alex/nixos-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: alex:main
Branches Tags
alex:main
..
compare: alex:f7e18a0978013bd8d75bdac06cf9dcb4579c6388
Branches Tags
alex:main

1 Commits
main ... f7e18a0978

Author SHA1 Message Date
Alexander Heldt
f7e18a0978 manatee: Add services homepage with auto-discovery 
Add a homepage module that generates a static landing page served on
port 80 via nginx. Each service module registers itself via the shared
mod.homepage.services option, so enabling a module automatically adds
it to the page.
 2026-02-28 21:46:44 +01:00
16 changed files with 112 additions and 181 deletions
Expand all files Collapse all files

30
flake.lock generated
View File

@@ -573,27 +573,6 @@
"type": "github"
}
},
"komga-bookmanager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1772572455,
"narHash": "sha256-B4KOdV2GQogU1XL9903qFkOFf/6H7UGa+dprNGctgMY=",
"ref": "main",
"rev": "002732d4ebc5b80c2b8522896427c9f6bee9e1d1",
"revCount": 6,
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/komga-bookmanager.git"
},
"original": {
"ref": "main",
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/komga-bookmanager.git"
}
},
"komga-comictracker": {
"inputs": {
"nixpkgs": [
@@ -601,11 +580,11 @@
]
},
"locked": {
"lastModified": 1772884418,
"narHash": "sha256-2V/JnGsIhvQoAiH7iIQkOPX5OTZVwGTOEv+nFetd4I8=",
"lastModified": 1771079752,
"narHash": "sha256-4Pw8MhQUVWcTH3fg31sP19k+qgHDxqSKtSoDU/CYf/Y=",
"ref": "main",
"rev": "0b91385e8906ca40cc89381bf8394ed24a116c6b",
"revCount": 49,
"rev": "2b5cc59e3d4dba439a9a5f0d1fc2c30d9bdf45e1",
"revCount": 32,
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/komga-comictracker.git"
},
@@ -807,7 +786,6 @@
"home-manager": "home-manager_2",
"hyprland": "hyprland",
"hyprland-contrib": "hyprland-contrib",
"komga-bookmanager": "komga-bookmanager",
"komga-comictracker": "komga-comictracker",
"naviterm": "naviterm",
"nh": "nh",

6
flake.nix
View File

@@ -74,12 +74,6 @@
# url = "path:/home/alex/code/own/komga-comictracker";
inputs.nixpkgs.follows = "nixpkgs";
};
komga-bookmanager = {
url = "git+ssh://gitea@git.ppp.pm:1122/alex/komga-bookmanager.git?ref=main";
# url = "path:/home/alex/code/own/komga-comictracker";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =

12
hosts/manatee/modules/audiobookshelf/default.nix
View File

@@ -10,13 +10,11 @@ in
};
config = lib.mkIf enabled {
mod.homepage.services = [
{
name = "Audiobookshelf";
port = 8000;
description = "Audiobooks & podcasts";
}
];
mod.homepage.services = [{
name = "Audiobookshelf";
port = 8000;
description = "Audiobooks & podcasts";
}];
users.users.audiobookshelf = {
isSystemUser = true;

40
hosts/manatee/modules/calibre-web/default.nix Normal file
View File

@@ -0,0 +1,40 @@
{ lib, config, ... }:
let
enabled = config.mod.calibre-web.enable;
in
{
options = {
mod.calibre-web = {
enable = lib.mkEnableOption "add calibre-web module";
};
};
config = lib.mkIf enabled {
mod.homepage.services = [{
name = "Calibre-Web";
port = 8083;
description = "E-book library";
}];
services = {
calibre-web = {
enable = true;
user = "storage";
group = "storage";
listen = {
ip = "0.0.0.0";
port = 8083;
};
dataDir = "/mnt/media/public/books";
options = {
calibreLibrary = "/mnt/media/public/books";
enableBookUploading = true;
};
};
};
};
}

13
hosts/manatee/modules/certs/default.nix
View File

@@ -20,19 +20,6 @@
"--http-timeout=60"
];
};
"komga.ppp.pm" = {
dnsProvider = "hetzner";
environmentFile = config.age.secrets.hetzner-dns.path;
group = "nginx";
extraLegoFlags = [
"--dns.resolvers=1.1.1.1:53,8.8.8.8:53"
"--dns.propagation-wait=60s"
"--dns-timeout=60"
"--http-timeout=60"
];
};
};
};

1
hosts/manatee/modules/default.nix
View File

@@ -16,6 +16,7 @@ in
nginx.enable = true;
syncthing.enable = true;
transmission.enable = true;
calibre-web.enable = true;
audiobookshelf.enable = true;
jellyfin.enable = true;
immich.enable = true;

63
hosts/manatee/modules/home-assistant/default.nix
View File

@@ -62,14 +62,6 @@ let
'';
in
{
mod.homepage.services = [
{
name = "Home Assistant";
port = 8123;
description = "Home automation";
}
];
hardware.bluetooth.enable = true;
virtualisation.oci-containers = {
@@ -162,13 +154,13 @@ in
user = {
timers = {
"update-hetzner-dns" = {
"update-hetzner-ha-dns" = {
unitConfig = {
Description = "updates Hetzner DNS records";
Description = "updates Hetzner DNS for home-assistant";
};
timerConfig = {
Unit = "update-hetzner-dns.service";
Unit = "update-hetzner-ha-dns.service";
OnCalendar = "*-*-* *:00/30:00";
Persistent = true;
};
@@ -178,9 +170,9 @@ in
};
services = {
"update-hetzner-dns" = {
"update-hetzner-ha-dns" = {
unitConfig = {
Description = "updates Hetzner DNS records";
Description = "updates Hetzner DNS for home-assistant";
};
serviceConfig = {
@@ -190,41 +182,38 @@ in
path = [
pkgs.curl
pkgs.coreutils
pkgs.coreutils # For `cat`
pkgs.jq
];
script = ''
SUBDOMAINS="ha komga"
LAST_IP_FILE="/tmp/hetzner-dns-ha-ip"
INTERFACE="enp3s0"
CURRENT_IP=$(curl -s --fail --interface "$INTERFACE" ifconfig.me)
for SUBDOMAIN in $SUBDOMAINS; do
LAST_IP_FILE="/tmp/hetzner-dns-''${SUBDOMAIN}-ip"
LAST_IP=""
if [[ -f "$LAST_IP_FILE" ]]; then
LAST_IP=$(cat "$LAST_IP_FILE")
fi
LAST_IP=""
if [[ -f "$LAST_IP_FILE" ]]; then
LAST_IP=$(cat "$LAST_IP_FILE")
fi
if [[ "$CURRENT_IP" == "$LAST_IP" ]]; then
echo "IP unchanged, NOOP update."
exit 0
else
echo "Updating IP"
if [[ "$CURRENT_IP" == "$LAST_IP" ]]; then
echo "$SUBDOMAIN: IP unchanged, NOOP update."
else
echo "$SUBDOMAIN: Updating IP"
JSON_BODY=$(jq -n --arg ip "$CURRENT_IP" '{records: [{value: $ip}]}')
JSON_BODY=$(jq -n --arg ip "$CURRENT_IP" '{records: [{value: $ip}]}')
curl \
--fail \
-X POST \
-H "Authorization: Bearer $HETZNER_API_TOKEN" \
-H "Content-Type: application/json" \
-d "$JSON_BODY" \
"https://api.hetzner.cloud/v1/zones/ppp.pm/rrsets/''${SUBDOMAIN}/A/actions/set_records" \
&& echo $CURRENT_IP > $LAST_IP_FILE
fi
done
curl \
--fail \
-X POST \
-H "Authorization: Bearer $HETZNER_API_TOKEN" \
-H "Content-Type: application/json" \
-d "$JSON_BODY" \
"https://api.hetzner.cloud/v1/zones/ppp.pm/rrsets/ha/A/actions/set_records" \
&& echo $CURRENT_IP > $LAST_IP_FILE
fi
'';
};
};

20
hosts/manatee/modules/homepage/default.nix
View File

@@ -77,15 +77,13 @@ in
mod.homepage = {
enable = lib.mkEnableOption "Enable homepage module";
services = lib.mkOption {
type = lib.types.listOf (
lib.types.submodule {
options = {
name = lib.mkOption { type = lib.types.str; };
port = lib.mkOption { type = lib.types.port; };
description = lib.mkOption { type = lib.types.str; };
};
}
);
type = lib.types.listOf (lib.types.submodule {
options = {
name = lib.mkOption { type = lib.types.str; };
port = lib.mkOption { type = lib.types.port; };
description = lib.mkOption { type = lib.types.str; };
};
});
default = [ ];
description = "Services to display on the homepage";
};
@@ -97,7 +95,7 @@ in
listen = [
{
addr = "0.0.0.0";
port = 9999;
port = 80;
}
];
root = page;
@@ -106,6 +104,6 @@ in
};
};
networking.firewall.allowedTCPPorts = [ 9999 ];
networking.firewall.allowedTCPPorts = [ 80 ];
};
}

12
hosts/manatee/modules/immich/default.nix
View File

@@ -10,13 +10,11 @@ in
};
config = lib.mkIf enabled {
mod.homepage.services = [
{
name = "Immich";
port = 2283;
description = "Photo library";
}
];
mod.homepage.services = [{
name = "Immich";
port = 2283;
description = "Photo library";
}];
users.users.immich = {
isSystemUser = true;

12
hosts/manatee/modules/jellyfin/default.nix
View File

@@ -47,13 +47,11 @@ in
};
};
mod.homepage.services = [
{
name = "Jellyfin";
port = 8096;
description = "Media streaming";
}
];
mod.homepage.services = [{
name = "Jellyfin";
port = 8096;
description = "Media streaming";
}];
networking = {
firewall.allowedTCPPorts = [ 8096 ];

40
hosts/manatee/modules/komga/default.nix
View File

@@ -16,10 +16,7 @@ in
};
};
imports = [
inputs.komga-comictracker.nixosModules.default
inputs.komga-bookmanager.nixosModules.default
];
imports = [ inputs.komga-comictracker.nixosModules.default ];
config = lib.mkIf enabled {
mod.homepage.services = [
@@ -33,11 +30,6 @@ in
port = 8888;
description = "Comic reader";
}
{
name = "Komga Book Manager";
port = 8686;
description = "Book manager";
}
];
users.users.komga = {
@@ -55,7 +47,6 @@ in
server.port = 8002;
komga."cors.allowed-origins" = [
"http://manatee:8888"
"https://komga.ppp.pm"
];
};
@@ -77,49 +68,22 @@ in
tryFiles = "$uri $uri/ /komga-reader.html";
};
};
virtualHosts."komga.ppp.pm" = {
forceSSL = true;
useACMEHost = "komga.ppp.pm";
locations."/" = {
proxyPass = "http://127.0.0.1:8002";
proxyWebsockets = true;
};
};
};
networking.firewall.allowedTCPPorts = [ 8888 ];
programs.comictracker = {
enable = true;
komgaUrl = "http://127.0.0.1:8002";
komgaLibraryId = "0NVZH5AK3RPE1";
komgaUrl = "http://manatee:8002";
secretsFile = config.age.secrets.komga-comicbooktracker-credentials.path;
};
services.komga-book-manager = {
enable = true;
port = 8686;
group = "storage";
komgaUrl = "http://127.0.0.1:8002";
credentialsFile = config.age.secrets.komga-bookmanager-credentials.path;
libraryRoot = "/mnt/media/public/books";
libraryId = "0PNE1NEPY6995";
};
age.secrets = {
"komga-comicbooktracker-credentials" = {
file = ../../../../secrets/manatee/komga-comicbooktracker-credentials.age;
owner = "alex";
group = "users";
};
"komga-bookmanager-credentials" = {
file = ../../../../secrets/manatee/komga-bookmanager-credentials.age;
owner = "alex";
group = "users";
};
};
};
}

12
hosts/manatee/modules/navidrome/default.nix
View File

@@ -15,13 +15,11 @@ in
};
config = {
mod.homepage.services = lib.mkIf navidromeEnabled [
{
name = "Navidrome";
port = 4533;
description = "Music streaming";
}
];
mod.homepage.services = lib.mkIf navidromeEnabled [{
name = "Navidrome";
port = 4533;
description = "Music streaming";
}];
services = lib.mkIf navidromeEnabled {
navidrome = {

12
hosts/manatee/modules/syncthing/default.nix
View File

@@ -10,13 +10,11 @@ in
};
config = lib.mkIf enabled {
mod.homepage.services = [
{
name = "Syncthing";
port = 8384;
description = "File sync";
}
];
mod.homepage.services = [{
name = "Syncthing";
port = 8384;
description = "File sync";
}];
services.syncthing = {
enable = true;

12
hosts/manatee/modules/transmission/default.nix
View File

@@ -15,13 +15,11 @@ in
};
config = lib.mkIf enabled {
mod.homepage.services = [
{
name = "Transmission";
port = 9091;
description = "Torrent client";
}
];
mod.homepage.services = [{
name = "Transmission";
port = 9091;
description = "Torrent client";
}];
services = {
transmission = {

7
secrets/manatee/komga-bookmanager-credentials.age
View File

@@ -1,7 +0,0 @@
age-encryption.org/v1
-> ssh-ed25519 wkRvNA GW8mvnaXpspxr78xV0fKhXwHVvReyjvDc0v7uPwhuBI
Rne8JZYVhrTTesSFpRQ/IOZlFIMoX9Wmv5n1Ed7Ehv8
-> ssh-ed25519 +oNaHQ d7utzodGQ7LsD2Uht1rbT8Qq9BZp3PkJS9EDhajCjnk
qd2Vj+1TQrjEKkSVAf0cXcCdkgeN/Jbp4UrBSp3cKYQ
--- JQr5UQlutONqnTeoT/mIVZL8ME7ipUDK8zDfNcN3uhU
ø5-VŸÌ²ÂòÀ-®ªÁÅ'^žô5kú.t(d1‡)É'<u%

1
secrets/secrets.nix
View File

@@ -34,7 +34,6 @@ in {
"manatee/syncthing-key.age".publicKeys = [ manatee alex ];
"manatee/hetzner-dns.age".publicKeys = [ manatee alex ];
"manatee/komga-comicbooktracker-credentials.age".publicKeys = [ manatee alex];
"manatee/komga-bookmanager-credentials.age".publicKeys = [ manatee alex];
"backwards/root.backwards.age".publicKeys = [ backwards alex ];
"backwards/root.backwards.pub.age".publicKeys = [ backwards alex ];