{ config, lib, namespace, ... }: let inherit (lib.${namespace}) enabled disabled; in { ${namespace} = { services = { actual = { enable = true; port = 3333; createUser = true; reverseProxy = { enable = true; subdomain = "actual"; middlewares = [ "crowdsec" "whitelist-geoblock" ]; }; }; ai = enabled; arrs = enabled; attic = { enable = true; port = 9012; listenAddress = "[::]"; environmentFile = "/run/secrets/jallen-nas/attic-key"; }; authentik = { enable = true; configureDb = true; port = 9000; environmentFile = "/run/secrets/jallen-nas/authentik-env"; redis = { enable = true; port = 6379; }; }; authentikRac = { enable = true; port = 4822; # environmentFile = "/run/secrets/jallen-nas/authentik-env"; # TODO }; calibre = { enable = true; port = 8084; }; calibre-web = { enable = true; port = 8083; }; code-server = { enable = true; port = 4444; extraEnvironment = { PROXY_DOMAIN = "code.mjallen.dev"; }; }; collabora = { enable = true; port = 9980; }; crowdsec = { enable = true; port = 8181; apiKey = config.sops.secrets."jallen-nas/crowdsec-capi".path; }; ersatztv = { enable = true; port = 8409; }; free-games-claimer = { enable = true; port = 6080; }; gitea = { enable = true; port = 3000; }; glance = { enable = true; port = 5555; }; glances = { enable = true; port = 61208; createUser = true; }; headscale = { enable = false; port = 2112; reverseProxy.enable = true; }; immich = { enable = true; port = 2283; }; jellyfin = { enable = true; port = 8096; }; jellyseerr = { enable = true; port = 5055; createUser = true; }; lubelogger = { enable = true; port = 6754; }; manyfold = { enable = true; port = 3214; }; matrix = { enable = true; port = 8448; reverseProxy.enable = true; }; minecraft = disabled; mongodb = disabled; netbootxyz = { enable = false; port = 3000; }; nextcloud = { enable = true; port = 9988; }; ntfy = { enable = true; port = 2586; reverseProxy.enable = true; }; ocis = disabled; onlyoffice = { enable = false; port = 9200; }; opencloud = { enable = true; port = 9200; reverseProxy.enable = true; }; orca-slicer = { enable = true; port = 3100; httpsPort = 3101; }; paperless = { enable = true; port = 28981; }; paperless-ai = { enable = true; port = 28982; }; protonmail-bridge = { enable = true; smtpPort = 1025; imapPort = 1143; user = "admin"; }; restic = { enable = true; port = 8008; dataDir = "/media/nas/main/backup/restic"; prometheus = true; listenAddress = "0.0.0.0"; htpasswdFile = "/media/nas/main/backup/restic/.htpasswd"; extraFlags = [ "--no-auth" ]; }; tdarr = disabled; traefik = enabled; unmanic = { enable = true; configPath = "/media/nas/main/nix-app-data/unmanic/config"; moviesPath = "/media/nas/main/movies"; tvPath = "/media/nas/main/tv"; transcodePath = "/media/nas/main/nix-app-data/unmanic/transcode"; }; uptime-kuma = { enable = true; port = 3001; dataDir = "/media/nas/main/nix-app-data/uptime-kuma"; }; wyoming = enabled; }; }; }