pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions
nix/modules/services/media-mgr.nix

268 lines
7.1 KiB
Nix
Raw Blame History

{
config,
pkgs,
lib,
...
}:
with lib;
let
cfg = config.my.services.media-mgr;
lidarrPort = toString 8686;
radarrPort = toString 7878;
sonarrPort = toString 8989;
readarrPort = toString 8787;
prowlarrPort = toString 9696;
in
{
options.my.services.media-mgr = {
programs = {
enable = lib.mkEnableOption "Enable the download manager stack";
};
exportMetrics = {
enable = lib.mkEnableOption "Enable monitoring for the download manager stack";
};
proxy = {
enable = lib.mkEnableOption "Set the proxy entry for this service";
domain = lib.mkOption {
default = "example.com";
type = lib.types.str;
description = ''
The domain where Caddy is reachable
'';
};
host = lib.mkOption {
default = "localhost";
type = lib.types.str;
description = ''
host name where the download manager stack is running
'';
};
};
};
config = lib.mkMerge [
# Services definition
(lib.mkIf cfg.programs.enable {
services = {
# Indexer
prowlarr = {
enable = true;
openFirewall = true;
};
# Movies
radarr = {
enable = true;
openFirewall = true;
};
# TV Shows
sonarr = {
enable = true;
openFirewall = true;
};
# Music
lidarr = {
enable = true;
openFirewall = true;
};
# E-books
readarr = {
enable = true;
openFirewall = true;
};
# Subtitles
bazarr = {
enable = true;
openFirewall = true;
};
# Request management and media discovery tool for the Plex ecosystem
jellyseerr = {
enable = true;
openFirewall = true;
};
# Proxy server to bypass Cloudflare protection
flaresolverr.enable = true;
};
})
# Caddy for reverse proxy
(lib.mkIf cfg.proxy.enable {
services.caddy = with cfg.proxy; {
virtualHosts."prowlarr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${prowlarrPort}
import cloudflare_${domain}
'';
virtualHosts."radarr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${radarrPort}
import cloudflare_${domain}
'';
virtualHosts."sonarr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${sonarrPort}
import cloudflare_${domain}
'';
virtualHosts."lidarr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${lidarrPort}
import cloudflare_${domain}
'';
virtualHosts."readarr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${readarrPort}
import cloudflare_${domain}
'';
virtualHosts."bazarr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${toString config.services.bazarr.listenPort}
import cloudflare_${domain}
'';
virtualHosts."jellyseerr.${domain}".extraConfig = ''
reverse_proxy http://${host}:${toString config.services.jellyseerr.port}
import cloudflare_${domain}
'';
};
})
# Prometheus exporters
(lib.mkIf cfg.exportMetrics.enable {
users.groups.exportarr = { };
users.users.exportarr = {
group = "exportarr";
isSystemUser = true;
};
age.secrets = {
prowlarr-apiKey = {
file = ../../secrets/prowlarr-apiKey.age;
owner = "exportarr";
group = "exportarr";
mode = "770";
};
};
age.secrets = {
radarr-apiKey = {
file = ../../secrets/radarr-apiKey.age;
owner = "exportarr";
group = "exportarr";
mode = "770";
};
};
age.secrets = {
sonarr-apiKey = {
file = ../../secrets/sonarr-apiKey.age;
owner = "exportarr";
group = "exportarr";
mode = "770";
};
};
age.secrets = {
lidarr-apiKey = {
file = ../../secrets/lidarr-apiKey.age;
owner = "exportarr";
group = "exportarr";
mode = "770";
};
};
age.secrets = {
readarr-apiKey = {
file = ../../secrets/readarr-apiKey.age;
owner = "exportarr";
group = "exportarr";
mode = "770";
};
};
age.secrets = {
bazarr-apiKey = {
file = ../../secrets/bazarr-apiKey.age;
owner = "exportarr";
group = "exportarr";
mode = "770";
};
};
systemd.services = {
prometheus-exportarr-prowlarr-exporter.serviceConfig.EnvironmentFile =
config.age.secrets.prowlarr-apiKey.path;
prometheus-exportarr-radarr-exporter.serviceConfig.EnvironmentFile =
config.age.secrets.radarr-apiKey.path;
prometheus-exportarr-sonarr-exporter.serviceConfig.EnvironmentFile =
config.age.secrets.sonarr-apiKey.path;
prometheus-exportarr-lidarr-exporter.serviceConfig.EnvironmentFile =
config.age.secrets.lidarr-apiKey.path;
prometheus-exportarr-readarr-exporter.serviceConfig.EnvironmentFile =
config.age.secrets.readarr-apiKey.path;
prometheus-exportarr-bazarr-exporter.serviceConfig.EnvironmentFile =
config.age.secrets.bazarr-apiKey.path;
};
services.prometheus.exporters = with cfg.proxy; {
exportarr-prowlarr = {
enable = true;
url = "http://${host}:${prowlarrPort}";
port = 9701;
user = "exportarr";
group = "exportarr";
apiKeyFile = config.age.secrets.prowlarr-apiKey.path;
};
exportarr-radarr = {
enable = true;
url = "http://${host}:${radarrPort}";
port = 9702;
user = "exportarr";
group = "exportarr";
apiKeyFile = config.age.secrets.radarr-apiKey.path;
};
exportarr-sonarr = {
enable = true;
url = "http://${host}:${sonarrPort}";
port = 9703;
user = "exportarr";
group = "exportarr";
apiKeyFile = config.age.secrets.sonarr-apiKey.path;
};
exportarr-lidarr = {
enable = true;
url = "http://${host}:${lidarrPort}";
port = 9704;
user = "exportarr";
group = "exportarr";
apiKeyFile = config.age.secrets.lidarr-apiKey.path;
};
exportarr-readarr = {
enable = true;
url = "http://${host}:${readarrPort}";
port = 9705;
user = "exportarr";
group = "exportarr";
apiKeyFile = config.age.secrets.readarr-apiKey.path;
};
exportarr-bazarr = {
enable = true;
url = "http://${host}:${toString config.services.bazarr.listenPort}";
port = 9706;
user = "exportarr";
group = "exportarr";
apiKeyFile = config.age.secrets.bazarr-apiKey.path;
};
};
})
];
}
Reference in a new issue View git blame Copy permalink