Compare commits
5 commits
4e74eceeee
...
1d61c985de
| Author | SHA1 | Date | |
|---|---|---|---|
| 1d61c985de | |||
| 3491fd5f58 | |||
| 52ed16ece6 | |||
| 05cc22af2a | |||
| 989f694611 |
14 changed files with 30 additions and 142 deletions
6
flake.lock
generated
6
flake.lock
generated
|
|
@ -175,11 +175,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1744777043,
|
||||
"narHash": "sha256-O6jgTxz9BKUiaJl03JsVHvSjtCOC8gHfDvC2UCfcLMc=",
|
||||
"lastModified": 1744174375,
|
||||
"narHash": "sha256-oxI9TLgnQbQ/WL0tIwVSIooLbXq4PW1QUhf5aQmXFgk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "7a6f7f4c1c69eee05641beaa40e7f85da8e69fb0",
|
||||
"rev": "ef3a956f697525883b77192cbe208233ea0f8f79",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -81,7 +81,6 @@ in
|
|||
"pyload/credentials.age".publicKeys = all;
|
||||
|
||||
"servarr/autobrr/session-secret.age".publicKeys = all;
|
||||
"servarr/cross-seed/configuration.json.age".publicKeys = all;
|
||||
|
||||
"sso/auth-key.age" = {
|
||||
owner = "nginx-sso";
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -148,9 +148,6 @@ in
|
|||
autobrr = {
|
||||
sessionSecretFile = secrets."servarr/autobrr/session-secret".path;
|
||||
};
|
||||
cross-seed = {
|
||||
secretSettingsFile = secrets."servarr/cross-seed/configuration.json".path;
|
||||
};
|
||||
# ... But not Lidarr because I don't care for music that much
|
||||
lidarr = {
|
||||
enable = false;
|
||||
|
|
|
|||
|
|
@ -8,10 +8,6 @@ in
|
|||
|
||||
# I want the full experience by default
|
||||
package = mkPackageOption pkgs "atuin" { };
|
||||
|
||||
daemon = {
|
||||
enable = my.mkDisableOption "atuin daemon";
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
|
@ -19,18 +15,12 @@ in
|
|||
enable = true;
|
||||
inherit (cfg) package;
|
||||
|
||||
daemon = lib.mkIf cfg.daemon.enable {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
flags = [
|
||||
# I *despise* this hijacking of the up key, even though I use Ctrl-p
|
||||
"--disable-up-arrow"
|
||||
];
|
||||
|
||||
settings = {
|
||||
# Reasonable date format
|
||||
dialect = "uk";
|
||||
# The package is managed by Nix
|
||||
update_check = false;
|
||||
# I don't care for the fancy display
|
||||
|
|
|
|||
|
|
@ -21,13 +21,6 @@ in
|
|||
assertions = [
|
||||
{
|
||||
# For its configuration
|
||||
assertion = cfg.enable -> cfg.git.enable;
|
||||
message = ''
|
||||
`config.my.home.delta` must enable `config.my.home.delta.git` to be
|
||||
properly configured.
|
||||
'';
|
||||
}
|
||||
{
|
||||
assertion = cfg.jujutsu.enable -> cfg.git.enable;
|
||||
message = ''
|
||||
`config.my.home.delta.jujutsu` relies on `config.my.home.delta.git`
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ let
|
|||
(config.my.home.wm.windowManager != null)
|
||||
];
|
||||
|
||||
mkTerminalFeature = opt: flag:
|
||||
mkTerminalFlags = opt: flag:
|
||||
let
|
||||
mkFlag = term: ''set -as terminal-features ",${term}:${flag}"'';
|
||||
enabledTerminals = lib.filterAttrs (_: v: v.${opt}) cfg.terminalFeatures;
|
||||
|
|
@ -123,9 +123,9 @@ in
|
|||
}
|
||||
|
||||
# Force OSC8 hyperlinks for each relevant $TERM
|
||||
${mkTerminalFeature "hyperlinks" "hyperlinks"}
|
||||
${mkTerminalFlags "hyperlinks" "hyperlinks"}
|
||||
# Force 24-bit color for each relevant $TERM
|
||||
${mkTerminalFeature "trueColor" "RGB"}
|
||||
${mkTerminalFlags "trueColor" "RGB"}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +0,0 @@
|
|||
; extends
|
||||
|
||||
; Highlight over-extended subject lines (rely on wrapping for message body)
|
||||
((subject) @comment.error
|
||||
(#vim-match? @comment.error ".\{50,}")
|
||||
(#offset! @comment.error 0 50 0 0))
|
||||
|
|
@ -22,3 +22,13 @@ vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave"
|
|||
end
|
||||
end,
|
||||
})
|
||||
|
||||
-- Never show the sign column in a terminal buffer
|
||||
vim.api.nvim_create_autocmd({ "TermOpen" }, {
|
||||
pattern = "*",
|
||||
group = numbertoggle,
|
||||
callback = function()
|
||||
vim.opt.number = false
|
||||
vim.opt.relativenumber = false
|
||||
end,
|
||||
})
|
||||
|
|
|
|||
|
|
@ -1,21 +1,26 @@
|
|||
local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true })
|
||||
|
||||
-- Only show sign column for the currently focused buffer, if it has a number column
|
||||
-- Only show sign column for the currently focused buffer
|
||||
vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, {
|
||||
pattern = "*",
|
||||
group = signtoggle,
|
||||
callback = function()
|
||||
if vim.opt.number:get() then
|
||||
vim.opt.signcolumn = "yes"
|
||||
end
|
||||
vim.opt.signcolumn = "yes"
|
||||
end,
|
||||
})
|
||||
vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, {
|
||||
pattern = "*",
|
||||
group = signtoggle,
|
||||
callback = function()
|
||||
if vim.opt.number:get() then
|
||||
vim.opt.signcolumn = "no"
|
||||
end
|
||||
vim.opt.signcolumn = "no"
|
||||
end,
|
||||
})
|
||||
|
||||
-- Never show the sign column in a terminal buffer
|
||||
vim.api.nvim_create_autocmd({ "TermOpen" }, {
|
||||
pattern = "*",
|
||||
group = signtoggle,
|
||||
callback = function()
|
||||
vim.opt.signcolumn = "no"
|
||||
end,
|
||||
})
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# IRC-based indexer
|
||||
# IRC-based
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.services.servarr.autobrr;
|
||||
|
|
@ -40,7 +40,6 @@ in
|
|||
my.services.nginx.virtualHosts = {
|
||||
autobrr = {
|
||||
inherit (cfg) port;
|
||||
websocketsLocations = [ "/api" ];
|
||||
};
|
||||
};
|
||||
|
||||
|
|
@ -55,7 +54,7 @@ in
|
|||
environment.etc = {
|
||||
"fail2ban/filter.d/autobrr.conf".text = ''
|
||||
[Definition]
|
||||
failregex = "message":"Auth: Failed login attempt username: \[.*\] ip: <HOST>"
|
||||
failregex = ^.*Auth: invalid login \[.*\] from: <HOST>$
|
||||
journalmatch = _SYSTEMD_UNIT=autobrr.service
|
||||
'';
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,96 +0,0 @@
|
|||
# Automatic cross-seeding for video media
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
cfg = config.my.services.servarr.cross-seed;
|
||||
in
|
||||
{
|
||||
options.my.services.servarr.cross-seed = with lib; {
|
||||
enable = mkEnableOption "cross-seed daemon" // {
|
||||
default = config.my.services.servarr.enableAll;
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
default = 2468;
|
||||
example = 8080;
|
||||
description = "Internal port for daemon";
|
||||
};
|
||||
|
||||
linkDirectory = mkOption {
|
||||
type = types.str;
|
||||
default = "/data/downloads/complete/links";
|
||||
example = "/var/lib/cross-seed/links";
|
||||
description = "Link directory";
|
||||
};
|
||||
|
||||
secretSettingsFile = mkOption {
|
||||
type = types.str;
|
||||
example = "/run/secrets/cross-seed-secrets.json";
|
||||
description = ''
|
||||
File containing secret settings.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.cross-seed = {
|
||||
enable = true;
|
||||
group = "media";
|
||||
|
||||
# Rely on recommended defaults for tracker snatches etc...
|
||||
useGenConfigDefaults = true;
|
||||
|
||||
settings = {
|
||||
inherit (cfg) port;
|
||||
host = "127.0.0.1";
|
||||
|
||||
# Inject torrents to client directly
|
||||
action = "inject";
|
||||
# Query the client for torrents to match
|
||||
useClientTorrents = true;
|
||||
# Use hardlinks
|
||||
linkType = "hardlink";
|
||||
# Use configured link directory
|
||||
linkDirs = [ cfg.linkDirectory ];
|
||||
# Match as many torrents as possible
|
||||
matchMode = "partial";
|
||||
# Cross-seed full season if at least 50% of episodes are already downloaded
|
||||
seasonFromEpisodes = 0.5;
|
||||
};
|
||||
|
||||
settingsFile = cfg.secretSettingsFile;
|
||||
};
|
||||
|
||||
systemd.services.cross-seed = {
|
||||
serviceConfig = {
|
||||
# Loose umask to make cross-seed links readable by `media`
|
||||
UMask = "0002";
|
||||
};
|
||||
};
|
||||
|
||||
# Set-up media group
|
||||
users.groups.media = { };
|
||||
|
||||
my.services.nginx.virtualHosts = {
|
||||
cross-seed = {
|
||||
inherit (cfg) port;
|
||||
};
|
||||
};
|
||||
|
||||
services.fail2ban.jails = {
|
||||
cross-seed = ''
|
||||
enabled = true
|
||||
filter = cross-seed
|
||||
action = iptables-allports
|
||||
'';
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
"fail2ban/filter.d/cross-seed.conf".text = ''
|
||||
[Definition]
|
||||
failregex = ^.*Unauthorized API access attempt to .* from <HOST>$
|
||||
journalmatch = _SYSTEMD_UNIT=cross-seed.service
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
@ -7,7 +7,6 @@
|
|||
imports = [
|
||||
./autobrr.nix
|
||||
./bazarr.nix
|
||||
./cross-seed.nix
|
||||
./jackett.nix
|
||||
./nzbhydra.nix
|
||||
./prowlarr.nix
|
||||
|
|
|
|||
|
|
@ -65,8 +65,6 @@ in
|
|||
# Proxied behind Nginx.
|
||||
rpc-whitelist-enabled = true;
|
||||
rpc-whitelist = "127.0.0.1";
|
||||
|
||||
umask = "002"; # To go with `downloadDirPermissions`
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue