type:str] +lastfm-secret: ENC[AES256_GCM,data:z+XqodyRm9qnZwYwdON/KwAQ3E6hSI+mA0Nby0PQVT4=,iv:sY3Eqr7ZCx5lwjZaRFSghx/3OjuWlDQHQywgt7LpoIo=,tag:f7j1PFanHfLdDK+ASusCMA==,type:str] +lastfm-token: ENC[AES256_GCM,data:X877lDOXtou5OF0KbkvuJ4rhJ+3IY5XnyXlqq4LuSb8=,iv:f8t36ut6zlHvBuKGmJabyc9nHViQvUcqNvCVy0YIeB8=,tag:0h9Jm1h2cxegUXXk6UTz9Q==,type:str] +listenbrainz-api: ENC[AES256_GCM,data:eh03MPc5kn7CUDXXnEJTx4DXv9BpyabyRL+ENDFJw+kS66tV,iv:gerOaZ3gqM7ccLursFuCJrW1HcSjlTGk0wOLM8x4/2A=,tag:ZqxYNlgdqV0zRUUHm7VK3Q==,type:str] sops: kms: [] gcp_kms: [] @@ -23,8 +33,8 @@ sops: eFN4VVdUMkVjcTVWNFdLM0xtbExLdncK6LYUufWzIcd2jFyEeZDypo0xkJQ4z91F ULyGxJLLWl6/inYXtxHNdxIIPfwW+5yppBAbXaOgvABi1E7tf1JZcA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-07-21T22:14:08Z" - mac: ENC[AES256_GCM,data:DKI+SljQTH+5T7wtIfYRzNK+W5qQoxQ7E/6b9S7cptAsccdZhupWmVzHlwUlk5MFm92r0Qy3A6B/qV8Dashf6ABmjfnDuysvPoI5O45xE0Qs3TEyPKAbPV07FVi6lDHInEOznNAr6vhEN1Bhveg+ByyVeo+C5C5b+U7Qvx5KESM=,iv:B6xX7/u1ZHOPbEheFSpDeaRey3SP9bZMnDARc5xvzRM=,tag:nux6gkIfodj/4JedkBXWkQ==,type:str] + lastmodified: "2024-09-10T12:55:49Z" + mac: ENC[AES256_GCM,data:/YXB4vQxd5+ZZrkqKFVYIcNJF4j8PricarHyi0ESi4HXr00Efnat+NnoM74Sy/ukrKIJOKBKVVWmmEW8uFCK4H+kJrMkdagALhsjMkeMSB23cmP8nLbCus5QPhX3bSpkZwYNuspmEYN1cQCHvaLC5Eus+YIi92L+KqHsWJS71iM=,iv:OIwGUDG63wbaxCaLpkior76Ckyql2c4was4PXEc1miY=,tag:lwM1QRCEc6zX9a+yv0mN8A==,type:str] pgp: - created_at: "2024-03-21T18:15:00Z" enc: |- diff --git a/configurations/host/waffentrager/services/default.nix b/configurations/host/waffentrager/services/default.nix index fc78014..675318a 100644 --- a/configurations/host/waffentrager/services/default.nix +++ b/configurations/host/waffentrager/services/default.nix @@ -2,16 +2,17 @@ { imports = [ - ./elements.nix - ./postgresql.nix - ./mount-acme.nix - ./gitea.nix - ./nginx.nix - ./nextcloud.nix - ./samba.nix - ./syncthing.nix - ./jellyfin.nix + ./storage/elements.nix + ./storage/mount-acme.nix + ./storage/gitea.nix + ./storage/nextcloud.nix + ./storage/samba.nix + ./storage/syncthing.nix + ./multimedia/jellyfin.nix + ./multimedia/scrobbling.nix ./monitoring.nix + ./nginx.nix + ./postgresql.nix ./auth ]; waffentragerService.elements.enable = true; @@ -22,6 +23,8 @@ waffentragerService.nextcloud.enable = true; waffentragerService.samba.enable = true; waffentragerService.jellyfin.enable = true; + waffentragerService.scrobbling.enable = true; + waffentragerService.syncthing.enable = true; waffentragerService.monitoring.enable = true; } \ No newline at end of file diff --git a/configurations/host/waffentrager/services/jellyfin.nix b/configurations/host/waffentrager/services/multimedia/jellyfin.nix similarity index 100% rename from configurations/host/waffentrager/services/jellyfin.nix rename to configurations/host/waffentrager/services/multimedia/jellyfin.nix diff --git a/configurations/host/waffentrager/services/multimedia/scrobbling.nix b/configurations/host/waffentrager/services/multimedia/scrobbling.nix new file mode 100644 index 0000000..b57a606 --- /dev/null +++ b/configurations/host/waffentrager/services/multimedia/scrobbling.nix @@ -0,0 +1,120 @@ +{ config, pkgs, lib, materusArg, ... }: +{ + options.waffentragerService.scrobbling.enable = materusArg.pkgs.lib.mkBoolOpt false "Enable scrobbling"; + + + + + config = + let + cfg = config.waffentragerService.scrobbling; + in + + + #### MALOJA + lib.mkIf cfg.enable { + sops.templates."maloja.env".content = '' + MALOJA_DATA_DIRECTORY=/data + MALOJA_DIRECTORY_CONFIG=/data/config + MALOJA_DIRECTORY_STATE=/data/state + MALOJA_DIRECTORY_CACHE=/data/cache + MALOJA_NAME="Melody" + MALOJA_LASTFM_USERNAME=${config.sops.placeholder.lastfm-user} + MALOJA_LASTFM_PASSWORD=${config.sops.placeholder.lastfm-pass} + MALOJA_LASTFM_API_KEY=${config.sops.placeholder.lastfm-api} + MALOJA_LASTFM_API_SECRET=${config.sops.placeholder.lastfm-secret} + MALOJA_LASTFM_API_SK=${config.sops.placeholder.lastfm-token} + MALOJA_SKIP_SETUP=yes + MALOJA_FORCE_PASSWORD=${config.sops.placeholder.maloja} + MALOJA_SPOTIFY_API_ID=${config.sops.placeholder.spotify-client-id} + MALOJA_SPOTIFY_API_SECRET=${config.sops.placeholder.spotify-client-secret} + ''; + + virtualisation.oci-containers.containers.maloja = { + image = "krateng/maloja:latest"; + ports = [ + "42010:42010" + ]; + volumes = [ + "${config.waffentragerService.elements.malojaDir}:/data" + ]; + environmentFiles = [ + config.sops.templates."maloja.env".path + ]; + }; + systemd.services."${config.virtualisation.oci-containers.backend}-maloja" = { + requires = [ "elements-mount.service" ]; + after = [ "elements-mount.service" ]; + }; + + #### MULTI SCROBBLER + sops.templates."multi-scrobbler.env".content = '' + BASE_URL="https://melody.materus.pl/multi-scrobbler" + TC=Europe/Warsaw + + JELLYFIN_SERVER="https://noot.materus.pl/" + SPOTIFY_CLIENT_ID=${config.sops.placeholder.spotify-client-id} + SPOTIFY_CLIENT_SECRET=${config.sops.placeholder.spotify-client-secret} + MALOJA_URL="https://melody.materus.pl" + MALOJA_API_KEY="${config.sops.placeholder.maloja-api}" + LASTFM_API_KEY=${config.sops.placeholder.lastfm-api} + LASTFM_SECRET=${config.sops.placeholder.lastfm-secret} + ''; + virtualisation.oci-containers.containers.multi-scrobbler = { + image = "foxxmd/multi-scrobbler:latest"; + ports = [ + "42011:9078" + ]; + volumes = [ + "${config.waffentragerService.elements.malojaDir}/multi-scrobbler:/data" + ]; + environmentFiles = [ + config.sops.templates."multi-scrobbler.env".path + ]; + }; + + + + #### Proxy + services.nginx.virtualHosts = { + "melody.materus.pl" = { + sslTrustedCertificate = "/var/lib/mnt_acme/materus.pl/chain.pem"; + sslCertificateKey = "/var/lib/mnt_acme/materus.pl/key.pem"; + sslCertificate = "/var/lib/mnt_acme/materus.pl/fullchain.pem"; + addSSL = true; + http2 = false; + http3 = true; + # Maloja + locations."/" = { + proxyPass = "http://127.0.0.1:42010"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Ssl on; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + ''; + }; + + locations."/multi-scrobbler" = { + proxyPass = "http://127.0.0.1:42011"; + extraConfig = '' + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Ssl on; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + ''; + }; + + }; + + }; + + + }; +} diff --git a/configurations/host/waffentrager/services/elements.nix b/configurations/host/waffentrager/services/storage/elements.nix similarity index 88% rename from configurations/host/waffentrager/services/elements.nix rename to configurations/host/waffentrager/services/storage/elements.nix index 676e205..1f6ec3e 100644 --- a/configurations/host/waffentrager/services/elements.nix +++ b/configurations/host/waffentrager/services/storage/elements.nix @@ -7,6 +7,8 @@ options.waffentragerService.elements.nextcloudDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/nextcloud"; }; options.waffentragerService.elements.lldapDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/lldap"; }; options.waffentragerService.elements.jellyfinDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/jellyfin"; }; + options.waffentragerService.elements.malojaDir = lib.mkOption { default = "${config.waffentragerService.elements.path}/services/maloja"; }; + config = let cfg = config.waffentragerService.elements; @@ -35,8 +37,12 @@ '' + lib.optionalString config.waffentragerService.jellyfin.enable '' mkdir -p ${cfg.jellyfinDir} chown -R materus:nextcloud ${cfg.jellyfinDir} + '' + lib.optionalString config.waffentragerService.scrobbling.enable '' + mkdir -p ${cfg.malojaDir}/multi-scrobbler + chown -R ${cfg.malojaDir} '' + ; preStop = '' umount ${cfg.path} diff --git a/configurations/host/waffentrager/services/gitea.nix b/configurations/host/waffentrager/services/storage/gitea.nix similarity index 100% rename from configurations/host/waffentrager/services/gitea.nix rename to configurations/host/waffentrager/services/storage/gitea.nix diff --git a/configurations/host/waffentrager/services/mount-acme.nix b/configurations/host/waffentrager/services/storage/mount-acme.nix similarity index 100% rename from configurations/host/waffentrager/services/mount-acme.nix rename to configurations/host/waffentrager/services/storage/mount-acme.nix diff --git a/configurations/host/waffentrager/services/nextcloud.nix b/configurations/host/waffentrager/services/storage/nextcloud.nix similarity index 100% rename from configurations/host/waffentrager/services/nextcloud.nix rename to configurations/host/waffentrager/services/storage/nextcloud.nix diff --git a/configurations/host/waffentrager/services/samba.nix b/configurations/host/waffentrager/services/storage/samba.nix similarity index 100% rename from configurations/host/waffentrager/services/samba.nix rename to configurations/host/waffentrager/services/storage/samba.nix diff --git a/configurations/host/waffentrager/services/syncthing.nix b/configurations/host/waffentrager/services/storage/syncthing.nix similarity index 100% rename from configurations/host/waffentrager/services/syncthing.nix rename to configurations/host/waffentrager/services/storage/syncthing.nix