mirror of
https://git.feal.no/felixalb/nixos-config.git
synced 2024-12-22 04:07:28 +01:00
Add jellyfin, move mountpoints
This commit is contained in:
parent
7e4fcaf148
commit
017e8d418d
@ -6,11 +6,13 @@
|
||||
../../base.nix
|
||||
../../common/metrics-exporters.nix
|
||||
./hardware-configuration.nix
|
||||
./containers.nix
|
||||
./vms.nix
|
||||
./filesystems.nix
|
||||
#./vms.nix
|
||||
|
||||
./services/nginx
|
||||
./services/metrics
|
||||
./services/flame.nix
|
||||
./services/jellyfin.nix
|
||||
# TODO:
|
||||
# x Boot
|
||||
# x Mount ZFS
|
||||
@ -18,20 +20,14 @@
|
||||
# x Podman
|
||||
# x Flame
|
||||
# - Transmission
|
||||
# - Jellyfin
|
||||
# x Jellyfin
|
||||
# x NFS imports
|
||||
# - NFS exports
|
||||
# - FreeBSD VM
|
||||
# - Kali VM
|
||||
# - Kerberos / IPA
|
||||
];
|
||||
|
||||
boot = {
|
||||
zfs.extraPools = [ "tank" ];
|
||||
supportedFilesystems = [ "zfs" ];
|
||||
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
};
|
||||
services.zfs.autoScrub.enable = true;
|
||||
|
||||
networking = {
|
||||
hostName = "voyager";
|
||||
defaultGateway = "192.168.10.1";
|
||||
@ -83,7 +79,8 @@
|
||||
}
|
||||
)
|
||||
zfs
|
||||
];
|
||||
screen
|
||||
];
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
|
||||
|
47
hosts/voyager/filesystems.nix
Normal file
47
hosts/voyager/filesystems.nix
Normal file
@ -0,0 +1,47 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
# Boot drives are defined in ./hardware-configuration.nix
|
||||
|
||||
environment.systemPackages = with pkgs; [ cifs-utils ];
|
||||
|
||||
# Local zfs
|
||||
boot = {
|
||||
zfs.extraPools = [ "tank" ];
|
||||
supportedFilesystems = [ "zfs" ];
|
||||
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
};
|
||||
services.zfs.autoScrub.enable = true;
|
||||
|
||||
# Network mounts (import)
|
||||
fileSystems = {
|
||||
"/mnt/feal-syn1/media" = {
|
||||
device = "feal-syn1.home.feal.no:/volume2/media";
|
||||
fsType = "nfs";
|
||||
options = [ "vers=3" ];
|
||||
#options = [ "x-systemd.automount" "noauto" ];
|
||||
};
|
||||
#"/mnt/feal-syn1/netbackup" = {
|
||||
# device = "feal-syn1.home.feal.no:/volume2/NetBackup";
|
||||
# fsType = "nfs";
|
||||
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
|
||||
#};
|
||||
#"/mnt/feal-syn1/nfs_proxmox" = {
|
||||
# device = "feal-syn1.home.feal.no:/volume2/nfs_proxmox";
|
||||
# fsType = "nfs";
|
||||
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
|
||||
#};
|
||||
|
||||
"/mnt/feal-syn1/nfs_proxmox" = {
|
||||
device = "//feal-syn1.home.feal.no/nfs_proxmox";
|
||||
fsType = "cifs";
|
||||
options = let
|
||||
# this line prevents hanging on network split
|
||||
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
|
||||
|
||||
in ["${automount_opts},credentials=/etc/feal-syn1-credentials"];
|
||||
};
|
||||
};
|
||||
|
||||
# Network mounts (export)
|
||||
|
||||
}
|
59
hosts/voyager/services/jellyfin.nix
Normal file
59
hosts/voyager/services/jellyfin.nix
Normal file
@ -0,0 +1,59 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
domainName = "jellyfin.home.feal.no";
|
||||
in {
|
||||
# Jellyfin - Media Streaming platform
|
||||
services.jellyfin.enable = true;
|
||||
|
||||
networking.firewall.allowedTCPPorts = [ 8096 ];
|
||||
|
||||
services.nginx.virtualHosts."${domainName}" = {
|
||||
extraConfig = ''
|
||||
#add_header X-Frame-Options "SAMEORIGIN";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
location = / {
|
||||
return 302 http://$host/web/;
|
||||
#return 302 https://$host/web/;
|
||||
}
|
||||
location / {
|
||||
# Proxy main Jellyfin traffic
|
||||
proxy_pass http://127.0.0.1:8096;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Protocol $scheme;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
|
||||
proxy_buffering off;
|
||||
}
|
||||
# location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
|
||||
location = /web/ {
|
||||
# Proxy main Jellyfin traffic
|
||||
proxy_pass http://127.0.0.1:8096/web/index.html;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Protocol $scheme;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
location /socket {
|
||||
# Proxy Jellyfin Websockets traffic
|
||||
proxy_pass http://127.0.0.1:8096;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Protocol $scheme;
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
}
|
||||
'';
|
||||
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user