Compare commits
No commits in common. "74e4e8dcd6e76cbbcc77dd542319d2882e5f9661" and "a7f56a7cf73b7a3c8f385e983b6d6af25ae702db" have entirely different histories.
74e4e8dcd6
...
a7f56a7cf7
5 changed files with 95 additions and 152 deletions
|
|
@ -41,7 +41,6 @@
|
||||||
Binnenpost.modules = [ ./hosts/Binnenpost ];
|
Binnenpost.modules = [ ./hosts/Binnenpost ];
|
||||||
Production.modules = [ ./hosts/Production ];
|
Production.modules = [ ./hosts/Production ];
|
||||||
ProductionGPU.modules = [ ./hosts/ProductionGPU ];
|
ProductionGPU.modules = [ ./hosts/ProductionGPU ];
|
||||||
ProductionArr.modules = [ ./hosts/ProductionArr ];
|
|
||||||
ACE.modules = [ ./hosts/ACE ];
|
ACE.modules = [ ./hosts/ACE ];
|
||||||
|
|
||||||
Template.modules = [ ./hosts/Template ];
|
Template.modules = [ ./hosts/Template ];
|
||||||
|
|
|
||||||
|
|
@ -4,9 +4,9 @@
|
||||||
config = {
|
config = {
|
||||||
homelab = {
|
homelab = {
|
||||||
apps = {
|
apps = {
|
||||||
bind9.enable = true;
|
arr = {
|
||||||
traefik.enable = true;
|
qbittorrent.enable = true;
|
||||||
plex.enable = true;
|
};
|
||||||
};
|
};
|
||||||
virtualisation.guest.enable = true;
|
virtualisation.guest.enable = true;
|
||||||
};
|
};
|
||||||
|
|
|
||||||
|
|
@ -1,48 +0,0 @@
|
||||||
{ config, pkgs, lib, system, ... }:
|
|
||||||
|
|
||||||
{
|
|
||||||
config = {
|
|
||||||
homelab = {
|
|
||||||
apps = {
|
|
||||||
arr.enable = true;
|
|
||||||
traefik.enable = true;
|
|
||||||
};
|
|
||||||
virtualisation.guest.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostId = "aaaa2300";
|
|
||||||
domain = "roxanne.depeuter.dev";
|
|
||||||
|
|
||||||
useDHCP = false;
|
|
||||||
|
|
||||||
enableIPv6 = true;
|
|
||||||
|
|
||||||
defaultGateway = {
|
|
||||||
address = "192.168.0.1";
|
|
||||||
interface = "ens18";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Open ports in the firewall.
|
|
||||||
firewall = {
|
|
||||||
enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
interfaces.ens18 = {
|
|
||||||
ipv4.addresses = [
|
|
||||||
{
|
|
||||||
address = "192.168.0.33";
|
|
||||||
prefixLength = 24;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
nameservers = [
|
|
||||||
"1.1.1.1" # Cloudflare
|
|
||||||
"1.0.0.1" # Cloudflare
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
system.stateVersion = "24.05";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
@ -6,7 +6,7 @@ let
|
||||||
networkName = "arrStack";
|
networkName = "arrStack";
|
||||||
proxyNet = config.homelab.apps.traefik.sharedNetworkName;
|
proxyNet = config.homelab.apps.traefik.sharedNetworkName;
|
||||||
|
|
||||||
appNames = [ "bazarr" "prowlarr" "qbittorrent" "radarr" "sonarr" ];
|
appNames = [ "bazarr" "lidarr" "prowlarr" "qbittorrent" "radarr" "sonarr" ];
|
||||||
inUse = builtins.any (app: cfg.${app}.enable) appNames;
|
inUse = builtins.any (app: cfg.${app}.enable) appNames;
|
||||||
|
|
||||||
PGID = toString config.users.groups.media.gid;
|
PGID = toString config.users.groups.media.gid;
|
||||||
|
|
@ -14,53 +14,13 @@ let
|
||||||
in {
|
in {
|
||||||
options.homelab.apps.arr = {
|
options.homelab.apps.arr = {
|
||||||
enable = lib.mkEnableOption "Arr Stack using Docker";
|
enable = lib.mkEnableOption "Arr Stack using Docker";
|
||||||
exposePorts = lib.mkOption {
|
|
||||||
type = lib.types.bool;
|
|
||||||
description = "Expose all app ports";
|
|
||||||
# Only expose ports by default if Traefik is not in use.
|
|
||||||
default = ! config.homelab.apps.traefik.enable;
|
|
||||||
};
|
|
||||||
|
|
||||||
bazarr = {
|
bazarr.enable = lib.mkEnableOption "Bazarr using Docker";
|
||||||
enable = lib.mkEnableOption "Bazarr using Docker";
|
lidarr.enable = lib.mkEnableOption "Lidarr using Docker";
|
||||||
exposePorts = lib.mkOption {
|
prowlarr.enable = lib.mkEnableOption "Prowlarr using Docker";
|
||||||
type = lib.types.bool;
|
qbittorrent.enable = lib.mkEnableOption "qBittorrent using Docker";
|
||||||
description = "Expose Bazarr port";
|
radarr.enable = lib.mkEnableOption "Radarr using Docker";
|
||||||
default = cfg.exposePorts;
|
sonarr.enable = lib.mkEnableOption "Sonarr using Docker";
|
||||||
};
|
|
||||||
};
|
|
||||||
prowlarr = {
|
|
||||||
enable = lib.mkEnableOption "Prowlarr using Docker";
|
|
||||||
exposePorts = lib.mkOption {
|
|
||||||
type = lib.types.bool;
|
|
||||||
description = "Expose Prowlarr port";
|
|
||||||
default = cfg.exposePorts;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
qbittorrent = {
|
|
||||||
enable = lib.mkEnableOption "qBittorrent using Docker";
|
|
||||||
exposePorts = lib.mkOption {
|
|
||||||
type = lib.types.bool;
|
|
||||||
description = "Expose qBittorrent port";
|
|
||||||
default = cfg.exposePorts;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
radarr = {
|
|
||||||
enable = lib.mkEnableOption "Radarr using Docker";
|
|
||||||
exposePorts = lib.mkOption {
|
|
||||||
type = lib.types.bool;
|
|
||||||
description = "Expose Radarr port";
|
|
||||||
default = cfg.exposePorts;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
sonarr = {
|
|
||||||
enable = lib.mkEnableOption "Sonarr using Docker";
|
|
||||||
exposePorts = lib.mkOption {
|
|
||||||
type = lib.types.bool;
|
|
||||||
description = "Expose Sonarr port";
|
|
||||||
default = cfg.exposePorts;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = {
|
config = {
|
||||||
|
|
@ -73,6 +33,7 @@ in {
|
||||||
# "Master switch": Enable all apps.
|
# "Master switch": Enable all apps.
|
||||||
apps.arr = lib.mkIf cfg.enable {
|
apps.arr = lib.mkIf cfg.enable {
|
||||||
bazarr.enable = true;
|
bazarr.enable = true;
|
||||||
|
lidarr.enable = true;
|
||||||
prowlarr.enable = true;
|
prowlarr.enable = true;
|
||||||
qbittorrent.enable = true;
|
qbittorrent.enable = true;
|
||||||
radarr.enable = true;
|
radarr.enable = true;
|
||||||
|
|
@ -102,6 +63,20 @@ in {
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
"/srv/lidarr-backup" = lib.mkIf cfg.lidarr.enable {
|
||||||
|
device = "192.168.0.11:/mnt/BIG/BACKUP/LIDARR";
|
||||||
|
fsType = "nfs";
|
||||||
|
options = [
|
||||||
|
"rw"
|
||||||
|
"auto"
|
||||||
|
"nfsvers=4.2"
|
||||||
|
"rsize=1048576" "wsize=1048576"
|
||||||
|
"hard"
|
||||||
|
"timeo=600" "retrans=2"
|
||||||
|
"_netdev" "nosuid" "tcp"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
"/srv/prowlarr-backup" = lib.mkIf cfg.prowlarr.enable {
|
"/srv/prowlarr-backup" = lib.mkIf cfg.prowlarr.enable {
|
||||||
device = "192.168.0.11:/mnt/BIG/BACKUP/PROWLARR";
|
device = "192.168.0.11:/mnt/BIG/BACKUP/PROWLARR";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
|
|
@ -178,6 +153,7 @@ in {
|
||||||
description = "Create Docker network for ${networkName}";
|
description = "Create Docker network for ${networkName}";
|
||||||
requiredBy = [
|
requiredBy = [
|
||||||
"docker-bazarr.service"
|
"docker-bazarr.service"
|
||||||
|
"docker-lidarr.service"
|
||||||
"docker-prowlarr.service"
|
"docker-prowlarr.service"
|
||||||
"docker-qbittorrent.service"
|
"docker-qbittorrent.service"
|
||||||
"docker-radarr.service"
|
"docker-radarr.service"
|
||||||
|
|
@ -203,6 +179,13 @@ in {
|
||||||
home = "/var/empty";
|
home = "/var/empty";
|
||||||
shell = null;
|
shell = null;
|
||||||
};
|
};
|
||||||
|
lidarr = lib.mkIf cfg.lidarr.enable {
|
||||||
|
uid = lib.mkForce 3002;
|
||||||
|
isSystemUser = true;
|
||||||
|
group = config.users.groups.media.name;
|
||||||
|
home = "/var/empty";
|
||||||
|
shell = null;
|
||||||
|
};
|
||||||
prowlarr = lib.mkIf cfg.prowlarr.enable {
|
prowlarr = lib.mkIf cfg.prowlarr.enable {
|
||||||
uid = lib.mkForce 3004;
|
uid = lib.mkForce 3004;
|
||||||
isSystemUser = true;
|
isSystemUser = true;
|
||||||
|
|
@ -245,9 +228,10 @@ in {
|
||||||
hostname = "bazarr";
|
hostname = "bazarr";
|
||||||
image = "ghcr.io/hotio/bazarr:release-1.4.4";
|
image = "ghcr.io/hotio/bazarr:release-1.4.4";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ports = lib.mkIf cfg.bazarr.exposePorts [
|
ports = [
|
||||||
"${toString port}:${toString port}/tcp"
|
# Open ports if you don't use Traefik
|
||||||
"${toString port}:${toString port}/udp"
|
# "${toString port}:${toString port}/tcp"
|
||||||
|
# "${toString port}:${toString port}/udp"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=${networkName}"
|
"--network=${networkName}"
|
||||||
|
|
@ -275,14 +259,48 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
lidarr = let
|
||||||
|
port = 8686;
|
||||||
|
in lib.mkIf cfg.lidarr.enable {
|
||||||
|
hostname = "lidarr";
|
||||||
|
image = "ghcr.io/hotio/lidarr:release-2.5.3.4341";
|
||||||
|
autoStart = true;
|
||||||
|
ports = [
|
||||||
|
# Open ports if you don't use Traefik
|
||||||
|
# "${toString port}:${toString port}/tcp"
|
||||||
|
];
|
||||||
|
extraOptions = [
|
||||||
|
"--network=${networkName}"
|
||||||
|
"--network=${proxyNet}"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
PUID = toString config.users.users.lidarr.uid;
|
||||||
|
inherit PGID UMASK;
|
||||||
|
TZ = config.time.timeZone;
|
||||||
|
};
|
||||||
|
volumes = [
|
||||||
|
"lidarr-config:/config"
|
||||||
|
|
||||||
|
# TODO Fix path
|
||||||
|
"/srv/lidarr-backup:/media/Backups"
|
||||||
|
];
|
||||||
|
labels = {
|
||||||
|
"traefik.enable" = "true";
|
||||||
|
"traefik.docker.network" = proxyNet;
|
||||||
|
"traefik.http.routers.lidarr.rule" = "Host(`lidarr.depeuter.dev`)";
|
||||||
|
"traefik.http.services.lidarr.loadbalancer.server.port" = toString port;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
prowlarr = let
|
prowlarr = let
|
||||||
port = 9696;
|
port = 9696;
|
||||||
in lib.mkIf cfg.prowlarr.enable {
|
in lib.mkIf cfg.prowlarr.enable {
|
||||||
hostname = "prowlarr";
|
hostname = "prowlarr";
|
||||||
image = "ghcr.io/hotio/prowlarr:release-1.23.1.4708";
|
image = "ghcr.io/hotio/prowlarr:release-1.23.1.4708";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ports = lib.mkIf cfg.prowlarr.exposePorts [
|
ports = [
|
||||||
"${toString port}:${toString port}/tcp"
|
# Open ports if you don't use Traefik
|
||||||
|
# "${toString port}:${toString port}/tcp"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=${networkName}"
|
"--network=${networkName}"
|
||||||
|
|
@ -312,9 +330,10 @@ in {
|
||||||
hostname = "qbittorrent";
|
hostname = "qbittorrent";
|
||||||
image = "ghcr.io/hotio/qbittorrent:release-4.6.7";
|
image = "ghcr.io/hotio/qbittorrent:release-4.6.7";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ports = lib.mkIf cfg.qbittorrent.exposePorts [
|
ports = [
|
||||||
"${toString port}:${toString port}/tcp"
|
# Open ports if you don't use Traefik
|
||||||
"${toString port}:${toString port}/udp"
|
# "${toString port}:${toString port}/tcp"
|
||||||
|
# "${toString port}:${toString port}/udp"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=${networkName}"
|
"--network=${networkName}"
|
||||||
|
|
@ -345,8 +364,9 @@ in {
|
||||||
hostname = "radarr";
|
hostname = "radarr";
|
||||||
image = "ghcr.io/hotio/radarr:release-5.9.1.9070";
|
image = "ghcr.io/hotio/radarr:release-5.9.1.9070";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ports = lib.mkIf cfg.radarr.exposePorts [
|
ports = [
|
||||||
"${toString port}:${toString port}/tcp"
|
# Open ports if you don't use Traefik
|
||||||
|
# "${toString port}:${toString port}/tcp"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=${networkName}"
|
"--network=${networkName}"
|
||||||
|
|
@ -379,8 +399,9 @@ in {
|
||||||
hostname = "sonarr";
|
hostname = "sonarr";
|
||||||
image = "ghcr.io/hotio/sonarr:release-4.0.9.2244";
|
image = "ghcr.io/hotio/sonarr:release-4.0.9.2244";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ports = lib.mkIf cfg.sonarr.exposePorts [
|
ports = [
|
||||||
"${toString port}:${toString port}/tcp"
|
# Open ports if you don't use Traefik
|
||||||
|
# "${toString port}:${toString port}/tcp"
|
||||||
];
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--network=${networkName}"
|
"--network=${networkName}"
|
||||||
|
|
|
||||||
|
|
@ -1,45 +1,16 @@
|
||||||
$TTL 604800
|
$TTL 604800
|
||||||
@ IN SOA ns1 admin (
|
@ IN SOA ns1.depeuter.dev. admin.depeuter.dev. (
|
||||||
15 ; Serial
|
5 ; Serial
|
||||||
604800 ; Refresh
|
604800 ; Refresh
|
||||||
86400 ; Retry
|
86400 ; Retry
|
||||||
2419200 ; Expire
|
2419200 ; Expire
|
||||||
604800 ) ; Negative Cache TTL
|
604800 ) ; Negative Cache TTL
|
||||||
|
|
||||||
; Name servers - NS records
|
; name servers - NS records
|
||||||
IN NS ns1
|
IN NS ns1.depeuter.dev.
|
||||||
; IN NS ns2
|
; IN NS ns2.depeuter.dev.
|
||||||
|
|
||||||
ns1 IN A 192.168.0.91
|
ns1.depeuter.dev. IN A 192.168.0.91
|
||||||
;ns2 IN A 192.158.0.X
|
;ns1.depeuter.dev. IN A 192.158.0.X
|
||||||
|
|
||||||
; Hostnames
|
hugo.depeuter.dev. IN A 192.168.0.11
|
||||||
hugo.kmtl IN A 192.168.0.11
|
|
||||||
|
|
||||||
ingress.kmtl IN A 192.168.0.10
|
|
||||||
ingress.kmtl IN AAAA fe80::be24:11ff:fed6:842a
|
|
||||||
|
|
||||||
; Core services
|
|
||||||
cloud IN A 192.168.0.10
|
|
||||||
git IN A 78.23.37.117
|
|
||||||
home IN A 192.168.0.10
|
|
||||||
jelly IN CNAME ingress.kmtl
|
|
||||||
vault IN A 192.168.0.10
|
|
||||||
|
|
||||||
; Production VM
|
|
||||||
books IN A 192.168.0.31
|
|
||||||
calibre IN A 192.168.0.31
|
|
||||||
|
|
||||||
; Production VM - Arr
|
|
||||||
bazarr IN A 192.168.0.33
|
|
||||||
prowlarr IN A 192.168.0.33
|
|
||||||
qb IN A 192.168.0.33
|
|
||||||
radarr IN A 192.168.0.33
|
|
||||||
sonarr IN A 192.168.0.33
|
|
||||||
|
|
||||||
; Development VM
|
|
||||||
plex IN A 192.168.0.91
|
|
||||||
|
|
||||||
; Catchalls
|
|
||||||
*.production IN A 192.168.0.31
|
|
||||||
*.development IN A 192.168.0.91
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue