2
2
mirror of https://git.feal.no/felixalb/nixos-config.git synced 2024-12-22 04:07:28 +01:00

Add jellyfin, move mountpoints

This commit is contained in:
Felix Albrigtsen 2023-04-17 02:23:56 +02:00
parent 7e4fcaf148
commit 017e8d418d
4 changed files with 114 additions and 11 deletions

View File

@ -6,11 +6,13 @@
../../base.nix
../../common/metrics-exporters.nix
./hardware-configuration.nix
./containers.nix
./vms.nix
./filesystems.nix
#./vms.nix
./services/nginx
./services/metrics
./services/flame.nix
./services/jellyfin.nix
# TODO:
# x Boot
# x Mount ZFS
@ -18,20 +20,14 @@
# x Podman
# x Flame
# - Transmission
# - Jellyfin
# x Jellyfin
# x NFS imports
# - NFS exports
# - FreeBSD VM
# - Kali VM
# - Kerberos / IPA
];
boot = {
zfs.extraPools = [ "tank" ];
supportedFilesystems = [ "zfs" ];
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
};
services.zfs.autoScrub.enable = true;
networking = {
hostName = "voyager";
defaultGateway = "192.168.10.1";
@ -83,7 +79,8 @@
}
)
zfs
];
screen
];
networking.firewall.allowedTCPPorts = [ 22 ];

View File

@ -0,0 +1,47 @@
{ config, pkgs, lib, ... }:
{
# Boot drives are defined in ./hardware-configuration.nix
environment.systemPackages = with pkgs; [ cifs-utils ];
# Local zfs
boot = {
zfs.extraPools = [ "tank" ];
supportedFilesystems = [ "zfs" ];
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
};
services.zfs.autoScrub.enable = true;
# Network mounts (import)
fileSystems = {
"/mnt/feal-syn1/media" = {
device = "feal-syn1.home.feal.no:/volume2/media";
fsType = "nfs";
options = [ "vers=3" ];
#options = [ "x-systemd.automount" "noauto" ];
};
#"/mnt/feal-syn1/netbackup" = {
# device = "feal-syn1.home.feal.no:/volume2/NetBackup";
# fsType = "nfs";
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
#};
#"/mnt/feal-syn1/nfs_proxmox" = {
# device = "feal-syn1.home.feal.no:/volume2/nfs_proxmox";
# fsType = "nfs";
# options = [ "vers=3" "x-systemd.automount" "noauto" ];
#};
"/mnt/feal-syn1/nfs_proxmox" = {
device = "//feal-syn1.home.feal.no/nfs_proxmox";
fsType = "cifs";
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
in ["${automount_opts},credentials=/etc/feal-syn1-credentials"];
};
};
# Network mounts (export)
}

View File

@ -0,0 +1,59 @@
{ config, pkgs, lib, ... }:
let
domainName = "jellyfin.home.feal.no";
in {
# Jellyfin - Media Streaming platform
services.jellyfin.enable = true;
networking.firewall.allowedTCPPorts = [ 8096 ];
services.nginx.virtualHosts."${domainName}" = {
extraConfig = ''
#add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
location = / {
return 302 http://$host/web/;
#return 302 https://$host/web/;
}
location / {
# Proxy main Jellyfin traffic
proxy_pass http://127.0.0.1:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
# location block for /web - This is purely for aesthetics so /web/#!/ works instead of having to go to /web/index.html/#!/
location = /web/ {
# Proxy main Jellyfin traffic
proxy_pass http://127.0.0.1:8096/web/index.html;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://127.0.0.1:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
'';
};
}