remove some unused services/refactor

2024-10-15 06:27:48 +08:00 · 2024-10-15 06:27:48 +08:00 · 253cdf8ede
parent 7297d48f13
commit 253cdf8ede
17 changed files with 8 additions and 271 deletions
--- a/nixos/common/global/secrets/rekeyed/fuchsia/146f3229661998a1ca74449720287a7d-smb-secrets.age
+++ b/nixos/common/global/secrets/rekeyed/fuchsia/146f3229661998a1ca74449720287a7d-smb-secrets.age
@ -1,8 +0,0 @@
 age-encryption.org/v1
 -> ssh-ed25519 jVljVA ILfVChFf5s9U6CODItB/TqS1tUaAEeoLAGiNKPbDclU
 MCyVqjOPexZm+is5JWG5zfbS26nJj/Z4mk6SJDufBPM
 -> R<DEa-grease +b`?*<b*
 /5YP7TzDWxztiGzrMKkUYSBzX9wcz6HSR2mFNX0JmfaTVcnJFrl3KcqfJeNf/z1w
 JIBgF+2wzeD5I7PCcNjmHGn0f+W9kAImbw8
 --- LZwgwtMUkIk4l/juYhY0i7kNFurvMAgcjhrYX4PsSEE
 7c5ÌñÀîÝ{¶>Œ¤Æ¥ãÕ<C3A3>“II¥9ôsÆç~³a–{³ê'¥æ<5›|±o;_§*T³'|yí¿sÇvt(ÊXŠ_J.ø`£ŠÈr`“"ÜÙ|ª*‘Æ[ê
--- a/nixos/common/global/secrets/rekeyed/viridian/4108bf86376b696948d4139797cfc8ba-microbin.age
+++ b/nixos/common/global/secrets/rekeyed/viridian/4108bf86376b696948d4139797cfc8ba-microbin.age
--- a/nixos/viridian/configuration.nix
+++ b/nixos/viridian/configuration.nix
@ -6,32 +6,25 @@
    # Our user configuration and optional user units
    ../common/users/sajenim
    # Containers
    ./containers/jellyfin
    ./containers/jellyseerr
    ./containers/lidarr
    ./containers/mealie
    ./containers/microbin
    ./containers/prowlarr
    ./containers/qbittorrent
    ./containers/radarr
    ./containers/recyclarr
    ./containers/sonarr
    # Services
    ./services/borgbackup
    ./services/crowdsec
    ./services/forgejo
    ./services/grafana
    ./services/immich
    ./services/lighttpd
    ./services/minecraft
    ./services/mpd
    ./services/mysql
    ./services/paperless-ngx
    ./services/prometheus
    ./services/traefik
    # Multimedia
    ./multimedia/jellyfin
    ./multimedia/lidarr
    ./multimedia/prowlarr
    ./multimedia/qbittorrent
    ./multimedia/radarr
    ./multimedia/sonarr
    # Setup our hardware
    ./hardware-configuration.nix
  ];
--- a/nixos/viridian/containers/jellyseerr/default.nix
+++ b/nixos/viridian/containers/jellyseerr/default.nix
@ -1,43 +0,0 @@
 {...}: let
  port = "5055";
 in {
  virtualisation.oci-containers.containers = {
    # Request management
    jellyseerr = {
      autoStart = true;
      image = "ghcr.io/hotio/jellyseerr:release-1.9.2";
      ports = [
        "${port}:5055/tcp" # WebUI
      ];
      volumes = [
        "/srv/containers/jellyseerr:/config"
      ];
      environment = {
        PUID = "1000";
        PGID = "100";
      };
      extraOptions = [
        "--network=media-stack"
      ];
    };
  };
  services.traefik.dynamicConfigOptions.http.routers = {
    jellyseerr = {
      rule = "Host(`jellyseerr.kanto.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "internal"
      ];
      service = "jellyseerr";
    };
  };
  services.traefik.dynamicConfigOptions.http.services = {
    jellyseerr.loadBalancer.servers = [
      {url = "http://127.0.0.1:${port}";}
    ];
  };
 }
--- a/nixos/viridian/containers/mealie/default.nix
+++ b/nixos/viridian/containers/mealie/default.nix
@ -1,47 +0,0 @@
 {...}: let
  port = "9925";
 in {
  virtualisation.oci-containers.containers = {
    mealie = {
      autoStart = true;
      image = "ghcr.io/mealie-recipes/mealie:v1.11.0";
      ports = [
        "${port}:9000"
      ];
      volumes = [
        "/srv/containers/mealie:/app/data/"
      ];
      environment = {
        ALLOW_SIGNUP = "false";
        PUID = "1000";
        PGID = "100";
        TZ = "Australia/Perth";
        MAX_WORKERS = "1";
        WEB_CONCURRENCY = "1";
        BASE_URL = "https://mealie.kanto.dev";
        SECURITY_MAX_LOGIN_ATTEMPTS = "3";
        SECRURITY_USER_LOCKOUT_TIME = "72";
      };
    };
  };
  services.traefik.dynamicConfigOptions.http.routers = {
    mealie = {
      rule = "Host(`mealie.kanto.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "crowdsec"
        "geoblock"
      ];
      service = "mealie";
    };
  };
  services.traefik.dynamicConfigOptions.http.services = {
    mealie.loadBalancer.servers = [
      {url = "http://127.0.0.1:${port}";}
    ];
  };
 }
--- a/nixos/viridian/containers/microbin/default.nix
+++ b/nixos/viridian/containers/microbin/default.nix
@ -1,47 +0,0 @@
 {config, ...}: let
  port = "8181";
 in {
  age.secrets.microbin = {
    # Environment variables for microbin
    rekeyFile = ./environment.age;
    owner = "sajenim";
    group = "users";
  };
  virtualisation.oci-containers.containers = {
    # Self-hosted, open-source pastbin
    microbin = {
      autoStart = true;
      image = "danielszabo99/microbin:2.0.4";
      ports = [
        "${port}:8080/tcp" # WebUI
      ];
      volumes = [
        # Container data
        "/srv/containers/microbin:/app/microbin_data:rw"
      ];
      environmentFiles = [
        config.age.secrets.microbin.path
      ];
    };
  };
  services.traefik.dynamicConfigOptions.http.routers = {
    microbin = {
      rule = "Host(`bin.kanto.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "internal"
      ];
      service = "microbin";
    };
  };
  services.traefik.dynamicConfigOptions.http.services = {
    microbin.loadBalancer.servers = [
      {url = "http://127.0.0.1:${port}";}
    ];
  };
 }
--- a/nixos/viridian/containers/microbin/environment.age
+++ b/nixos/viridian/containers/microbin/environment.age
--- a/nixos/viridian/containers/recyclarr/default.nix
+++ b/nixos/viridian/containers/recyclarr/default.nix
@ -1,16 +0,0 @@
 {...}: {
  virtualisation.oci-containers.containers = {
    # Automatically synchronize recommended settings from the TRaSH guides to your Sonarr/Radarr instances
    recyclarr = {
      autoStart = true;
      image = "ghcr.io/recyclarr/recyclarr:6.0.2";
      volumes = [
        "/srv/containers/recyclarr:/config"
      ];
      extraOptions = [
        "--network=media-stack"
      ];
      user = "1000:100";
    };
  };
 }
--- a/nixos/viridian/multimedia/jellyfin/default.nix
+++ b/nixos/viridian/multimedia/jellyfin/default.nix
--- a/nixos/viridian/multimedia/lidarr/default.nix
+++ b/nixos/viridian/multimedia/lidarr/default.nix
--- a/nixos/viridian/multimedia/prowlarr/default.nix
+++ b/nixos/viridian/multimedia/prowlarr/default.nix
--- a/nixos/viridian/multimedia/qbittorrent/default.nix
+++ b/nixos/viridian/multimedia/qbittorrent/default.nix
--- a/nixos/viridian/multimedia/radarr/default.nix
+++ b/nixos/viridian/multimedia/radarr/default.nix
--- a/nixos/viridian/multimedia/sonarr/default.nix
+++ b/nixos/viridian/multimedia/sonarr/default.nix
--- a/nixos/viridian/services/grafana/default.nix
+++ b/nixos/viridian/services/grafana/default.nix
@ -1,56 +0,0 @@
 {config, ...}: {
  # Setup grafana our grafana instance.
  services.grafana = {
    enable = true;
    dataDir = "/srv/services/grafana";
    settings = {
      server = {
        http_addr = "127.0.0.1";
        http_port = 3400;
        domain = "kanto.dev";
        root_url = "https://kanto.dev/grafana/";
        serve_from_sub_path = true;
      };
      database = {
        type = "mysql";
        name = "grafana";
        user = "grafana";
        host = "/var/run/mysqld/mysqld.sock";
      };
    };
  };
  # Setup our database for grafana.
  services.mysql = {
    ensureUsers = [
      {
        name = "grafana";
        ensurePermissions = {
          "grafana.*" = "ALL PRIVILEGES";
        };
      }
    ];
    ensureDatabases = ["grafana"];
  };
  # Setup our traefik router.
  services.traefik.dynamicConfigOptions.http.routers = {
    grafana = {
      rule = "Host(`kanto.dev`)";
      entryPoints = [
        "websecure"
      ];
      middlewares = [
        "internal"
      ];
      service = "grafana";
    };
  };
  # Setup our traefik service.
  services.traefik.dynamicConfigOptions.http.services = {
    grafana.loadBalancer.servers = [
      {url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";}
    ];
  };
 }
--- a/nixos/viridian/services/mysql/default.nix
+++ b/nixos/viridian/services/mysql/default.nix
@ -1,7 +0,0 @@
 {pkgs, ...}: {
  services.mysql = {
    enable = true;
    package = pkgs.mariadb;
    dataDir = "/srv/services/mysql";
  };
 }
--- a/nixos/viridian/services/prometheus/default.nix
+++ b/nixos/viridian/services/prometheus/default.nix
@ -1,32 +0,0 @@
 {config, ...}: {
  services.prometheus = {
    enable = true;
    port = 9001; # Port to listen on.
    # Valid in all configuration contexts, defaults for other configuration sections.
    globalConfig = {
      scrape_interval = "15s";
    };
    # Collect specific metrics, format them, and expose them through HTTP endpoints for prometheus to scrape.
    exporters = {
      node = {
        enable = true;
        enabledCollectors = ["systemd" "processes"];
        port = 9100;
      };
    };
    # Specify a set of targets and parameters describing how to scrape them.
    scrapeConfigs = [
      {
        job_name = "node";
        static_configs = [
          {
            targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"];
          }
        ];
      }
    ];
  };
 }