From db40755c050433e273e46e0a5f580dd308c78bc8 Mon Sep 17 00:00:00 2001 From: Aly Raffauf Date: Fri, 5 Jul 2024 12:14:48 -0400 Subject: [PATCH] nixos: swap navidrome container for bare metal service --- hosts/mauville/default.nix | 5 +- nixosModules/containers/default.nix | 2 +- .../nixos/audiobookshelf/default.nix | 33 -------- nixosModules/containers/nixos/default.nix | 11 --- .../containers/nixos/navidrome/default.nix | 82 ------------------- nixosModules/options.nix | 50 ++++------- nixosModules/services/default.nix | 1 + nixosModules/services/navidrome/default.nix | 50 +++++++++++ 8 files changed, 70 insertions(+), 164 deletions(-) delete mode 100644 nixosModules/containers/nixos/audiobookshelf/default.nix delete mode 100644 nixosModules/containers/nixos/default.nix delete mode 100644 nixosModules/containers/nixos/navidrome/default.nix create mode 100644 nixosModules/services/navidrome/default.nix diff --git a/hosts/mauville/default.nix b/hosts/mauville/default.nix index 0618ade6..64c7c540 100644 --- a/hosts/mauville/default.nix +++ b/hosts/mauville/default.nix @@ -158,7 +158,7 @@ in { forceSSL = true; locations."/" = { - proxyPass = "http://127.0.0.1:${toString config.ar.containers.nixos.navidrome.port}"; + proxyPass = "http://127.0.0.1:${toString config.ar.services.navidrome.port}"; proxyWebsockets = true; extraConfig = '' @@ -289,8 +289,6 @@ in { }; containers = { - nixos.navidrome.enable = true; - oci = { audiobookshelf.enable = true; freshRSS.enable = true; @@ -332,6 +330,7 @@ in { musicPath = "${mediaDirectory}/Music"; }; + navidrome.enable = true; tailscale.enable = true; }; }; diff --git a/nixosModules/containers/default.nix b/nixosModules/containers/default.nix index 93f5dfdb..c1bcfae2 100644 --- a/nixosModules/containers/default.nix +++ b/nixosModules/containers/default.nix @@ -4,5 +4,5 @@ config, ... }: { - imports = [./nixos ./oci]; + imports = [./oci]; } diff --git a/nixosModules/containers/nixos/audiobookshelf/default.nix b/nixosModules/containers/nixos/audiobookshelf/default.nix deleted file mode 100644 index 18931f85..00000000 --- a/nixosModules/containers/nixos/audiobookshelf/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: { - config = lib.mkIf config.ar.containers.nixos.audiobookshelf.enable { - containers.audiobookshelf = { - autoStart = true; - bindMounts."/Media" = { - hostPath = config.ar.containers.nixos.audiobookshelf.mediaDirectory; - isReadOnly = false; - }; - config = let - port = config.ar.containers.nixos.audiobookshelf.port; - in - { - config, - lib, - pkgs, - ... - }: { - system.stateVersion = "24.05"; - services.audiobookshelf = { - enable = true; - openFirewall = true; - host = "0.0.0.0"; - port = port; - }; - }; - }; - }; -} diff --git a/nixosModules/containers/nixos/default.nix b/nixosModules/containers/nixos/default.nix deleted file mode 100644 index 8bdaf2e3..00000000 --- a/nixosModules/containers/nixos/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: { - imports = [ - ./audiobookshelf - ./navidrome - ]; -} diff --git a/nixosModules/containers/nixos/navidrome/default.nix b/nixosModules/containers/nixos/navidrome/default.nix deleted file mode 100644 index 2ffceb1f..00000000 --- a/nixosModules/containers/nixos/navidrome/default.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - config = lib.mkIf config.ar.containers.nixos.navidrome.enable { - age.secrets.lastFMApiKey.file = ../../../../secrets/lastFM/apiKey.age; - age.secrets.lastFMSecret.file = ../../../../secrets/lastFM/secret.age; - age.secrets.spotifyClientId.file = ../../../../secrets/spotify/clientId.age; - age.secrets.spotifyClientSecret.file = ../../../../secrets/spotify/clientSecret.age; - - containers.navidrome = let - navidromeConfig = builtins.toFile "navidrome.json" (lib.generators.toJSON {} { - Address = "0.0.0.0"; - DefaultTheme = "Auto"; - MusicFolder = "/Music"; - Port = config.ar.containers.nixos.navidrome.port; - SubsonicArtistParticipations = true; - UIWelcomeMessage = "Welcome to Navidrome @ RaffaufLabs.com"; - "Spotify.ID" = "@spotifyClientId@"; - "Spotify.Secret" = "@spotifyClientSecret@"; - "LastFM.Enabled" = true; - "LastFM.ApiKey" = "@lastFMApiKey@"; - "LastFM.Secret" = "@lastFMSecret@"; - "LastFM.Language" = "en"; - }); - in { - autoStart = true; - - bindMounts = { - "/Music".hostPath = config.ar.containers.nixos.navidrome.musicDirectory; - "/var/lib/navidrome/rawNavidrome.json".hostPath = navidromeConfig; - "${config.age.secrets.lastFMApiKey.path}".isReadOnly = true; - "${config.age.secrets.lastFMSecret.path}".isReadOnly = true; - "${config.age.secrets.spotifyClientId.path}".isReadOnly = true; - "${config.age.secrets.spotifyClientSecret.path}".isReadOnly = true; - }; - - config = let - lastFMApiKey = config.age.secrets.lastFMApiKey.path; - lastFMSecret = config.age.secrets.lastFMSecret.path; - spotifyClientId = config.age.secrets.spotifyClientId.path; - spotifyClientSecret = config.age.secrets.spotifyClientSecret.path; - in - { - config, - pkgs, - lib, - ... - }: { - system = { - activationScripts."navidrome-secrets" = '' - lastFMApiKey=$(cat "${lastFMApiKey}") - lastFMSecret=$(cat "${lastFMSecret}") - spotifyClientId=$(cat "${spotifyClientId}") - spotifyClientSecret=$(cat "${spotifyClientSecret}") - ${pkgs.gnused}/bin/sed -e "s/@lastFMApiKey@/$lastFMApiKey/" -e "s/@lastFMSecret@/$lastFMSecret/" \ - -e "s/@spotifyClientId@/$spotifyClientId/" -e "s/@spotifyClientSecret@/$spotifyClientSecret/" \ - /var/lib/navidrome/rawNavidrome.json > /var/lib/navidrome/navidrome.json - ''; - - stateVersion = "24.05"; - }; - - systemd.services.navidrome.serviceConfig = { - BindReadOnlyPaths = "/Music"; - - ExecStart = lib.mkForce '' - ${config.services.navidrome.package}/bin/navidrome --configfile /var/lib/navidrome/navidrome.json \ - --datafolder /var/lib/navidrome/ - ''; - }; - - services.navidrome = { - enable = true; - openFirewall = true; - }; - }; - }; - }; -} diff --git a/nixosModules/options.nix b/nixosModules/options.nix index 9f4f7920..fad7a3e4 100644 --- a/nixosModules/options.nix +++ b/nixosModules/options.nix @@ -16,40 +16,6 @@ }; containers = { - nixos = { - audiobookshelf = { - enable = lib.mkEnableOption "audiobookshelf server in NixOS container."; - - mediaDirectory = lib.mkOption { - description = "Media directory for audiobookshelf."; - default = "/mnt/Media"; - type = lib.types.str; - }; - - port = lib.mkOption { - description = "Port for audiobookshelf."; - default = 13378; - type = lib.types.int; - }; - }; - - navidrome = { - enable = lib.mkEnableOption "Navidrome music server in NixOS container."; - - musicDirectory = lib.mkOption { - description = "Music directory for Navidrome."; - default = "/mnt/Media/Music"; - type = lib.types.str; - }; - - port = lib.mkOption { - description = "Port for Navidrome."; - default = 4533; - type = lib.types.int; - }; - }; - }; - oci = { audiobookshelf = { enable = lib.mkEnableOption "audiobookshelf server in OCI container."; @@ -189,6 +155,22 @@ services = { flatpak.enable = lib.mkEnableOption "Flatpak support with GUI."; + navidrome = { + enable = lib.mkEnableOption "Navidrome music server with secrets."; + + musicDirectory = lib.mkOption { + description = "Music directory for Navidrome."; + default = "/mnt/Media/Music"; + type = lib.types.str; + }; + + port = lib.mkOption { + description = "Port for Navidrome."; + default = 4533; + type = lib.types.int; + }; + }; + syncthing = { enable = lib.mkEnableOption "Syncthing sync service."; diff --git a/nixosModules/services/default.nix b/nixosModules/services/default.nix index 3fb69937..6ed8e895 100644 --- a/nixosModules/services/default.nix +++ b/nixosModules/services/default.nix @@ -6,6 +6,7 @@ }: { imports = [ ./flatpak + ./navidrome ./syncthing ./tailscale ]; diff --git a/nixosModules/services/navidrome/default.nix b/nixosModules/services/navidrome/default.nix new file mode 100644 index 00000000..19e53423 --- /dev/null +++ b/nixosModules/services/navidrome/default.nix @@ -0,0 +1,50 @@ +{ + config, + lib, + pkgs, + ... +}: { + config = lib.mkIf config.ar.services.navidrome.enable { + age.secrets.lastFMApiKey.file = ../../../secrets/lastFM/apiKey.age; + age.secrets.lastFMSecret.file = ../../../secrets/lastFM/secret.age; + age.secrets.spotifyClientId.file = ../../../secrets/spotify/clientId.age; + age.secrets.spotifyClientSecret.file = ../../../secrets/spotify/clientSecret.age; + + system.activationScripts."navidrome-secrets" = let + navidromeConfig = builtins.toFile "navidrome.json" (lib.generators.toJSON {} { + Address = "0.0.0.0"; + DefaultTheme = "Auto"; + MusicFolder = config.ar.services.navidrome.musicDirectory; + Port = config.ar.services.navidrome.port; + SubsonicArtistParticipations = true; + UIWelcomeMessage = "Welcome to Navidrome @ RaffaufLabs.com"; + "Spotify.ID" = "@spotifyClientId@"; + "Spotify.Secret" = "@spotifyClientSecret@"; + "LastFM.Enabled" = true; + "LastFM.ApiKey" = "@lastFMApiKey@"; + "LastFM.Secret" = "@lastFMSecret@"; + "LastFM.Language" = "en"; + }); + in '' + lastFMApiKey=$(cat "${config.age.secrets.lastFMApiKey.path}") + lastFMSecret=$(cat "${config.age.secrets.lastFMSecret.path}") + spotifyClientId=$(cat "${config.age.secrets.spotifyClientId.path}") + spotifyClientSecret=$(cat "${config.age.secrets.spotifyClientSecret.path}") + ${pkgs.gnused}/bin/sed -e "s/@lastFMApiKey@/$lastFMApiKey/" -e "s/@lastFMSecret@/$lastFMSecret/" \ + -e "s/@spotifyClientId@/$spotifyClientId/" -e "s/@spotifyClientSecret@/$spotifyClientSecret/" \ + ${navidromeConfig} > /var/lib/navidrome/navidrome.json + ''; + + systemd.services.navidrome.serviceConfig = { + BindReadOnlyPaths = "${config.ar.services.navidrome.musicDirectory}"; + ExecStart = lib.mkForce '' + ${config.services.navidrome.package}/bin/navidrome --configfile /var/lib/navidrome/navidrome.json \ + --datafolder /var/lib/navidrome/ + ''; + }; + + services.navidrome = { + enable = true; + }; + }; +}