diff --git a/flake.nix b/flake.nix index 44d63c2..48c91de 100644 --- a/flake.nix +++ b/flake.nix @@ -41,7 +41,6 @@ Binnenpost.modules = [ ./hosts/Binnenpost ]; Production.modules = [ ./hosts/Production ]; ProductionGPU.modules = [ ./hosts/ProductionGPU ]; - ProductionArr.modules = [ ./hosts/ProductionArr ]; ACE.modules = [ ./hosts/ACE ]; Template.modules = [ ./hosts/Template ]; diff --git a/hosts/Development/default.nix b/hosts/Development/default.nix index b2237b7..da995f8 100644 --- a/hosts/Development/default.nix +++ b/hosts/Development/default.nix @@ -4,9 +4,9 @@ config = { homelab = { apps = { - bind9.enable = true; - traefik.enable = true; - plex.enable = true; + arr = { + qbittorrent.enable = true; + }; }; virtualisation.guest.enable = true; }; diff --git a/hosts/ProductionArr/default.nix b/hosts/ProductionArr/default.nix deleted file mode 100644 index ff4f4c2..0000000 --- a/hosts/ProductionArr/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ config, pkgs, lib, system, ... }: - -{ - config = { - homelab = { - apps = { - arr.enable = true; - traefik.enable = true; - }; - virtualisation.guest.enable = true; - }; - - networking = { - hostId = "aaaa2300"; - domain = "roxanne.depeuter.dev"; - - useDHCP = false; - - enableIPv6 = true; - - defaultGateway = { - address = "192.168.0.1"; - interface = "ens18"; - }; - - # Open ports in the firewall. - firewall = { - enable = true; - }; - - interfaces.ens18 = { - ipv4.addresses = [ - { - address = "192.168.0.33"; - prefixLength = 24; - } - ]; - }; - - nameservers = [ - "1.1.1.1" # Cloudflare - "1.0.0.1" # Cloudflare - ]; - }; - - system.stateVersion = "24.05"; - }; -} diff --git a/modules/apps/arr/default.nix b/modules/apps/arr/default.nix index 5cff39c..cedd01e 100644 --- a/modules/apps/arr/default.nix +++ b/modules/apps/arr/default.nix @@ -6,7 +6,7 @@ let networkName = "arrStack"; proxyNet = config.homelab.apps.traefik.sharedNetworkName; - appNames = [ "bazarr" "prowlarr" "qbittorrent" "radarr" "sonarr" ]; + appNames = [ "bazarr" "lidarr" "prowlarr" "qbittorrent" "radarr" "sonarr" ]; inUse = builtins.any (app: cfg.${app}.enable) appNames; PGID = toString config.users.groups.media.gid; @@ -14,53 +14,13 @@ let in { options.homelab.apps.arr = { enable = lib.mkEnableOption "Arr Stack using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose all app ports"; - # Only expose ports by default if Traefik is not in use. - default = ! config.homelab.apps.traefik.enable; - }; - bazarr = { - enable = lib.mkEnableOption "Bazarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Bazarr port"; - default = cfg.exposePorts; - }; - }; - prowlarr = { - enable = lib.mkEnableOption "Prowlarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Prowlarr port"; - default = cfg.exposePorts; - }; - }; - qbittorrent = { - enable = lib.mkEnableOption "qBittorrent using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose qBittorrent port"; - default = cfg.exposePorts; - }; - }; - radarr = { - enable = lib.mkEnableOption "Radarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Radarr port"; - default = cfg.exposePorts; - }; - }; - sonarr = { - enable = lib.mkEnableOption "Sonarr using Docker"; - exposePorts = lib.mkOption { - type = lib.types.bool; - description = "Expose Sonarr port"; - default = cfg.exposePorts; - }; - }; + bazarr.enable = lib.mkEnableOption "Bazarr using Docker"; + lidarr.enable = lib.mkEnableOption "Lidarr using Docker"; + prowlarr.enable = lib.mkEnableOption "Prowlarr using Docker"; + qbittorrent.enable = lib.mkEnableOption "qBittorrent using Docker"; + radarr.enable = lib.mkEnableOption "Radarr using Docker"; + sonarr.enable = lib.mkEnableOption "Sonarr using Docker"; }; config = { @@ -73,6 +33,7 @@ in { # "Master switch": Enable all apps. apps.arr = lib.mkIf cfg.enable { bazarr.enable = true; + lidarr.enable = true; prowlarr.enable = true; qbittorrent.enable = true; radarr.enable = true; @@ -102,6 +63,20 @@ in { ]; }; + "/srv/lidarr-backup" = lib.mkIf cfg.lidarr.enable { + device = "192.168.0.11:/mnt/BIG/BACKUP/LIDARR"; + fsType = "nfs"; + options = [ + "rw" + "auto" + "nfsvers=4.2" + "rsize=1048576" "wsize=1048576" + "hard" + "timeo=600" "retrans=2" + "_netdev" "nosuid" "tcp" + ]; + }; + "/srv/prowlarr-backup" = lib.mkIf cfg.prowlarr.enable { device = "192.168.0.11:/mnt/BIG/BACKUP/PROWLARR"; fsType = "nfs"; @@ -178,6 +153,7 @@ in { description = "Create Docker network for ${networkName}"; requiredBy = [ "docker-bazarr.service" + "docker-lidarr.service" "docker-prowlarr.service" "docker-qbittorrent.service" "docker-radarr.service" @@ -203,6 +179,13 @@ in { home = "/var/empty"; shell = null; }; + lidarr = lib.mkIf cfg.lidarr.enable { + uid = lib.mkForce 3002; + isSystemUser = true; + group = config.users.groups.media.name; + home = "/var/empty"; + shell = null; + }; prowlarr = lib.mkIf cfg.prowlarr.enable { uid = lib.mkForce 3004; isSystemUser = true; @@ -245,9 +228,10 @@ in { hostname = "bazarr"; image = "ghcr.io/hotio/bazarr:release-1.4.4"; autoStart = true; - ports = lib.mkIf cfg.bazarr.exposePorts [ - "${toString port}:${toString port}/tcp" - "${toString port}:${toString port}/udp" + ports = [ + # Open ports if you don't use Traefik + # "${toString port}:${toString port}/tcp" + # "${toString port}:${toString port}/udp" ]; extraOptions = [ "--network=${networkName}" @@ -275,14 +259,48 @@ in { }; }; + lidarr = let + port = 8686; + in lib.mkIf cfg.lidarr.enable { + hostname = "lidarr"; + image = "ghcr.io/hotio/lidarr:release-2.5.3.4341"; + autoStart = true; + ports = [ + # Open ports if you don't use Traefik + # "${toString port}:${toString port}/tcp" + ]; + extraOptions = [ + "--network=${networkName}" + "--network=${proxyNet}" + ]; + environment = { + PUID = toString config.users.users.lidarr.uid; + inherit PGID UMASK; + TZ = config.time.timeZone; + }; + volumes = [ + "lidarr-config:/config" + + # TODO Fix path + "/srv/lidarr-backup:/media/Backups" + ]; + labels = { + "traefik.enable" = "true"; + "traefik.docker.network" = proxyNet; + "traefik.http.routers.lidarr.rule" = "Host(`lidarr.depeuter.dev`)"; + "traefik.http.services.lidarr.loadbalancer.server.port" = toString port; + }; + }; + prowlarr = let port = 9696; in lib.mkIf cfg.prowlarr.enable { hostname = "prowlarr"; image = "ghcr.io/hotio/prowlarr:release-1.23.1.4708"; autoStart = true; - ports = lib.mkIf cfg.prowlarr.exposePorts [ - "${toString port}:${toString port}/tcp" + ports = [ + # Open ports if you don't use Traefik + # "${toString port}:${toString port}/tcp" ]; extraOptions = [ "--network=${networkName}" @@ -312,9 +330,10 @@ in { hostname = "qbittorrent"; image = "ghcr.io/hotio/qbittorrent:release-4.6.7"; autoStart = true; - ports = lib.mkIf cfg.qbittorrent.exposePorts [ - "${toString port}:${toString port}/tcp" - "${toString port}:${toString port}/udp" + ports = [ + # Open ports if you don't use Traefik + # "${toString port}:${toString port}/tcp" + # "${toString port}:${toString port}/udp" ]; extraOptions = [ "--network=${networkName}" @@ -345,8 +364,9 @@ in { hostname = "radarr"; image = "ghcr.io/hotio/radarr:release-5.9.1.9070"; autoStart = true; - ports = lib.mkIf cfg.radarr.exposePorts [ - "${toString port}:${toString port}/tcp" + ports = [ + # Open ports if you don't use Traefik + # "${toString port}:${toString port}/tcp" ]; extraOptions = [ "--network=${networkName}" @@ -379,8 +399,9 @@ in { hostname = "sonarr"; image = "ghcr.io/hotio/sonarr:release-4.0.9.2244"; autoStart = true; - ports = lib.mkIf cfg.sonarr.exposePorts [ - "${toString port}:${toString port}/tcp" + ports = [ + # Open ports if you don't use Traefik + # "${toString port}:${toString port}/tcp" ]; extraOptions = [ "--network=${networkName}" diff --git a/modules/apps/bind9/db.depeuter.dev b/modules/apps/bind9/db.depeuter.dev index 72f3825..fbd06c3 100644 --- a/modules/apps/bind9/db.depeuter.dev +++ b/modules/apps/bind9/db.depeuter.dev @@ -1,45 +1,16 @@ $TTL 604800 -@ IN SOA ns1 admin ( - 15 ; Serial - 604800 ; Refresh - 86400 ; Retry - 2419200 ; Expire - 604800 ) ; Negative Cache TTL +@ IN SOA ns1.depeuter.dev. admin.depeuter.dev. ( + 5 ; Serial + 604800 ; Refresh + 86400 ; Retry + 2419200 ; Expire + 604800 ) ; Negative Cache TTL -; Name servers - NS records - IN NS ns1 -; IN NS ns2 +; name servers - NS records + IN NS ns1.depeuter.dev. +; IN NS ns2.depeuter.dev. -ns1 IN A 192.168.0.91 -;ns2 IN A 192.158.0.X +ns1.depeuter.dev. IN A 192.168.0.91 +;ns1.depeuter.dev. IN A 192.158.0.X -; Hostnames -hugo.kmtl IN A 192.168.0.11 - -ingress.kmtl IN A 192.168.0.10 -ingress.kmtl IN AAAA fe80::be24:11ff:fed6:842a - -; Core services -cloud IN A 192.168.0.10 -git IN A 78.23.37.117 -home IN A 192.168.0.10 -jelly IN CNAME ingress.kmtl -vault IN A 192.168.0.10 - -; Production VM -books IN A 192.168.0.31 -calibre IN A 192.168.0.31 - -; Production VM - Arr -bazarr IN A 192.168.0.33 -prowlarr IN A 192.168.0.33 -qb IN A 192.168.0.33 -radarr IN A 192.168.0.33 -sonarr IN A 192.168.0.33 - -; Development VM -plex IN A 192.168.0.91 - -; Catchalls -*.production IN A 192.168.0.31 -*.development IN A 192.168.0.91 +hugo.depeuter.dev. IN A 192.168.0.11