{ config, lib, namespace, ... }: let inherit (lib.${namespace}) enabled disabled; net = lib.${namespace}.network; in { ${namespace} = { services = { actual = { enable = true; port = 3333; createUser = true; reverseProxy = disabled; hostedService = { group = "Finance"; icon = "si:actualbudget"; }; }; ai = { enable = true; }; arrs.enable = true; attic = { enable = true; port = 9012; listenAddress = "[::]"; environmentFile = "/run/secrets/jallen-nas/attic-key"; reverseProxy = { enable = true; subdomain = "cache"; }; hostedService = { group = "Dev"; }; }; authentik = { enable = true; configureDb = true; port = 9000; reverseProxy = enabled; environmentFile = "/run/secrets/jallen-nas/authentik-env"; hostedService = { group = "Infrastructure"; }; redis = { enable = true; port = 6379; }; }; authentikRac = { enable = true; port = 4823; # environmentFile = "/run/secrets/jallen-nas/authentik-env"; # TODO }; caddy = enabled; cockpit = { enable = true; port = 9091; }; calibre = { enable = false; port = 8084; }; calibre-web = { enable = false; port = 8083; }; code-server = { enable = true; port = 4444; extraEnvironment = { PROXY_DOMAIN = "code.mjallen.dev"; }; }; coturn = { enable = true; port = 3478; reverseProxy = enabled; }; collabora = { enable = true; port = 9980; reverseProxy = { enable = true; subdomain = "office"; }; }; crowdsec = { enable = true; port = 8181; apiKey = config.sops.secrets."jallen-nas/crowdsec-capi".path; ntfy = { enable = true; envFile = config.sops.templates."ntfy.env".path; }; }; dispatcharr = { enable = false; port = 9191; }; tunarr = { enable = true; port = 8000; }; free-games-claimer = { enable = false; port = 6080; }; gitea = { enable = true; port = 3000; reverseProxy = enabled; hostedService = { group = "Dev"; icon = "si:gitea"; }; }; guacd = { enable = true; port = 4822; }; glance = { enable = true; port = 5555; hostedServiceGroups = true; weather = { enable = true; location = "Saint Paul, Minnesota, United States"; units = "imperial"; hour-format = "12h"; }; servers = [ { name = "NAS"; mountpoints."/media/nas/main" = { name = "Main Pool"; }; } { name = "Pi5"; mountpoints."/" = { name = "Root"; }; } ]; bookmarks = [ { title = "General"; links = [ { title = "Gmail"; url = "https://mail.google.com/mail/u/0/"; } { title = "Proton Mail"; url = "https://mail.proton.me/u/0/inbox"; } { title = "MyNixOS"; url = "https://www.mynixos.com/"; } { title = "Github"; url = "https://github.com/"; } ]; } { title = "Entertainment"; links = [ { title = "YouTube"; url = "https://www.youtube.com/"; } { title = "Prime Video"; url = "https://www.primevideo.com/"; } { title = "Disney+"; url = "https://www.disneyplus.com/"; } ]; } { title = "Social"; links = [ { title = "Reddit"; url = "https://www.reddit.com/"; } { title = "Twitter"; url = "https://twitter.com/"; } { title = "Instagram"; url = "https://www.instagram.com/"; } ]; } ]; reddit = [ "hockey" "formula1" ]; search = [ { title = "YouTube"; shortcut = "!yt"; url = "https://www.youtube.com/results?search_query={QUERY}"; } { title = "Wikipedia"; shortcut = "!w"; url = "https://en.wikipedia.org/wiki/{QUERY}"; } ]; extraSites = [ { title = "Home Assistant"; url = "http://${net.hosts.nuc.lan}:${toString net.ports.nuc.homeAssistant}/"; icon = "si:vscodium"; allow-insecure = true; } { title = "ESPHome"; url = "http://${net.hosts.nuc.lan}:${toString net.ports.nuc.esphome}/"; icon = "si:vscodium"; allow-insecure = true; } { title = "Sonarr"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sonarr}/"; icon = "si:sonarr"; allow-insecure = true; basic-auth = true; } { title = "Radarr"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.radarr}/"; icon = "si:radarr"; allow-insecure = true; basic-auth = true; } { title = "Sabnzbd"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sabnzbd}/"; icon = "si:sabnzbd"; allow-insecure = true; basic-auth = true; } { title = "AdGuard"; url = "http://${net.hosts.pi5.lan}:${toString net.ports.pi5.adguard}/"; icon = "si:adguard"; allow-insecure = true; } { title = "Manyfold"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.manyfold}/collections"; icon = "sh:manyfold"; allow-insecure = true; } { title = "Code Server"; url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.codeServer}/"; icon = "si:vscodium"; allow-insecure = true; } { title = "NAS KVM"; url = "http://nas-kvm.local/"; icon = "si:iterm2"; allow-insecure = true; } { title = "NUC KVM"; url = "http://pikvm.local/"; icon = "si:raspberrypi"; allow-insecure = true; } ]; }; glances = { enable = true; port = 61208; createUser = true; }; grimmory = { enable = false; port = 6066; }; headscale = { enable = false; port = 2112; reverseProxy.enable = true; }; immich = { enable = true; port = 2283; reverseProxy = enabled; hostedService = { group = "Media"; icon = "si:immich"; }; }; jellyfin = { enable = true; port = 8096; reverseProxy = enabled; hostedService = { group = "Media"; icon = "si:jellyfin"; }; }; seerr = { enable = true; port = 5055; createUser = true; reverseProxy = enabled; hostedService = { group = "Media"; }; }; kavita = { enable = true; port = 5000; reverseProxy = disabled; }; lemonade = { enable = false; port = 8001; modelsDir = "/media/nas/main/ai/lemonade/models"; reverseProxy = disabled; }; lubelogger = { enable = true; port = 6754; reverseProxy = enabled; hostedService = { group = "Finance"; }; }; manyfold = { enable = true; port = 3214; }; matrix = { enable = true; port = 8448; reverseProxy = enabled; hostedService = { group = "Infrastructure"; icon = "si:element"; }; }; minecraft = disabled; mongodb = disabled; nebula = { enable = true; port = 4242; lighthouses = [ "10.1.1.1" ]; staticHostMap = { "10.1.1.1" = [ "mjallen.dev:4242" ]; }; secretsPrefix = "jallen-nas/nebula"; secretsFile = lib.snowfall.fs.get-file "secrets/nas-secrets.yaml"; hostSecretName = "nas"; }; netbootxyz = { enable = false; port = 4000; }; nextcloud = { enable = true; port = 9988; reverseProxy = { enable = true; subdomain = "cloud"; }; hostedService = { group = "Infrastructure"; icon = "si:nextcloud"; }; }; ntfy = { enable = true; port = 2586; createUser = true; reverseProxy = enabled; hostedService = { group = "Infrastructure"; }; }; ocis = disabled; onlyoffice = { enable = false; port = 9200; }; opencloud = { enable = false; port = 9200; reverseProxy.enable = false; }; orca-slicer = { enable = false; port = 3100; httpsPort = 3101; }; paperless = { enable = true; port = 28981; }; paperless-ai = { enable = true; port = 28982; }; protonmail-bridge = { enable = true; smtpPort = 1025; imapPort = 1143; }; restic-server = { enable = true; port = 8008; }; sparky-fitness-server = { enable = true; port = 3010; }; sparky-fitness = { enable = true; port = 3004; reverseProxy = { enable = true; subdomain = "sparky"; }; }; sunshine = { enable = true; port = 47989; }; tdarr = { enable = false; port = 8265; serverPort = 8266; }; termix = { enable = true; port = 7777; reverseProxy = enabled; }; unmanic = { enable = true; port = 8265; }; uptime-kuma = { enable = true; port = 3001; }; wyoming = enabled; }; }; }