diff --git a/flake.lock b/flake.lock index bd391f2..0aa2836 100644 --- a/flake.lock +++ b/flake.lock @@ -209,11 +209,11 @@ ] }, "locked": { - "lastModified": 1768068402, - "narHash": "sha256-bAXnnJZKJiF7Xr6eNW6+PhBf1lg2P1aFUO9+xgWkXfA=", + "lastModified": 1768434960, + "narHash": "sha256-cJbFn17oyg6qAraLr+NVeNJrXsrzJdrudkzI4H2iTcg=", "owner": "nix-community", "repo": "home-manager", - "rev": "8bc5473b6bc2b6e1529a9c4040411e1199c43b4c", + "rev": "b4d88c9ac42ae1a745283f6547701da43b6e9f9b", "type": "github" }, "original": { @@ -299,11 +299,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1767185284, - "narHash": "sha256-ljDBUDpD1Cg5n3mJI81Hz5qeZAwCGxon4kQW3Ho3+6Q=", + "lastModified": 1768397375, + "narHash": "sha256-7QqbFi3ERvKjEdAzEYPv7iSGwpUKSrQW5wPLMFq45AQ=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "40b1a28dce561bea34858287fbb23052c3ee63fe", + "rev": "efe2094529d69a3f54892771b6be8ee4a0ebef0f", "type": "github" }, "original": { @@ -347,11 +347,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1768127708, - "narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=", + "lastModified": 1768305791, + "narHash": "sha256-AIdl6WAn9aymeaH/NvBj0H9qM+XuAuYbGMZaP0zcXAQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38", + "rev": "1412caf7bf9e660f2f962917c14b1ea1c3bc695e", "type": "github" }, "original": { @@ -379,11 +379,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1768127708, - "narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=", + "lastModified": 1768305791, + "narHash": "sha256-AIdl6WAn9aymeaH/NvBj0H9qM+XuAuYbGMZaP0zcXAQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38", + "rev": "1412caf7bf9e660f2f962917c14b1ea1c3bc695e", "type": "github" }, "original": { @@ -496,11 +496,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1768183082, - "narHash": "sha256-XsiMOsqRLfmUi+24F7adhb/GAM2dMvplzwaW2Wxg/lo=", + "lastModified": 1768379550, + "narHash": "sha256-z94S29l5V86h11LZbPIMbHTJyksDG63aqISsZkTTuJY=", "owner": "0xc000022070", "repo": "zen-browser-flake", - "rev": "cdbc300fd89d503a95d1c8564de31a93d7b0a0ae", + "rev": "06f61b4e4f4f6ba8027c96a5611c63dc0db12b90", "type": "github" }, "original": { diff --git a/hosts/zora/default.nix b/hosts/zora/default.nix index 092e43e..59e3951 100644 --- a/hosts/zora/default.nix +++ b/hosts/zora/default.nix @@ -21,6 +21,7 @@ ../../modules/server/biggoron/runner.nix ../../modules/server/giovanni ../../modules/server/kalif + ../../modules/server/lanayru ../../modules/server/link ../../modules/server/maistro ../../modules/server/mikau diff --git a/hosts/zora/networking.nix b/hosts/zora/networking.nix index abe519c..00f996b 100644 --- a/hosts/zora/networking.nix +++ b/hosts/zora/networking.nix @@ -85,7 +85,7 @@ restrictedServices = [ "qbittorrent" - # "suwayomi-server" + "suwayomi-server" ]; portForwarding = { diff --git a/hosts/zora/reverse-proxy.nix b/hosts/zora/reverse-proxy.nix index 188a21d..647ec11 100644 --- a/hosts/zora/reverse-proxy.nix +++ b/hosts/zora/reverse-proxy.nix @@ -50,6 +50,12 @@ proxyWebsockets = true; }; }; + # 44312 + "dl.manga.lyes.eu" = { + forceSSL = true; + enableACME = true; + locations."/".proxyPass = "http://${config.networking.vpn-netns.vethIP}:${toString config.services.suwayomi-server.settings.server.port}"; + }; # 44303 "git.lyes.eu" = { forceSSL = true; @@ -85,12 +91,12 @@ enableACME = true; locations."/" = { proxyPass = "http://${config.networking.vpn-netns.vethIP}:${toString config.services.qbittorrent.webuiPort}"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - ''; + # extraConfig = '' + # proxy_set_header Host $host; + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # ''; }; }; diff --git a/modules/server/README.md b/modules/server/README.md index ff07635..1169d49 100644 --- a/modules/server/README.md +++ b/modules/server/README.md @@ -3,6 +3,7 @@ - `giovanni` : Vaultwarden (`vault.lyes.eu`) - `kaepora` : PostgreSQL - `kalif` : Factorio (`factorio.lyes.eu`) +- `lanayru` : Suwayomi (`dl.manga.lyes.eu`) - `link` : Kanidm (`auth.lyes.eu`) - `maistro` : Incus - `mikau` : Jellyfin (`media.lyes.eu`) diff --git a/modules/server/lanayru/default.nix b/modules/server/lanayru/default.nix new file mode 100644 index 0000000..1bbdc77 --- /dev/null +++ b/modules/server/lanayru/default.nix @@ -0,0 +1,43 @@ +{ config, pkgs, ... }: + +{ + services.suwayomi-server = { + enable = true; + package = pkgs.suwayomi-server; + + user = "suwayomi"; + group = "media"; + openFirewall = true; + + dataDir = "/var/data/manga"; + + settings = { + server = { + ip = "0.0.0.0"; + port = 44312; + + extensionRepos = [ + "https://raw.githubusercontent.com/keiyoushi/extensions/repo/index.min.json" + ]; + + downloadAsCbz = true; + + basicAuthEnabled = true; + basicAuthUsername = "lyes"; + basicAuthPasswordFile = config.age.secrets.suwayomi-pass.path; + + # backupPath = "/unv/backups/suwayomi"; + # backupTime = "07:11"; + + localSourcePath = "/var/data/manga/local"; + }; + }; + }; + + age.secrets = { + suwayomi-pass = { + file = ../../../secrets/zora/services/lanayru-pass.age; + owner = config.services.suwayomi-server.user; + }; + }; +} diff --git a/modules/server/taf/default.nix b/modules/server/taf/default.nix index 5c968b8..ca0c361 100644 --- a/modules/server/taf/default.nix +++ b/modules/server/taf/default.nix @@ -76,15 +76,6 @@ elsif header :contains "List-Id" "" { fileinto :create "Crans.crans.ca"; } - # Crans Nounou - elsif anyof ( - header :contains "List-Id" "", - header :contains "List-Id" "", - address :is :all "To" "contact@crans.org", - address :is :all "From" "contact@crans.org" - ) { - fileinto :create "Crans.crans.nounou"; - } # Crans Root Postmaster elsif address :is :all "To" "postmaster@crans.org" { addflag "\\Seen"; @@ -94,6 +85,15 @@ elsif address :is :all "From" "MAILER-DAEMON@crans.org" { fileinto :create "Crans.crans.root.mailer"; } + # Crans Nounou + elsif anyof ( + header :contains "List-Id" "", + header :contains "List-Id" "", + address :is :all "To" "contact@crans.org", + address :is :all "From" "contact@crans.org" + ) { + fileinto :create "Crans.crans.nounou"; + } # Crans Root elsif anyof ( address :is :all "To" "root@crans.org", diff --git a/secrets.nix b/secrets.nix index 7e83bb9..6a048ab 100644 --- a/secrets.nix +++ b/secrets.nix @@ -24,4 +24,5 @@ in "secrets/zora/services/ptigoron-token.age".publicKeys = all; "secrets/zora/services/mogma-privatekey.age".publicKeys = all; "secrets/zora/services/tetra-pass.age".publicKeys = all; + "secrets/zora/services/lanayru-pass.age".publicKeys = all; } diff --git a/secrets/zora/services/lanayru-pass.age b/secrets/zora/services/lanayru-pass.age new file mode 100644 index 0000000..e7d1a71 --- /dev/null +++ b/secrets/zora/services/lanayru-pass.age @@ -0,0 +1,7 @@ +age-encryption.org/v1 +-> ssh-ed25519 whuRpQ E5HLHN2hIqlA7O/JAtLc0T7DU/DtN+VISIj18JuRFxo +4PcTQNEOcKf/35I4te8wy9v3FG7rwwRgHrrFTNM8kDU +-> ssh-ed25519 TFqgIg 4RJdWYN7h/GBR1CClnnl2cNIoDsm8llZj7krWFDKujc +22oJsAKIAh7qUxulswCmVyvh/S+nZCcw/jsh7Uh8xoA +--- 7ct9JACAjyTcGAbvkib3oROmyciIVjrHDGuqBANfbn8 +f/.ӈЌSPvBLM:KKոTW113oA \ No newline at end of file