min
/
infra
1
0
Fork 0
Code Issues 2 Pull Requests Packages Projects Releases Wiki Activity

Jellyfin deployment + eidola restore

This commit is contained in:
minish 2025-04-26 04:37:22 -04:00
parent 7a39a2610f
commit de6f0e39cb
Signed by: min
SSH Key Fingerprint: SHA256:UD/wIBTyCGmuqRq6a1PsiwTehUPikHbuClpnk0U1mdo
8 changed files with 41 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/hosts/default.nix
View File

@ -1,5 +1,5 @@
{inputs, ...}: let {inputs, ...}: let
systems = makeSystems ["silver"]; systems = makeSystems ["silver" "eidola"];
inherit (inputs.nixpkgs) lib; inherit (inputs.nixpkgs) lib;

2
nixos/hosts/eidola/configuration.nix
View File

@ -24,7 +24,7 @@
# Basic networking # Basic networking
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [5201 8081]; networking.firewall.allowedTCPPorts = [5201];
networking.firewall.allowedUDPPorts = [5201]; networking.firewall.allowedUDPPorts = [5201];
# Locales # Locales

3
nixos/hosts/eidola/mounts.nix
View File

@ -14,6 +14,9 @@ _: {
"/etc/zfs" "/etc/zfs"
"/var/lib/samba" "/var/lib/samba"
"/var/lib/jellyfin"
"/var/cache/jellyfin"
"/var/lib/bitwarden_rs" "/var/lib/bitwarden_rs"
]; ];
files = [ files = [

1
nixos/hosts/eidola/services/default.nix
View File

@ -1,5 +1,6 @@
{...}: { {...}: {
imports = [ imports = [
./jellyfin.nix
./samba.nix ./samba.nix
]; ];
} }

10
nixos/hosts/eidola/services/jellyfin.nix Normal file
View File

@ -0,0 +1,10 @@
_: {
hardware.graphics.enable = true;
services.jellyfin = {
enable = true;
# allow it to access network shares
group = "share";
};
}

21
nixos/hosts/eidola/services/samba.nix
View File

@ -19,21 +19,20 @@ _: {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
securityType = "user"; settings = {
global = {
"security" = "user";
"browseable" = true;
"smb encrypt" = "required";
extraConfig = '' "valid users" = "@share";
browseable = yes };
smb encrypt = required
valid users = @share
'';
shares = {
terrarium = { terrarium = {
"path" = "/terra/terrarium"; "path" = "/terra/terrarium";
"browseable" = "yes"; "browseable" = true;
"read only" = "no"; "read only" = false;
"guest ok" = "no"; "guest ok" = false;
"create mask" = "0664"; "create mask" = "0664";
"directory mask" = "0775"; "directory mask" = "0775";
}; };

1
nixos/hosts/silver/services/default.nix
View File

@ -10,6 +10,7 @@
./prometheus.nix ./prometheus.nix
./grafana.nix ./grafana.nix
./vaultwarden.nix ./vaultwarden.nix
./shim-jellyfin.nix
]; ];
security.acme = { security.acme = {

14
nixos/hosts/silver/services/shim-jellyfin.nix Normal file
View File

@ -0,0 +1,14 @@
_: let
httpIntAddr = "10.13.1.1";
httpIntPort = 8096;
dom = "mov.min.rip";
in {
services.nginx.virtualHosts.${dom} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://${toString httpIntAddr}:${toString httpIntPort}";
};
};
}