backwards: Enable jellyseerr for jellyfin

backwards: Enable radarr for jellyfin
backwards: Enable sonarr for jellyfin
2024-09-17 21:11:31 +02:00 · 2024-09-17 21:11:31 +02:00 · 2024-09-17 21:11:31 +02:00 · 2024-09-17 21:11:31 +02:00 · 2024-09-17 21:11:31 +02:00 · 2024-09-17 21:11:31 +02:00
20 changed files with 211 additions and 148 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -54,11 +54,11 @@
        "nixpkgs-stable": "nixpkgs-stable"
      },
      "locked": {
-        "lastModified": 1725470024,
-        "narHash": "sha256-i2iWRFWaTCahFz9B2vKqIqpPimL/yn1zX3lZ2EkBzc0=",
+        "lastModified": 1726477211,
+        "narHash": "sha256-42boTsTLIUxalTeJSRWiTRCs30wfXu8KTDLbZc32BBk=",
        "owner": "nix-community",
        "repo": "emacs-overlay",
-        "rev": "8a94f9d557f3f8b372f03f18b2e1be3820d7da7f",
+        "rev": "f4acc62c00a67e5b71ce11e0ee2c3e1b3928c681",
        "type": "github"
      },
      "original": {
@@ -113,11 +113,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1725180166,
-        "narHash": "sha256-fzssXuGR/mCeGbzM1ExaTqDz7QDGta3WA4jJsZyRruo=",
+        "lastModified": 1726440980,
+        "narHash": "sha256-ChhIrjtdu5d83W+YDRH+Ec5g1MmM0xk6hJnkz15Ot7M=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "471e3eb0a114265bcd62d11d58ba8d3421ee68eb",
+        "rev": "a9c9cc6e50f7cbd2d58ccb1cd46a1e06e9e445ff",
        "type": "github"
      },
      "original": {
@@ -133,11 +133,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1725276753,
-        "narHash": "sha256-kcV2M7xIoQvLRIrMndysM4E0d2zGSwIDejamT4LKnDg=",
+        "lastModified": 1725551787,
+        "narHash": "sha256-6LgsZHz8w3g4c9bRUwRAR+WIMwFGGf3P1VZQcKNRf2o=",
        "owner": "hyprwm",
        "repo": "contrib",
-        "rev": "ae618eafa81b596db034c5df1d75d4eddf785824",
+        "rev": "1e531dc49ad36c88b45bf836081a7a2c8927e072",
        "type": "github"
      },
      "original": {
@@ -153,11 +153,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1725287741,
-        "narHash": "sha256-ZxyB7BwxQjoMz5lUnsb+KuTWfRyPtJVqEjnlOoABSUE=",
+        "lastModified": 1725746760,
+        "narHash": "sha256-p38Uini6lChBCF0mZndHXTAy7ZH/OQLY696BFCHg92g=",
        "owner": "viperML",
        "repo": "nh",
-        "rev": "5dd64eb04fddeac2eb08c018212cc58978934920",
+        "rev": "7650b372e55a36d7765ee0a5e59b142731bc8b3d",
        "type": "github"
      },
      "original": {
@@ -183,11 +183,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1725470640,
-        "narHash": "sha256-xaIvCE8ZP65fj2HR7DlDX+iJMBxasfjEv+zc6Cuwf3I=",
+        "lastModified": 1726489388,
+        "narHash": "sha256-JBHtN+n1HzKawpnOQAz6jdgvrtYV9c/kyzgoIdguQGo=",
        "owner": "nixos",
        "repo": "nixos-hardware",
-        "rev": "ace1cedf3ecfbac81b29522d71009878951a69eb",
+        "rev": "dc8b0296f68f72f3fe77469c549a6f098555c2e9",
        "type": "github"
      },
      "original": {
@@ -199,11 +199,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1725103162,
-        "narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
+        "lastModified": 1726243404,
+        "narHash": "sha256-sjiGsMh+1cWXb53Tecsm4skyFNag33GPbVgCdfj3n9I=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "12228ff1752d7b7624a54e9c1af4b222b3c1073b",
+        "rev": "345c263f2f53a3710abe117f28a5cb86d0ba4059",
        "type": "github"
      },
      "original": {
@@ -215,11 +215,11 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1725001927,
-        "narHash": "sha256-eV+63gK0Mp7ygCR0Oy4yIYSNcum2VQwnZamHxYTNi+M=",
+        "lastModified": 1726320982,
+        "narHash": "sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "6e99f2a27d600612004fbd2c3282d614bfee6421",
+        "rev": "8f7492cce28977fbf8bd12c72af08b1f6c7c3e49",
        "type": "github"
      },
      "original": {
@@ -242,12 +242,12 @@
        "rev": "662a254ea8065a0f104ccf5a46b59252e1e08b58",
        "revCount": 54,
        "type": "git",
-        "url": "ssh://git@codeberg.org/ppp/ppp.pm-site.git"
+        "url": "ssh://gitea@git.ppp.pm:1122/alex/ppp.pm-site.git"
      },
      "original": {
        "ref": "main",
        "type": "git",
-        "url": "ssh://git@codeberg.org/ppp/ppp.pm-site.git"
+        "url": "ssh://gitea@git.ppp.pm:1122/alex/ppp.pm-site.git"
      }
    },
    "root": {
--- a/flake.nix
+++ b/flake.nix
@@ -34,7 +34,7 @@
    };

    pppdotpm-site = {
-      url = "git+ssh://git@codeberg.org/ppp/ppp.pm-site.git?ref=main";
+      url = "git+ssh://gitea@git.ppp.pm:1122/alex/ppp.pm-site.git?ref=main";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };
--- a/hosts/backwards/modules/default.nix
+++ b/hosts/backwards/modules/default.nix
@@ -12,6 +12,7 @@ in

      ssh.enable = true;
      git.enable = true;
+      nginx.enable = true;
      syncthing.enable = true;
      restic.enable = true;
      transmission.enable = true;
--- a/hosts/backwards/modules/jellyfin/default.nix
+++ b/hosts/backwards/modules/jellyfin/default.nix
@@ -1,4 +1,12 @@
-{ pkgs, ... }:
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+let
+  nginxEnabled = config.mod.nginx.enable;
+in
 {
  fileSystems."/home/alex/media" = {
    device = "/dev/disk/by-uuid/ad4acc0f-172c-40f8-8473-777c957e8764";
@@ -26,7 +34,8 @@
    };
  };

-  services.jellyfin = {
+  services = {
+    jellyfin = {
      enable = true;
      openFirewall = true;

@@ -36,6 +45,40 @@
      dataDir = "/home/alex/media/jellyfin";
    };

+    prowlarr.enable = true;
+
+    sonarr = {
+      enable = true;
+
+      user = "alex";
+      group = "users";
+    };
+
+    radarr = {
+      enable = true;
+
+      user = "alex";
+      group = "users";
+    };
+
+    jellyseerr.enable = true;
+
+    nginx = lib.mkIf nginxEnabled {
+      virtualHosts."jelly.ppp.pm" = {
+        locations = {
+          "/" = {
+            proxyPass = "http://127.0.0.1:8096";
+          };
+
+          "/socket" = {
+            proxyPass = "http://127.0.0.1:8096";
+            proxyWebsockets = true;
+          };
+        };
+      };
+    };
+  };
+
  environment.systemPackages = [
    pkgs.jellyfin
    pkgs.jellyfin-web
--- a/hosts/backwards/modules/nginx/default.nix
+++ b/hosts/backwards/modules/nginx/default.nix
@@ -0,0 +1,22 @@
+{ lib, config, ... }:
+let
+  enabled = config.mod.nginx.enable;
+in
+{
+  options = {
+    mod.nginx = {
+      enable = lib.mkEnableOption "Enable nginx module";
+    };
+  };
+
+  config = lib.mkIf enabled {
+    services = {
+      nginx = {
+        enable = true;
+
+        recommendedProxySettings = true;
+        recommendedTlsSettings = true;
+      };
+    };
+  };
+}
--- a/hosts/backwards/modules/transmission/default.nix
+++ b/hosts/backwards/modules/transmission/default.nix
@@ -6,6 +6,8 @@
 }:
 let
  enabled = config.mod.transmission.enable;
+
+  nginxEnabled = config.mod.nginx.enable;
 in
 {
  options = {
@@ -42,6 +44,14 @@ in
          rpc-password = "{55d884e4042db67313da49e05d7089a368eb64b3Br.3X.Xi";
        };
      };
+
+      nginx = lib.mkIf nginxEnabled {
+        virtualHosts."ts.ppp.pm" = {
+          locations."/" = {
+            proxyPass = "http://localhost:9191";
+          };
+        };
+      };
    };
  };
 }
--- a/hosts/pinwheel/hardware-configuration.nix
+++ b/hosts/pinwheel/hardware-configuration.nix
@@ -36,7 +36,12 @@
    fsType = "vfat";
  };

-  swapDevices = [ ];
+  swapDevices = [
+    {
+      device = "/swapfile";
+      size = 24 * 1024; # 24GB
+    }
+  ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
--- a/hosts/pinwheel/modules/default.nix
+++ b/hosts/pinwheel/modules/default.nix
@@ -27,7 +27,6 @@ in
      zsh.enable = true;

      openvpn.enable = true;
-      mullvad.enable = true;

      c.enable = true;
      go.enable = true;
--- a/hosts/pinwheel/modules/games/default.nix
+++ b/hosts/pinwheel/modules/games/default.nix
@@ -1,16 +1,6 @@
 { pkgs, ... }:
 {
  home-manager.users.alex = {
-    home.packages = [
-      pkgs.brogue-ce
-
-      (pkgs.retroarch.override {
-        cores = [
-          pkgs.libretro.genesis-plus-gx
-          pkgs.libretro.snes9x
-          pkgs.libretro.dolphin
-        ];
-      })
-    ];
+    home.packages = [ pkgs.brogue-ce ];
  };
 }
--- a/hosts/pinwheel/modules/git/gitconfig
+++ b/hosts/pinwheel/modules/git/gitconfig
@@ -5,9 +5,6 @@
 [url "git@github.com:"]
    insteadOf = https://github.com/

-[url "git@gitlab.com:"]
-    insteadOf = https://gitlab.com/
-
 [url "git@codeberg.org:"]
    insteadOf = https://codeberg.org/

--- a/hosts/pinwheel/modules/mullvad/default.nix
+++ b/hosts/pinwheel/modules/mullvad/default.nix
@@ -1,35 +0,0 @@
-{
-  pkgs,
-  lib,
-  config,
-  ...
-}:
-let
-  enabled = config.mod.mullvad.enable;
-in
-{
-  options = {
-    mod.mullvad = {
-      enable = lib.mkEnableOption "enable mullvad module";
-    };
-  };
-
-  config = lib.mkIf enabled {
-    services.mullvad-vpn = {
-      enable = true;
-      package = pkgs.mullvad-vpn;
-    };
-
-    age.secrets = {
-      "mullvad-device" = {
-        file = ../../../../secrets/pinwheel/mullvad-device.age;
-        path = "/etc/mullvad-vpn/device.json";
-      };
-
-      "mullvad-account-history" = {
-        file = ../../../../secrets/pinwheel/mullvad-account-history.age;
-        path = "/etc/mullvad-vpn/account-history.json";
-      };
-    };
-  };
-}
--- a/hosts/pinwheel/modules/waybar/default.nix
+++ b/hosts/pinwheel/modules/waybar/default.nix
@@ -40,47 +40,45 @@ let
    fi
  '';

-  mullvad = pkgs.writeShellScript "mullvad" ''
-    STATUS_DISCONNECTING="Disconnecting"
-    STATUS_DISCONNECTED="Disconnected"
-    STATUS_CONNECTING="Connecting"
-    STATUS_CONNECTED="Connected"
-
-    status() {
-      STATUS=$(${pkgs.mullvad}/bin/mullvad status | ${pkgs.gawk}/bin/awk 'NR==1{print $1}')
-      echo $STATUS
-    }
+  tailscale = pkgs.writeShellScript "tailscale" ''
+    STATUS_STOPPED="Tailscale is stopped."

    output() {
-      case $(status) in
-        $STATUS_DISCONNECTED)
-          echo '{ "text": "", "class": "disconnected" }' ;;
-        $STATUS_CONNECTING)
-          echo '{ "text": "", "tooltip": "Connecting", "class": "disconnected" }' ;;
-        $STATUS_CONNECTED)
-          TOOLTIP=$(${pkgs.mullvad}/bin/mullvad status | ${pkgs.gawk}/bin/awk 'NR==1')
-          echo "{ \"text\": \"\", \"tooltip\":\"$TOOLTIP\" }" ;;
-        $STATUS_DISCONNECTING)
-          echo '{ "text": "", "tooltip": "Disconnecting", "class": "disconnected" }' ;;
+      STATUS=$(tailscale status)
+
+      case $STATUS in
+        $STATUS_STOPPED)
+          echo '{ "text": "", "class": "disconnected" }' ;;
        *)
-          echo '{ "text": "", "tooltip": "Status unknown", "class": "disconnected" }' ;;
+          EXIT_NODE=$(tailscale status --json | ${pkgs.jq}/bin/jq .ExitNodeStatus)
+
+          EXIT_NODE_ONLINE=$(echo $EXIT_NODE | ${pkgs.jq}/bin/jq .Online)
+          if [ "$EXIT_NODE_ONLINE" == "null" ]; then
+            echo '{ "text": "", "class": "disconnected" }'
+            exit 0
+          fi
+
+          EXIT_NODE_ID=$(echo $EXIT_NODE | ${pkgs.jq}/bin/jq .ID)
+          EXIT_NODE_NAME=$(tailscale status --json | ${pkgs.jq}/bin/jq ".Peer.[] | select(.ID == $EXIT_NODE_ID) | .HostName")
+          echo "{ \"text\": \"\", \"tooltip\": $EXIT_NODE_NAME }"
+          ;;
      esac
    }

-    toggle() {
-      CURRENT_STATUS=$(status)
+    toggle-exit-node() {
+      PREFERRED_EXIT_NODE=$(${pkgs.coreutils}/bin/cat ${config.age.secrets.tailscale-preferred-exit-node.path})

-      case "$CURRENT_STATUS" in
-        $STATUS_DISCONNECTED)
-          ${pkgs.mullvad}/bin/mullvad connect --wait > /dev/null && ${pkgs.libnotify}/bin/notify-send "Connected to VPN";;
-        $STATUS_CONNECTED)
-          ${pkgs.mullvad}/bin/mullvad disconnect --wait > /dev/null && ${pkgs.libnotify}/bin/notify-send "Disconnected from VPN";;
-      esac
+      EXIT_NODE_ONLINE=$(tailscale status --json | ${pkgs.jq}/bin/jq .ExitNodeStatus.Online)
+      if [ "$EXIT_NODE_ONLINE" == "true" ]; then
+        tailscale set --exit-node="" && ${pkgs.libnotify}/bin/notify-send "Disconnected from Exit Node"
+      else
+        tailscale set --exit-node=$PREFERRED_EXIT_NODE && ${pkgs.libnotify}/bin/notify-send "Connected to Exit Node"
+      fi
    }

    case $1 in
-      --toggle)
-          toggle ;;
+      --toggle-exit-node)
+        toggle-exit-node ;;
      --output)
        output ;;
    esac
@@ -131,9 +129,9 @@ in
            "custom/spotify"
            "custom/container-status"
            "custom/dunst"
-            "custom/mullvad"
            "bluetooth"
            "wireplumber"
+            "custom/tailscale"
            "network"
            "battery"
            "clock"
@@ -141,12 +139,12 @@ in

          "custom/work-vpn-status" = {
            exec = "${work-vpn-status}";
-            interval = 1;
+            interval = 2;
          };

          "custom/spotify" = {
            exec = spotify-status;
-            interval = 1;
+            interval = 2;
            max-length = 70;
            tooltip = false;
          };
@@ -154,21 +152,21 @@ in
          "custom/container-status" = {
            exec = "${container-status}";
            return-type = "json";
-            interval = 1;
+            interval = 2;
          };

          "custom/dunst" = {
            exec = notifications-status;
            on-click-right = "${pkgs.dunst}/bin/dunstctl set-paused toggle";
-            interval = 1;
+            interval = 2;
            tooltip = false;
          };

-          "custom/mullvad" = {
-            exec = "${mullvad} --output";
+          "custom/tailscale" = {
+            exec = "${tailscale} --output";
            return-type = "json";
-            on-click-right = "${mullvad} --toggle";
-            interval = 1;
+            on-click-right = "${tailscale} --toggle-exit-node";
+            interval = 2;
          };

          bluetooth = {
@@ -234,7 +232,7 @@ in

          "custom/work-vpn-status" = {
            exec = "${work-vpn-status}";
-            interval = 1;
+            interval = 2;
          };

          "clock" = {
@@ -279,7 +277,11 @@ in
          color: #${config.lib.colors.warning};
        }

-        #custom-mullvad.disconnected {
+        #custom-tailscale {
+          font-size: 30px;
+        }
+
+        #custom-tailscale.disconnected {
          color: #${config.lib.colors.warning};
        }

@@ -298,4 +300,12 @@ in
      '';
    };
  };
+
+  age.secrets = {
+    "tailscale-preferred-exit-node" = {
+      file = ../../../../secrets/pinwheel/tailscale-preferred-exit-node.age;
+      owner = "alex";
+      group = "users";
+    };
+  };
 }
--- a/hosts/tadpole/modules/certs/default.nix
+++ b/hosts/tadpole/modules/certs/default.nix
@@ -1,16 +1,20 @@
 { ... }:
 {
  security.acme = {
+    acceptTerms = true;
+
+    defaults = {
+      email = "acme@ppp.pm";
+    };
+
    certs = {
      "ppp.pm" = {
        webroot = "/var/lib/acme/acme-challenge/";
-        email = "p@ppp.pm";
        group = "nginx";
      };

      "git.ppp.pm" = {
        webroot = "/var/lib/acme/acme-challenge/";
-        email = "p@ppp.pm";
        group = "nginx";
      };
    };
--- a/hosts/tadpole/modules/gitea/default.nix
+++ b/hosts/tadpole/modules/gitea/default.nix
@@ -43,14 +43,6 @@ in
        assertion = conf.baseDomain != "";
        message = "Option 'mod.gitea.baseDomain' cannot be empty";
      }
-      {
-        assertion = builtins.hasAttr gitDomain config.security.acme.certs;
-        message = "There is no cert configured for ${gitDomain} used by gitea";
-      }
-      {
-        assertion = conf.webfingerEnable && builtins.hasAttr conf.baseDomain config.security.acme.certs;
-        message = "There is no cert configured for ${conf.baseDomain} used by webfinger";
-      }
      {
        assertion = conf.webfingerEnable && conf.webfingerAccounts != [ ];
        message = "Option 'mod.gitea.webfingerAccounts' cannot be empty";
--- a/hosts/tadpole/modules/nginx/default.nix
+++ b/hosts/tadpole/modules/nginx/default.nix
@@ -10,16 +10,6 @@ in
  };

  config = lib.mkIf enabled {
-    security = {
-      acme = {
-        acceptTerms = true;
-
-        defaults = {
-          email = "p@ppp.pm";
-        };
-      };
-    };
-
    services = {
      nginx = {
        enable = true;
--- a/hosts/tadpole/modules/ssh/default.nix
+++ b/hosts/tadpole/modules/ssh/default.nix
@@ -23,6 +23,11 @@ in
        enable = true;

        matchBlocks = {
+          "git.ppp.pm" = {
+            hostname = "git.ppp.pm";
+            identityFile = "/home/alex/.ssh/alex.tadpole-git.ppp.pm";
+          };
+
          "codeberg.org" = {
            hostname = "codeberg.org";
            identityFile = "/home/alex/.ssh/alex.tadpole-codeberg.org";
@@ -84,6 +89,19 @@ in
        path = "${authorizedKeysPath}/alex.pinwheel-tadpole.pub";
      };

+      "alex.tadpole-git.ppp.pm" = {
+        file = ../../../../secrets/tadpole/alex.tadpole-git.ppp.pm.age;
+        path = "/home/alex/.ssh/alex.tadpole-git.ppp.pm";
+        owner = "alex";
+        group = "users";
+      };
+      "alex.tadpole-git.ppp.pm.pub" = {
+        file = ../../../../secrets/tadpole/alex.tadpole-git.ppp.pm.pub.age;
+        path = "/home/alex/.ssh/alex.tadpole-git.ppp.pm.pub";
+        owner = "alex";
+        group = "users";
+      };
+
      "alex.tadpole-codeberg.org" = {
        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.age;
        path = "/home/alex/.ssh/alex.tadpole-codeberg.org";
--- a/secrets/pinwheel/tailscale-preferred-exit-node.age
+++ b/secrets/pinwheel/tailscale-preferred-exit-node.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 vxPbZg Tzh50F+UxH7KF782cHBQXVg4nweNTZz+epW7FxRKd1o
+msJg9fkg3eBfKCkFy01BLcMqZgOTN8UGRK15KTuLV1U
+-> ssh-ed25519 +oNaHQ 66eLCU7O4ahGYnVAM5YwtICh7qRdyRiME/eDzUBzkXM
+14tydJ+4YWV3HlWZmdae/2GHwTRgDUrWZHqYSFrXo/U
+--- JT0KTZo3ZXYe7UEXQd1ge12/Vc+fSZWB7+tQiG7UYb4
+<EFBFBD><EFBFBD>ojgo<67><6F>md'<27><><EFBFBD>42<34><32><EFBFBD><EFBFBD>-<2D>i<EFBFBD>B<03><>C[D<><44><EFBFBD>?P<>!w<>⺤<EFBFBD>p<EFBFBD>Ӂ,{<7B>hn|Pqf<71>
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -7,8 +7,7 @@ let
 in {
  "pinwheel/syncthing-cert.age".publicKeys = [ pinwheel alex ];
  "pinwheel/syncthing-key.age".publicKeys = [ pinwheel alex ];
-  "pinwheel/mullvad-device.age".publicKeys = [ pinwheel alex ];
-  "pinwheel/mullvad-account-history.age".publicKeys = [ pinwheel alex ];
+  "pinwheel/tailscale-preferred-exit-node.age".publicKeys = [ pinwheel alex ];
  "pinwheel/alex.pinwheel-backwards.age".publicKeys = [ pinwheel alex ];
  "pinwheel/alex.pinwheel-backwards.pub.age".publicKeys = [ pinwheel backwards alex ];
  "pinwheel/alex.pinwheel-tadpole.age".publicKeys = [ pinwheel alex ];
@@ -45,5 +44,7 @@ in {
  "tadpole/root.tadpole.pub.age".publicKeys = [ tadpole alex ];
  "tadpole/alex.tadpole-codeberg.org.age".publicKeys = [ tadpole alex ];
  "tadpole/alex.tadpole-codeberg.org.pub.age".publicKeys = [ tadpole alex ];
+  "tadpole/alex.tadpole-git.ppp.pm.age".publicKeys = [ tadpole alex ];
+  "tadpole/alex.tadpole-git.ppp.pm.pub.age".publicKeys = [ tadpole alex ];
  "tadpole/gitea-dbpassword.age".publicKeys = [ tadpole alex ];
 }
--- a/secrets/tadpole/alex.tadpole-git.ppp.pm.age
+++ b/secrets/tadpole/alex.tadpole-git.ppp.pm.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 5R7G9A SjTykRW7aC2zFTfn1iwWLyL7c3vch2CkXFeuK2DoGho
+kB7DS7oisvaXAT3e/5TjGJ+2fh6cBYPNV1RroqiHmHY
+-> ssh-ed25519 +oNaHQ rTFOC8msC/pYYz1+KyDE4I25QP/wuVod3BC18l4HFl0
+QedkePuE4SRMYcv9bXWhfkIO5qrybshEM2+ksapF1Eg
+--- NWT5RQkz3KjzSD5DOqDei/sYcgsWuAWHmjEN1taV+ZQ
+i<10><05><02><17>!<21><>wq<77>`<60>1l<31>u<EFBFBD><75>j@<40><>,"<22><01><>Ƀ<EFBFBD><C983><1E>~&fD<66>w<EFBFBD>n<EFBFBD><6E><EFBFBD>D<EFBFBD><1D>1v*<2A><><06><><EFBFBD>P<1F><>
+<EFBFBD>,[x<><78>~(ni"<22><>O<EFBFBD><4F>brK<14>mC<6D>02<30>D<EFBFBD><44><08><><EFBFBD><17><>q9ݎ<><DD8E>a<EFBFBD>Ѱ_c<5F><63><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>i<EFBFBD>H<EFBFBD>ZIo<49><6F><EFBFBD>1<EFBFBD><31><EFBFBD><EFBFBD><`g<>C<EFBFBD><43>ׂu<D782>/<2F><14>21Q<31>2<EFBFBD>!(<28><><14>2<EFBFBD>H<EFBFBD><48><EFBFBD>D<EFBFBD><44><0E>p+<2B>h]<5D><>Y<14>O.vи%~ <20><><EFBFBD>^<5E><><EFBFBD>M<EFBFBD>m<EFBFBD><10><01><>jP@<01>~<7E><><EFBFBD>_LV<4C>fs<19>x<EFBFBD>ʣ%<25>xQ<78>"S<>%-dA9Y<39><59><EFBFBD>Io|<15><1A>QՉ<51><D589><EFBFBD><EFBFBD>$<24>r<EFBFBD><72><EFBFBD>ŵ<EFBFBD>!<21><>唛u<E5949B><75><EFBFBD><EFBFBD>Ht<48>TM<54>v<1A>P<EFBFBD><50>N<EFBFBD><4E>І<EFBFBD>}#<23>C<EFBFBD>p<EFBFBD><70>|	~<7E><>]<5D><>5<18><>_Bw<03><>]<5D><>
+<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20>f<10><02>!~<7E>IN<<3C><>BѰ<42>Vul<75>O<EFBFBD><4F>G<EFBFBD>}0@Sy<53>^V!<21><><EFBFBD>K4Ŏb<C58E><62>X<EFBFBD><01>d<EFBFBD>[<5B><><EFBFBD><EFBFBD>d<EFBFBD>Z<EFBFBD>?j<>hK?$<24>J/<2F>PgU(t<><74>K<EFBFBD><4B>FV%<1E>5x	<09>:ǻ<>v]U<><55><EFBFBD><EFBFBD>]<5D>z<EFBFBD><7A><EFBFBD>R=؋<15><><EFBFBD>ڣB\<5C><>7<EFBFBD>`<60>$<24>i
--- a/secrets/tadpole/alex.tadpole-git.ppp.pm.pub.age
+++ b/secrets/tadpole/alex.tadpole-git.ppp.pm.pub.age
Author	SHA1	Message	Date
Alexander Heldt	6906fca9f9	backwards: Enable `jellyseerr` for `jellyfin`	2024-09-17 21:11:31 +02:00
Alexander Heldt	1f81b5a801	backwards: Enable `radarr` for `jellyfin`	2024-09-17 21:11:31 +02:00
Alexander Heldt	1446e7c592	backwards: Enable `sonarr` for `jellyfin`	2024-09-17 21:11:31 +02:00
Alexander Heldt	2a1fac11bf	backwards: Enable `prowlarr` for `jellyfin`	2024-09-17 21:11:31 +02:00
Alexander Heldt	3a5a367a4a	backwards: Add reverse proxy for `jellyfin`	2024-09-17 21:11:31 +02:00
Alexander Heldt	3ca0a58a04	tadpole: Remove unneeded assertion of existing certs for `gitea`	2024-09-17 21:11:31 +02:00
Alexander Heldt	1f7433463a	backwards: Add reverse proxy for `transmission`	2024-09-17 21:11:31 +02:00
Alexander Heldt	aaeea7d0b3	backwards: Add `nginx` module	2024-09-17 21:11:31 +02:00
Alexander Heldt	cbaba1db4c	tadpole: Clean up `nginx` and `certs` modules	2024-09-17 21:11:31 +02:00
Alexander Heldt	3092241f0b	tadpole: Change default email for `certs`	2024-09-17 21:11:31 +02:00
Alexander Heldt	dc944a0969	Update flake inputs	2024-09-17 21:11:31 +02:00
Alexander Heldt	119ef9fa60	pinwheel: Remove `retroarch`	2024-09-17 21:11:31 +02:00
Alexander Heldt	2edf3980f0	pinwheel: Remove `mullvad`	2024-09-17 21:11:31 +02:00
Alexander Heldt	e2d97c4f60	pinwheel: Increase `waybar` module intervals	2024-09-17 21:11:31 +02:00
Alexander Heldt	0626b06ecc	pinwheel: Add `tailscale` module to `waybar`	2024-09-17 21:11:31 +02:00
Alexander Heldt	f072b35101	pinwheel: Add secret for preferred `tailscale` exit node	2024-09-17 21:11:31 +02:00
Alexander Heldt	aa9a049377	pinwheel: Add `swapfile`	2024-09-17 21:11:31 +02:00
Alexander Heldt	c67549a118	pinwheel: Remove URL preference for `gitlab` in `git`	2024-09-17 21:11:31 +02:00
Alexander Heldt	f9ed371d8c	Update url for `pppdotpm-site` input	2024-09-17 21:11:31 +02:00
Alexander Heldt	c9c8939c8e	tadpole: Add match block for `git.ppp.pm` in `ssh`	2024-09-17 21:11:31 +02:00
Alexander Heldt	8e135ef94b	tadpole: Add secrets for `git.ppp.pm`	2024-09-17 21:11:31 +02:00