features/shared/ssh.nix

@@ -8,14 +8,4 @@
       PermitRootLogin = "no";
     };
   };
-
-  services.fail2ban.jails.sshd.settings = {
-    ssh = ''
-    enabled = true
-    port = ssh
-    filter = sshd
-    logpath = %(sshd_log)s
-    maxretry = 5
-    '';
-  };
 }

hosts/sisyphe/configuration.nix

@@ -142,11 +142,6 @@ in
     "dotnet-sdk-wrapped-6.0.428"
   ];
 
-  # seems like sabnzbd needs some unfree pkgs...
-  nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
-    "unrar"
-  ];
-
 
   # This option defines the first version of NixOS you have installed on this particular machine,
   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.

hosts/sisyphe/features/fail2ban.nix

@@ -4,25 +4,6 @@
     enable = true;
     ignoreIP = [ "192.168.1.0/24" ];
     extraPackages = [ ];
-    jails = {
-      nextcloud = ''
-        enabled = true;
-        filter = nextcloud
-        port = http,https
-      '';
-     };
+    jails = { };
   };
-
-  environment.etc = {
-      "fail2ban/filter.d/nextcloud.conf".text = ''
-        [Definition]
-        _groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
-        datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
-        failregex = ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
-                    ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
-                    ^[^{]*\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Two-factor challenge failed:
-        journalmatch = _SYSTEMD_UNIT=phpfpm-nextcloud.service
-      '';
-    };
-
 }

hosts/sisyphe/features/multimedia/default.nix

@@ -3,7 +3,6 @@
     ./arr-suite.nix
     ./calibre-web.nix
     ./slskd.nix
-    ./sabnzbd.nix
     ./transmission.nix
     ./jellyfin.nix
   ];

hosts/sisyphe/features/multimedia/sabnzbd.nix

@@ -1,18 +0,0 @@
-{config, pkgs, ...}:
-{
-  services.sabnzbd = {
-    enable = true;
-
-  };
-
-  services.caddy.virtualHosts."http://sabnzbd.normandy.sisyphe.hypervirtual.world".extraConfig = ''
-  reverse_proxy 8080
-  ''; 
-/*
-  services.prometheus.exporters.sabnzbd = {
-    enable = true;
-    servers = [
-      localhost
-    ]
-  };*/
-}

hosts/sisyphe/features/samba-shares.nix

@@ -16,6 +16,7 @@ in
   config = {
     services.samba = {
       enable = true;
+      securityType = "user";
       openFirewall = true;
       settings = {
         global = {

hosts/sisyphe/features/services/nextcloud.nix

@@ -25,7 +25,6 @@
     database.createLocally = true;
     webserver = "caddy";
     configureRedis = true;
-    package = pkgs.nextcloud30;
     config = {
       dbtype = "pgsql";
       adminpassFile = config.sops.secrets.adminNextcloudPass.path;
@@ -63,9 +62,37 @@
     ];
 
     phpOptions."opcache.interned_strings_buffer" = "23";
+    extraApps = {
+      inherit (config.services.nextcloud.package.packages.apps)
+        contacts
+        calendar
+        previewgenerator
+        twofactor_nextcloud_notification
+        ;
+
+      memories = pkgs.fetchNextcloudApp {
+        sha256 = "sha256-tzxeffvwMwthvBRG+/cLCXZkVS32rlf5v7XOKTbGoOo=";
+        url = "https://github.com/pulsejet/memories/releases/download/v7.3.1/memories.tar.gz";
+        license = "agpl3Only";
+      };
+      /*
+        not useful for me
+           registration = pkgs.fetchNextcloudApp {
+             sha256 = "sha256-dDaQHyHdkkd8ZammLdck2HNGqqfEaunwevdPzbWzB8Y=";
+             url = "https://github.com/nextcloud-releases/registration/releases/download/v2.4.0/registration-v2.4.0.tar.gz";
+             license = "agpl3Only";
+           };
+      */
+      facerecognition = pkgs.fetchNextcloudApp {
+        sha256 = "sha256-FtYItN0Iy2QpSNf0GPs7fIPYgBdEuKHJGwZ7GQNySZE=";
+        url = "https://github.com/matiasdelellis/facerecognition/releases/download/v0.9.60/facerecognition.tar.gz";
+        license = "agpl3Only";
+      };
+
+    };
+    extraAppsEnable = true;
     appstoreEnable = true; # why i would want appstore to be disabled ???
     autoUpdateApps.enable = true;
-    cli.memoryLimit = "4G";
   };
 
   environment.systemPackages =