mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mjallen:e4daf12f390127aa83badc54142be0f0b8ee77bd
Branches Tags
mjallen:main mjallen:stylix mjallen:bcfs mjallen:snowfall mjallen:macbook-hyprland
...
compare: mjallen:acc683bac3e39ec216f6992bae579bdbea8591eb
Branches Tags
mjallen:main mjallen:stylix mjallen:bcfs mjallen:snowfall mjallen:macbook-hyprland

2 Commits
e4daf12f39 ... acc683bac3

Author SHA1 Message Date
mjallen18
acc683bac3 databasus 2026-04-01 18:05:40 -05:00
mjallen18
166123e8fe suggestarr and bookshelf 2026-04-01 18:05:40 -05:00
6 changed files with 116 additions and 10 deletions
Expand all files Collapse all files

25
modules/nixos/services/bookshelf/default.nix Normal file
View File

@@ -0,0 +1,25 @@
{
lib,
config,
namespace,
...
}:
let
cfg = config.${namespace}.services."bookshelf";
in
{
imports = [
(lib.${namespace}.mkContainerService {
inherit config;
name = "bookshelf";
image = "ghcr.io/pennydreadful/bookshelf:hardcover";
internalPort = 8787;
volumes = [
"${cfg.configDir}/bookshelf:/config"
"${cfg.configDir}/incomplete:/media/nas/main/appdata/incomplete"
"${cfg.dataDir}/books:/media/nas/main/books"
];
environmentFiles = [ ];
})
];
}

23
modules/nixos/services/databasus/default.nix Normal file
View File

@@ -0,0 +1,23 @@
{
lib,
config,
namespace,
...
}:
let
cfg = config.${namespace}.services."databasus";
in
{
imports = [
(lib.${namespace}.mkContainerService {
inherit config;
name = "databasus";
image = "databasus/databasus";
internalPort = 4005;
volumes = [
"${cfg.configDir}/databasus:/databasus-data"
];
environmentFiles = [ ];
})
];
}

23
modules/nixos/services/suggestarr/default.nix Normal file
View File

@@ -0,0 +1,23 @@
{
lib,
config,
namespace,
...
}:
let
cfg = config.${namespace}.services."suggestarr";
in
{
imports = [
(lib.${namespace}.mkContainerService {
inherit config;
name = "suggestarr";
image = "ciuse99/suggestarr";
internalPort = 5000;
volumes = [
"${cfg.configDir}/suggestarr:/app/config/config_files"
];
environmentFiles = [ ];
})
];
}

33
systems/x86_64-linux/jallen-nas/apps.nix
View File

@@ -57,6 +57,10 @@ in
port = 4823; port = 4823;
# environmentFile = "/run/secrets/jallen-nas/authentik-env"; # TODO # environmentFile = "/run/secrets/jallen-nas/authentik-env"; # TODO
}; };
bookshelf = {
enable = true;
port = 8787;
};
caddy = enabled; caddy = enabled;
cockpit = { cockpit = {
enable = true; enable = true;
@@ -99,6 +103,11 @@ in
envFile = config.sops.templates."ntfy.env".path; envFile = config.sops.templates."ntfy.env".path;
}; };
}; };
databasus = {
enable = true;
port = 4005;
reverseProxy = enabled;
};
dispatcharr = { dispatcharr = {
enable = false; enable = false;
port = 9191; port = 9191;
@@ -319,19 +328,10 @@ in
icon = "si:jellyfin"; icon = "si:jellyfin";
}; };
}; };
seerr = {
enable = true;
port = 5055;
createUser = true;
reverseProxy = enabled;
hostedService = {
group = "Media";
};
};
kavita = { kavita = {
enable = true; enable = true;
port = 5000; port = 5000;
reverseProxy = disabled; reverseProxy = enabled;
}; };
lemonade = { lemonade = {
enable = false; enable = false;
@@ -430,6 +430,15 @@ in
enable = true; enable = true;
port = 8008; port = 8008;
}; };
seerr = {
enable = true;
port = 5055;
createUser = true;
reverseProxy = enabled;
hostedService = {
group = "Media";
};
};
sparky-fitness-server = { sparky-fitness-server = {
enable = true; enable = true;
port = 3010; port = 3010;
@@ -442,6 +451,10 @@ in
subdomain = "sparky"; subdomain = "sparky";
}; };
}; };
suggestarr = {
enable = true;
port = 5001;
};
sunshine = { sunshine = {
enable = true; enable = true;
port = 47989; port = 47989;

3
systems/x86_64-linux/jallen-nas/nas-defaults.nix
View File

@@ -38,6 +38,7 @@ in
"attic" "attic"
"authentik" "authentik"
"authentikRac" "authentikRac"
"bookshelf"
"caddy" "caddy"
"calibre" "calibre"
"calibre-web" "calibre-web"
@@ -45,6 +46,7 @@ in
"collabora" "collabora"
"coturn" "coturn"
"crowdsec" "crowdsec"
"databasus"
"dispatcharr" "dispatcharr"
"free-games-claimer" "free-games-claimer"
"gitea" "gitea"
@@ -77,6 +79,7 @@ in
"restic-server" "restic-server"
"sparky-fitness" "sparky-fitness"
"sparky-fitness-server" "sparky-fitness-server"
"suggestarr"
"sunshine" "sunshine"
"tdarr" "tdarr"
"termix" "termix"

19
systems/x86_64-linux/jallen-nas/services.nix
View File

@@ -29,6 +29,13 @@ in
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO sparkyfitness; GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO sparkyfitness;
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO sparkyfitness; GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pg_catalog TO sparkyfitness;
" "
psql -c "
ALTER ROLE databasus WITH PASSWORD 'databasus';
ALTER ROLE databasus BYPASSRLS;
GRANT CONNECT ON DATABASE nextcloud TO databasus;
GRANT pg_read_all_data TO databasus;
"
''; '';
}; };
}; };
@@ -68,6 +75,7 @@ in
"onlyoffice" "onlyoffice"
"synapse" "synapse"
"sparkyfitness" "sparkyfitness"
"suggestarr"
]; ];
ensureUsers = [ ensureUsers = [
{ {
@@ -94,6 +102,13 @@ in
name = "sparkyfitness"; name = "sparkyfitness";
ensureDBOwnership = true; ensureDBOwnership = true;
} }
{
name = "suggestarr";
ensureDBOwnership = true;
}
{
name = "databasus";
}
]; ];
# pg_hba.conf — use lib.mkForce to replace the module defaults entirely. # pg_hba.conf — use lib.mkForce to replace the module defaults entirely.
# #
@@ -116,6 +131,10 @@ in
# Podman container network sparkyfitness server connects via host LAN IP # Podman container network sparkyfitness server connects via host LAN IP
host sparkyfitness sparkyfitness 10.88.0.0/16 scram-sha-256 host sparkyfitness sparkyfitness 10.88.0.0/16 scram-sha-256
# Podman container network suggestarr server connects via host LAN IP
host suggestarr suggestarr 10.88.0.0/16 scram-sha-256
host all databasus 10.88.0.0/16 scram-sha-256
''; '';
# identMap — maps OS usernames to PostgreSQL usernames for peer auth. # identMap — maps OS usernames to PostgreSQL usernames for peer auth.