Compare commits

...

2 Commits

Author SHA1 Message Date
Noah Masur
25c4e79ccc
add filebrowser app as nextcloud alternative 2024-08-25 21:56:28 +00:00
Noah Masur
3b86a666fd
add ntfy push notifications 2024-08-25 21:04:16 +00:00
7 changed files with 121 additions and 0 deletions

View File

@ -240,12 +240,14 @@
mail.smtpHost = "smtp.purelymail.com"; mail.smtpHost = "smtp.purelymail.com";
dotfilesRepo = "https://github.com/nmasur/dotfiles"; dotfilesRepo = "https://github.com/nmasur/dotfiles";
hostnames = { hostnames = {
files = "files.${baseName}";
git = "git.${baseName}"; git = "git.${baseName}";
influxdb = "influxdb.${baseName}"; influxdb = "influxdb.${baseName}";
irc = "irc.${baseName}"; irc = "irc.${baseName}";
metrics = "metrics.${baseName}"; metrics = "metrics.${baseName}";
minecraft = "minecraft.${baseName}"; minecraft = "minecraft.${baseName}";
n8n = "n8n.${baseName}"; n8n = "n8n.${baseName}";
notifications = "ntfy.${baseName}";
prometheus = "prom.${baseName}"; prometheus = "prom.${baseName}";
paperless = "paper.${baseName}"; paperless = "paper.${baseName}";
secrets = "vault.${baseName}"; secrets = "vault.${baseName}";

View File

@ -81,6 +81,7 @@ inputs.nixpkgs.lib.nixosSystem rec {
services.vaultwarden.enable = true; services.vaultwarden.enable = true;
services.minecraft-server.enable = true; # Setup Minecraft server services.minecraft-server.enable = true; # Setup Minecraft server
services.n8n.enable = true; services.n8n.enable = true;
services.ntfy-sh.enable = true;
system.autoUpgrade.enable = true; system.autoUpgrade.enable = true;
# Allows private remote access over the internet # Allows private remote access over the internet

View File

@ -97,6 +97,7 @@ inputs.nixpkgs.lib.nixosSystem rec {
cloudflare.enable = true; cloudflare.enable = true;
dotfiles.enable = true; dotfiles.enable = true;
arrs.enable = true; arrs.enable = true;
filebrowser.enable = true;
services.bind.enable = true; services.bind.enable = true;
services.caddy.enable = true; services.caddy.enable = true;
services.jellyfin.enable = true; services.jellyfin.enable = true;

View File

@ -77,6 +77,10 @@
default = [ ]; default = [ ];
}; };
hostnames = { hostnames = {
files = lib.mkOption {
type = lib.types.str;
description = "Hostname for files server (Filebrowser).";
};
git = lib.mkOption { git = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "Hostname for git server (Gitea)."; description = "Hostname for git server (Gitea).";
@ -129,6 +133,10 @@
type = lib.types.str; type = lib.types.str;
description = "Hostname for n8n automation."; description = "Hostname for n8n automation.";
}; };
notifications = lib.mkOption {
type = lib.types.str;
description = "Hostname for push notification services (ntfy).";
};
transmission = lib.mkOption { transmission = lib.mkOption {
type = lib.types.str; type = lib.types.str;
description = "Hostname for peer2peer downloads (Transmission)."; description = "Hostname for peer2peer downloads (Transmission).";

View File

@ -12,6 +12,7 @@
./calibre.nix ./calibre.nix
./cloudflare-tunnel.nix ./cloudflare-tunnel.nix
./cloudflare.nix ./cloudflare.nix
./filebrowser.nix
./identity.nix ./identity.nix
./irc.nix ./irc.nix
./gitea-runner.nix ./gitea-runner.nix
@ -26,6 +27,7 @@
./n8n.nix ./n8n.nix
./netdata.nix ./netdata.nix
./nextcloud.nix ./nextcloud.nix
./ntfy.nix
./paperless.nix ./paperless.nix
./postgresql.nix ./postgresql.nix
./prometheus.nix ./prometheus.nix

View File

@ -0,0 +1,74 @@
{
config,
pkgs,
lib,
...
}:
let
user =
if config.services.nextcloud.enable then
config.services.phpfpm.pools.nextcloud.user
else
"filebrowser";
dataDir = "/var/lib/filebrowser";
settings = {
port = 8020;
baseURL = "";
address = "";
log = "stdout";
database = "${dataDir}/filebrowser.db";
root = "";
"auth.method" = "json";
username = config.user;
# Generate password: htpasswd -nBC 10 "" | tr -d ':\n'
password = "$2y$10$ze1cMob0k6pnXRjLowYfZOVZWg4G.dsPtH3TohbUeEbI0sdkG9.za";
};
in
{
options.filebrowser.enable = lib.mkEnableOption "Use Filebrowser.";
config = lib.mkIf config.filebrowser.enable {
environment.etc."filebrowser/.filebrowser.json".text = builtins.toJSON settings;
systemd.services.filebrowser = lib.mkIf config.filebrowser.enable {
description = "Filebrowser cloud file services";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
startLimitIntervalSec = 14400;
startLimitBurst = 10;
serviceConfig = {
ExecStart = "${pkgs.filebrowser}/bin/filebrowser";
DynamicUser = !config.services.nextcloud.enable; # Unique user if not using Nextcloud
User = user;
Group = user;
ReadWritePaths = [ dataDir ];
StateDirectory = [ "filebrowser" ];
Restart = "on-failure";
RestartPreventExitStatus = 1;
RestartSec = "5s";
};
};
caddy.routes = [
{
match = [ { host = [ config.hostnames.files ]; } ];
handle = [
{
handler = "reverse_proxy";
upstreams = [ { dial = "localhost:${builtins.toString settings.port}"; } ];
}
];
}
];
# Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ config.hostnames.files ];
};
}

View File

@ -0,0 +1,33 @@
{ config, lib, ... }:
{
config = lib.mkIf config.services.ntfy-sh.enable {
services.ntfy-sh = {
settings = rec {
base-url = "https://${config.hostnames.notifications}";
upstream-base-url = "https://ntfy.sh";
listen-http = ":8333";
behind-proxy = true;
auth-default-access = "deny-all";
auth-file = "/var/lib/ntfy-sh/user.db";
};
};
caddy.routes = [
{
match = [ { host = [ config.hostnames.notifications ]; } ];
handle = [
{
handler = "reverse_proxy";
upstreams = [ { dial = "localhost${config.services.ntfy-sh.settings.listen-http}"; } ];
}
];
}
];
# Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ config.hostnames.notifications ];
};
}