splitted apps + rewrote everything from scratch

features/arr-suite.nix

@@ -0,0 +1,36 @@
+{ pkgs }:
+{
+  services.sonarr = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.radarr = {
+    enable = true;
+    group = "multimedia";
+    openFirewall = true;
+  };
+
+  services.readarr = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.prowlarr = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.jellyseerr = {
+    openFirewall = true;
+    enable = true;
+  };
+
+  systemd.services.sonarrAnime = {
+    enable = true;
+    path = [ pkgs.sonarr ];
+    serviceConfig = {
+      ExecStart = "Sonarr -nobrowser -data=/var/lib/sonarrAnime";
+    };
+  };
+}

features/authentik.nix

@@ -0,0 +1,32 @@
+{ config, ... }:
+let
+  authentik-version = "2024.6.1";
+  authentik-nix-src = builtins.fetchTarball {
+    url = "https://github.com/nix-community/authentik-nix/archive/version/${authentik-version}.tar.gz";
+    sha256 = "15b9a2csd2m3vwhj3xc24nrqnj1hal60jrd69splln0ynbnd9ki4";
+  };
+  authentik-nix = import authentik-nix-src;
+in
+{
+
+  imports = [ authentik-nix.nixosModules.default ];
+
+  sops.secrets."authentik" = {
+    sopsFile = ./secrets/authentik.env;
+    format = "dotenv";
+  };
+
+  services.authentik = {
+    enable = true;
+    environmentFile = config.sops.secrets."authentik".path;
+    settings = {
+      email = {
+
+      };
+
+      disable_startup_analytics = true;
+
+      avatars = "initials";
+    };
+  };
+}

features/containers.nix

@@ -0,0 +1,36 @@
+{ ... }:
+
+{
+  # docker containers, for apps that aren't avaiable on Nix.  (yet)
+  virtualisation.oci-containers = {
+    backend = "docker";
+    containers = {
+      flaresolverr = {
+        ports = [ "8191:8191" ];
+        image = "ghcr.io/flaresolverr/flaresolverr:latest";
+        environment = {
+          "LOG_LEVEL" = "info";
+        };
+      };
+      crafty-controller = {
+        image = "registry.gitlab.com/crafty-controller/crafty-4:latest";
+        ports = [
+          "8443:8443"
+          "8123:8123"
+          "19132:19132/udp"
+          "25500-25600:25500-25600"
+        ];
+        volumes = [
+          "./docker/backups:/crafty/backups"
+          "./docker/logs:/crafty/logs"
+          "./docker/servers:/crafty/servers"
+          "./docker/config:/crafty/app/config"
+          "./docker/import:/crafty/import"
+        ];
+        environment = {
+          "TZ" = "Europe/Paris";
+        };
+      };
+    };
+  };
+}

features/homelab-dashboard.nix

@@ -0,0 +1,121 @@
+{config, lib, pkgs, ...}:
+
+{
+  services.homepage-dashboard = {
+    enable = true;
+    settings = {
+      "headerStyle" = "boxed";
+      "language" = "fr";
+    };
+    services = [
+      {
+        "Divertissement" = [
+          {
+            "Jellyfin" = {
+              icon = "jellyfin";
+              description = "Permet de regarder ou écouter du contenu.";
+              href = "http://${ip}:8096/";
+            };
+          }
+          {
+            "Calibre-web" = {
+              icon = "calibre";
+              description = "Serveur de livres";
+              href = "http://${ip}:8083";
+            };
+          }
+        ];
+      }
+      {
+        "Téléchargement" = [
+          {
+            "Jellyseerr" = {
+              icon = "jellyseerr";
+              description = "Moteur de recherche de films/séries";
+              href = "http://${ip}:5055";
+            };
+          }
+          {
+            "slskd" = {
+              icon = "slskd";
+              description = "Pour télécharger/partager de la musique";
+              href = "http://${ip}:5030";
+            };
+          }
+          {
+            "Readarr" = {
+              icon = "readarr";
+              description = "Moteur de recherche de livres";
+              href = "http://${ip}:8787/";
+            };
+          }
+          {
+            "Prowlarr" = {
+              icon = "prowlarr";
+              description = "Indexe les différents sites de téléchargement";
+              href = "http://${ip}:9696/";
+            };
+          }
+          {
+
+            "Sonarr" = {
+              icon = "sonarr";
+              description = "Moteur de recherche pour les séries";
+              href = "http://${ip}:8989";
+            };
+          }
+          {
+            "Radarr" = {
+              icon = "radarr";
+              description = "Moteur de recherche pour les films";
+              href = "http://${ip}:7878";
+            };
+          }
+          {
+
+            "Transmission" = {
+              icon = "transmission";
+              description = "s'occupe du téléchargement des fichiers";
+              href = "http://${ip}:9091";
+            };
+          }
+        ];
+      }
+      {
+        "Utilitaires" = [
+          {
+            "Photoprism" = {
+              icon = "photoprism";
+              description = "Sauvegarde de photos";
+              href = "http://${ip}:2342";
+            };
+
+          }
+	  {
+	    "Searx" = {
+              icon = "searx";
+	      description = "Moteur de recherche privé pour remplacer Google.";
+	      href = "http://${ip}:8080";
+	    };
+	  }
+        ];
+      }
+      {
+         "Administration" = [
+           {
+	     "Proxmox Backup Server" = {
+               description = "Permet de sauvegarder le serveur."
+	     };
+
+	   }
+	   {
+
+	     "Proxmox VE" = {};
+	   }
+	 ];
+      }
+    ];
+
+  };
+
+}

features/samba-shares.nix

@@ -0,0 +1,35 @@
+{ username, driveMountPoint }:
+
+{
+  # enable samba
+  services.samba = {
+    enable = true;
+    securityType = "user";
+    openFirewall = true;
+    extraConfig = ''
+      workgroup = WORKGROUP
+      server string = hyperserver
+      netbios name = hyperserver
+      security = user
+    '';
+    shares = {
+      music = {
+        path = "${driveMountPoint}/Music";
+        browseable = "yes";
+        "read only" = "no";
+        "create mask" = "0644";
+        "directory mask" = "0755";
+        "force user" = username;
+      };
+      ebooks = {
+        path = "${driveMountPoint}/Ebooks";
+        browseable = "yes";
+        "read only" = "no";
+        "create mask" = "0644";
+        "directory mask" = "0755";
+        "force user" = username;
+      };
+    };
+  };
+
+}

features/slskd.nix

@@ -0,0 +1,30 @@
+{ config, lib }:
+with lib;
+
+let
+  cfg = config.slskd;
+in
+{
+  options = {
+    slskd.directory = mkOption { type = types.str; };
+  };
+  config = {
+
+    sops.secrets."slskd" = {
+      sopsFile = ./secrets/slskd.env;
+      format = "dotenv";
+    };
+    services.slskd = {
+      enable = true;
+      openFirewall = true;
+      environmentFile = config.sops.secrets."slskd".path;
+      domain = null;
+      settings = {
+        shares.directories = [ "${cfg.slskd.directory}/Music" ];
+        soulseek.description = "i luv katz n mewsik";
+        directories.files.downloads = "${cfg.slskd.directory}/Music/clean";
+        directories.files.incomplete = "${cfg.slskd.directory}/Music/incomplete";
+      };
+    };
+  };
+}

features/transmission.nix

@@ -0,0 +1,33 @@
+{ config, lib, ... }:
+with lib;
+
+let
+  cfg = config.transmission;
+in
+{
+  options.transmission = {
+    directory = mkOption { type = lib.types.str; };
+  };
+
+  config = {
+    sops.secrets."transmission" = {
+      sopsFile = ./secrets/transmission.json;
+      path = "/var/lib/secrets/transmission/settings.json";
+    };
+
+    # torrenting apps
+    services.transmission = {
+      enable = true;
+      openFirewall = true;
+      openRPCPort = true;
+      credentialsFile = config.sops.secrets."transmission".path;
+      settings = {
+        rpc-bind-address = "0.0.0.0";
+        rpc-whitelist-enabled = false;
+        rpc-authentication-required = true;
+        download-dir = "${cfg.directory}/Torrents";
+        ratio-limit-enabled = true;
+      };
+    };
+  };
+}