diff --git a/modules/system/homelab/ai.nix b/modules/system/homelab/ai.nix index 49afe3d..dc6b291 100644 --- a/modules/system/homelab/ai.nix +++ b/modules/system/homelab/ai.nix @@ -1,3 +1,19 @@ { ... }: { - + services = { + ollama = { + enable = true; + host = "127.0.0.1"; + port = 11434; + # loadModels = [ "gemma3n:e4b" "gemma3n:e2b" ]; + }; + open-webui = { + enable = true; + port = 8080; + environment = { + OLLAMA_BASE_URL = "http://localhost:11434"; + WEBUI_AUTH = "False"; + + }; + }; + }; } \ No newline at end of file diff --git a/modules/system/homelab/dash.nix b/modules/system/homelab/dash.nix index 672ad60..9ab9e48 100644 --- a/modules/system/homelab/dash.nix +++ b/modules/system/homelab/dash.nix @@ -58,6 +58,9 @@ [ "ApacheHTTPD" "apache" "https://cdn.proxy.${homelab.domain}" "http://localhost:3000/" ] [ "Forgejo" "forgejo" "https://git.proxy.${homelab.domain}" "http://localhost:5080/" ] [ "Dockge" "docker" "https://containers.proxy.${homelab.domain}" "http://localhost:5001/" ] + [ "Ollama" "ollama" "https://ai.proxy.${homelab.domain}" "http://localhost:8080/" ] + [ "Guacamole" "guacamole" "https://remote.proxy.${homelab.domain}" "http://localhost:8085/" ] + [ "Immich" "immich" "https://gallery.proxy.${homelab.domain}" "http://localhost:2283/" ] ]; bookmarks = [ [ "Tailscale" "tailscale" "https://login.tailscale.com/" ] @@ -187,6 +190,22 @@ in { name = "Dashboard"; show-mobile-header = true; columns = [ + { + type = "bookmarks"; + groups = [{ + links = map (e: { + same-tab = true; + title = builtins.elemAt e 0; + icon = "si:${builtins.elemAt e 1}"; + url = builtins.elemAt e 2; + }) bookmarks; + }]; + } + { + type = "to-do"; + id = "tasks"; + hide-header = true; + } { size = "small"; widgets = [ @@ -217,9 +236,7 @@ in { widgets = [ { type = "server-stats"; - servers = [{ - type = "local"; - }]; + servers = [{ type = "local"; }]; } { type = "monitor"; @@ -235,27 +252,6 @@ in { } ]; } - { - size = "small"; - widgets = [ - { - type = "bookmarks"; - groups = [{ - links = map (e: { - same-tab = true; - title = builtins.elemAt e 0; - icon = "si:${builtins.elemAt e 1}"; - url = builtins.elemAt e 2; - }) bookmarks; - }]; - } - { - type = "to-do"; - id = "tasks"; - hide-header = true; - } - ]; - } ]; } ]; diff --git a/modules/system/homelab/dns.nix b/modules/system/homelab/dns.nix index a004b47..907645e 100644 --- a/modules/system/homelab/dns.nix +++ b/modules/system/homelab/dns.nix @@ -9,8 +9,8 @@ [ "proxy.${homelab.domain}" "main.dns.${homelab.domain}" ] [ "*.proxy.${homelab.domain}" "proxy.${homelab.domain}" ] - [ "lancache.steamcontent.com" "main.dns.${homelab.domain}" ] - [ "steam.cache.lancache.net" "main.dns.${homelab.domain}" ] + # [ "lancache.steamcontent.com" "main.dns.${homelab.domain}" ] + # [ "steam.cache.lancache.net" "main.dns.${homelab.domain}" ] ]; blacklist = [ "https://adaway.org/hosts.txt" diff --git a/modules/system/homelab/gallery.nix b/modules/system/homelab/gallery.nix index 49afe3d..968e397 100644 --- a/modules/system/homelab/gallery.nix +++ b/modules/system/homelab/gallery.nix @@ -1,3 +1,19 @@ { ... }: { - + users.users.immich.extraGroups = [ "video" "render" ]; + + services = { + immich = { + enable = true; + port = 2283; + host = "127.0.0.1"; + mediaLocation = "/var/lib/immich"; + accelerationDevices = null; + machine-learning.enable = true; + }; + immich-public-proxy = { + enable = true; + port = 2284; + immichUrl = "http://localhost:2283"; + }; + }; } \ No newline at end of file diff --git a/modules/system/homelab/media.nix b/modules/system/homelab/media.nix index 49afe3d..949e6cd 100644 --- a/modules/system/homelab/media.nix +++ b/modules/system/homelab/media.nix @@ -1,3 +1,44 @@ -{ ... }: { - +{ pkgs, ... }: { + # WIP: declaratively integrate media services into homelab configuration + environment.systemPackages = with pkgs; [ + jellyfin jellyfin-web jellyfin-ffmpeg + ]; + services = { + jellyfin = { + enable = true; + hardwareAcceleration.enable = true; + }; + jellyseerr = { + enable = true; + port = 5055; + }; + radarr = { + enable = true; + settings = { + server = { + port = 7878; + bindaddress = "127.0.0.1"; + }; + }; + }; + sonarr = { + enable = true; + server = { + port = 8989; + bindaddress = "127.0.0.1"; + }; + }; + qbittorrent = { + enable = true; + webuiPort = 8020; + }; + jackett = { + enable = true; + port = 9117; + }; + flaresolverr = { + enable = true; + port = 8191; + }; + }; } \ No newline at end of file diff --git a/modules/system/homelab/proxy.nix b/modules/system/homelab/proxy.nix index 162f293..cd72bbb 100644 --- a/modules/system/homelab/proxy.nix +++ b/modules/system/homelab/proxy.nix @@ -1,9 +1,20 @@ { homelab, lib, ... }: let base = "proxy.${homelab.domain}"; proxy-mappings = { - "containers" = { dest = "http://localhost:5001"; auth = false; }; - "auth" = { dest = "http://localhost:1411"; auth = false; }; "dns" = { dest = "http://localhost:8088"; auth = true; }; + "ai" = { dest = "http://localhost:8080"; auth = true; }; + + # "jsr" = { dest = "http://localhost:5055"; auth = false; }; + # "rdr" = { dest = "http://localhost:5055"; auth = false; }; + # "snr" = { dest = "http://localhost:5055"; auth = false; }; + # "qbt" = { dest = "http://localhost:8020"; auth = false; }; + # "jkt" = { dest = "http://localhost:9117"; auth = false; }; + # "media" = { dest = "http://localhost:8096"; auth = false; }; + + "containers" = { dest = "http://localhost:5001"; auth = false; }; + "gallery" = { dest = "http://localhost:2283"; auth = false; }; + "remote" = { dest = "http://localhost:8085"; auth = false; }; + "auth" = { dest = "http://localhost:1411"; auth = false; }; "cdn" = { dest = "http://localhost:3000"; auth = false; }; "git" = { dest = "http://localhost:5080"; auth = false; }; "@" = { dest = "http://localhost:5070"; auth = false; }; @@ -42,9 +53,14 @@ in { proxyWebsockets = true; basicAuthFile = if cfg.auth then "/var/lib/nginx/.htpasswd" else null; extraConfig = '' + proxy_set_header X-Auth-User $remote_user; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; + client_max_body_size 50000M; + proxy_read_timeout 600s; + proxy_send_timeout 600s; + send_timeout 600s; ''; }; }) proxy-mappings; diff --git a/modules/system/homelab/remote.nix b/modules/system/homelab/remote.nix new file mode 100644 index 0000000..dff61a1 --- /dev/null +++ b/modules/system/homelab/remote.nix @@ -0,0 +1,19 @@ +{ ... }: { + services = { + guacamole-server = { + enable = true; + host = "127.0.0.1"; + port = 4822; + }; + guacamole-client = { + enable = true; + host = "127.0.0.1"; + port = 8085; + enableWebserver = true; + settings = { + guacd-hostname = "127.0.0.1"; + guacd-port = 4822; + }; + }; + }; +} \ No newline at end of file diff --git a/modules/system/server.nix b/modules/system/server.nix index 4f9b21f..51aa927 100644 --- a/modules/system/server.nix +++ b/modules/system/server.nix @@ -1,8 +1,9 @@ -{ lib, ... }: { - imports = [ +{ config, lib, ... }: { + imports = lib.mkIf (config.specialisation != {}) [ ./homelab/containers.nix ./homelab/gallery.nix - ./homelab/media.nix + ./homelab/remote.nix + # ./homelab/media.nix # wip ./homelab/share.nix ./homelab/proxy.nix ./homelab/auth.nix @@ -12,7 +13,9 @@ ./homelab/ai.nix ./base.nix ]; - + + specialisation.safe-mode.configuration = {}; + virtualisation = { oci-containers.backend = "docker"; docker = { @@ -26,4 +29,4 @@ networkmanager.dns = "none"; nameservers = lib.mkForce [ "127.0.0.1" ]; }; -} \ No newline at end of file +}