{ config, lib, namespace, ... }: let inherit (lib.${namespace}) enabled disabled; in { ${namespace} = { services = { actual = { enable = true; port = 3333; createUser = true; reverseProxy = { enable = true; subdomain = "actual"; middlewares = [ "crowdsec" "whitelist-geoblock" ]; }; }; ai = enabled; arrs = enabled; attic = { enable = true; port = 9012; listenAddress = "[::]"; environmentFile = "/run/secrets/jallen-nas/attic-key"; }; authentik = { enable = true; # configureDb = true; port = 9000; environmentFile = "/run/secrets/jallen-nas/authentik-env"; }; calibre = { enable = true; port = 8084; webPort = 8083; localAddress = "10.0.3.1"; webDir = "/media/nas/main/nix-app-data/calibre-web"; dataDir = "/media/nas/main/books"; }; code-server = { enable = true; port = 4444; user = "admin"; group = "jallen-nas"; host = "0.0.0.0"; auth = "none"; hashedPassword = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06"; extraEnvironment = { PROXY_DOMAIN = "code.mjallen.dev"; }; }; collabora = enabled; crowdsec = { enable = true; port = 8181; apiAddress = "0.0.0.0"; apiKey = config.sops.secrets."jallen-nas/crowdsec-capi".path; dataDir = "/media/nas/main/nix-app-data/crowdsec"; }; ersatztv = { enable = true; configPath = "/media/nas/main/nix-app-data/ersatztv"; moviesPath = "/media/nas/main/movies"; tvPath = "/media/nas/main/tv"; transcodePath = "/media/nas/main/nix-app-data/transcode"; }; free-games-claimer.enable = true; gitea = { enable = true; httpPort = 3000; sshPort = 2222; localAddress = "10.0.4.18"; dataDir = "/media/nas/main/nix-app-data/gitea"; reverseProxy = { enable = true; subdomain = "gitea"; middlewares = [ "crowdsec" "whitelist-geoblock" ]; }; }; glance = { enable = true; port = 5555; }; glances = { enable = true; port = 61208; bindAddress = "0.0.0.0"; }; headscale = { enable = false; port = 2112; dataDir = "/media/nas/main/nix-app-data/headscale"; reverseProxy = { enable = true; subdomain = "headscale"; middlewares = [ "crowdsec" "whitelist-geoblock" ]; }; }; immich = enabled; jellyfin = enabled; jellyseerr = { enable = true; dataDir = "/media/nas/main/nix-app-data/jellyseerr"; }; lubelogger = enabled; manyfold = enabled; matrix = { enable = true; port = 8448; localAddress = "10.0.1.3"; dataDir = "/media/nas/main/nix-app-data/matrix-synapse"; reverseProxy = { enable = true; subdomain = "matrix"; middlewares = [ "crowdsec" "whitelist-geoblock" ]; }; }; netbootxyz = { enable = true; }; nextcloud = enabled; ntfy = { enable = true; port = 2586; localAddress = "10.0.1.3"; dataDir = "/media/nas/main/nix-app-data/ntfy"; reverseProxy = { enable = true; subdomain = "ntfy"; middlewares = [ "crowdsec" "whitelist-geoblock" ]; }; }; ocis = disabled; onlyoffice = disabled; opencloud = { enable = true; port = 9200; reverseProxy.enable = true; }; orca-slicer = { enable = true; httpPort = "3100"; httpsPort = "3101"; }; paperless = enabled; protonmail-bridge = { enable = true; smtpPort = 1025; imapPort = 1143; user = "admin"; }; restic = { enable = true; port = 8008; dataDir = "/media/nas/main/backup/restic"; prometheus = true; listenAddress = "0.0.0.0"; htpasswdFile = "/media/nas/main/backup/restic/.htpasswd"; extraFlags = [ "--no-auth" ]; }; tdarr = disabled; traefik = enabled; unmanic = { enable = true; configPath = "/media/nas/main/nix-app-data/unmanic/config"; moviesPath = "/media/nas/main/movies"; tvPath = "/media/nas/main/tv"; transcodePath = "/media/nas/main/nix-app-data/unmanic/transcode"; }; uptime-kuma = { enable = true; port = 3001; dataDir = "/media/nas/main/nix-app-data/uptime-kuma"; }; wyoming = enabled; }; }; }