nixos-config/hosts/media-server/configuration.nix

{ config, lib, nix-config, inputs, pkgs, ... }:

{
  imports = with nix-config.nixosModules; [
      ./hardware-configuration.nix
      filesystems-filez
    ];

  nixpkgs = {
    config = {
      allowUnfree = true;
    };

    overlays = builtins.attrValues nix-config.overlays ++ [
      inputs.nh.overlays.default
    ];
  };

  nix = {
    settings = {
      experimental-features = [
        "nix-command"
        "flakes"
      ];
      substituters = [
        "https://nix-community.cachix.org"
        "https://cache.garnix.io"
      ];
      trusted-public-keys = [
        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
        "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
      ];
    };

    channel.enable = false; # remove nix-channel related tools & configs, we use flakes instead.
  };

  # Use the systemd-boot EFI boot loader.
  boot = {
    loader = {
      systemd-boot = {
        enable = true;
        configurationLimit = 4;
      };
      efi.canTouchEfiVariables = true;
    };
    kernelPackages = pkgs.linuxPackages_latest;
    kernelModules = [
      "i2c-dev"
      "amd_3d_vcache"
      "uinput"
    ];

    supportedFilesystems = [ "nfs" ];
  };

  networking.hostName = "media-server";
  networking.networkmanager.enable = true;
  networking.firewall.allowedTCPPorts = [ 80 443 2049 ];

  # Set your time zone.
  time.timeZone = "America/Toronto";

  security.sudo = {
    enable = true;
    wheelNeedsPassword = false;
  };

  users.users.media = {
    isNormalUser = true;
    extraGroups = [ "wheel" "input" "audio" "video" "network" "networkmanager" ];
  };

  environment.systemPackages = with pkgs; [
    wget
    curl
    cifs-utils
    caddy
  ];

  fonts = {
    enableDefaultPackages = true;
    fontDir.enable = true;
    fontconfig = {
      enable = true;
      useEmbeddedBitmaps = true;
    };
  };


  hardware = {
    amdgpu.initrd.enable = true;
    enableAllFirmware = true;
    uinput.enable = true;
  };

  services.power-profiles-daemon = {
    enable = true;
    package = pkgs.power-profiles-daemon;
  };

  services.getty.autologinUser = "media";

  # enable the OpenSSH daemon.
  services.openssh.enable = true;
  programs.ssh.startAgent = true;
    
  services.resolved = {
    enable = true;
    extraConfig = ''
      LLMNR=no
      ReadEtcHosts=no
      DNSSEC=no
    '';
  };
  services.avahi = {
    enable = true;
    publish.enable = true;
    publish.userServices = true;
    openFirewall = true;
    nssmdns4 = true;
  };

  services.rpcbind.enable = true;

  services.nfs = {
    server = {
      enable = true;
      exports = ''
/export/import *(rw,fsid=0,no_subtree_check,nohide,insecure,crossmnt)
'';
    };
  };

  programs.nix-ld.enable = true;

  programs.nh = {
    enable = true;
    clean = {
      enable = true;
      dates = "daily";
      extraArgs = "--keep 4";
    };
    flake = "/home/media-server/nixos-config";
    package = pkgs.nh;
  };

  # enable fish and launch it from bash for interactive shells
  programs.fish.enable = true;
  environment.pathsToLink = [ "/share/fish" ];
  programs.bash = {
    interactiveShellInit = ''
      if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
       then
         shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
         exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
       fi
    '';
  };

  programs.git = {
    enable = true;
  };

  services.tailscale.enable = true;
  systemd.services.tailscaled.after = [ "NetworkManager-wait-online.service" ];

  nixarr = {
    enable = true;

    # mediaDir = "/mnt/filez/media";
    stateDir = "/data/media/.state/nixarr";

    mediaUsers = [
      "media"
      "plex"
      "sonarr"
      "radarr"
      "lidarr"
      "bazarr"
      "prowlarr"
    ];

    transmission = {
      enable = true;
      flood.enable = true;
      openFirewall = true;
      extraSettings = {
        incomplete-dir = "/mnt/filez/media/downloads/torrents/incomplete";
        download-dir = "/mnt/filez/media/downloads/torrents";
      };
    };

    sabnzbd = {
      enable = true;
      openFirewall = true;
      whitelistHostnames = [ "media-server" ];
    };

    bazarr.enable = true;
    lidarr.enable = true;
    prowlarr.enable = true;
    radarr.enable = true;
    readarr.enable = true;
    sonarr.enable = true;
    jellyseerr.enable = true;
  };

  services.plex = {
    enable = true;
    openFirewall = true;
  };

  systemd.targets.sleep.enable = false;
  systemd.targets.suspend.enable = false;
  systemd.targets.hibernate.enable = false;
  systemd.targets.hybrid-sleep.enable = false;

  systemd.sleep.extraConfig = ''
AllowSuspend=no
AllowHibernation=no
AllowSuspendThenHibernate=no
AllowHybridSleep=no
'';

  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
  system.stateVersion = "25.05"; # Did you read the comment?

}
setting up media server 2025-03-10 14:34:41 -04:00			`{ config, lib, nix-config, inputs, pkgs, ... }:`
starting to setup media-server 2025-02-20 16:23:09 -05:00
			`{`
setting up media server 2025-03-10 15:42:03 -04:00			`imports = with nix-config.nixosModules; [`
setting up media server 2025-03-10 13:52:39 -04:00			`./hardware-configuration.nix`
fixing filesystems and stuff 2025-03-11 12:57:34 -04:00			`filesystems-filez`
setting up media server 2025-03-10 13:52:39 -04:00			`];`

setting up media server 2025-03-10 13:57:20 -04:00			`nixpkgs = {`
			`config = {`
			`allowUnfree = true;`
			`};`
setting up media server 2025-03-10 14:34:41 -04:00
			`overlays = builtins.attrValues nix-config.overlays ++ [`
			`inputs.nh.overlays.default`
			`];`
setting up media server 2025-03-10 13:57:20 -04:00			`};`

			`nix = {`
			`settings = {`
			`experimental-features = [`
			`"nix-command"`
			`"flakes"`
			`];`
			`substituters = [`
			`"https://nix-community.cachix.org"`
			`"https://cache.garnix.io"`
			`];`
			`trusted-public-keys = [`
			`"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="`
			`"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="`
			`];`
			`};`

			`channel.enable = false; # remove nix-channel related tools & configs, we use flakes instead.`
			`};`
setting up media server 2025-03-10 13:52:39 -04:00
			`# Use the systemd-boot EFI boot loader.`
updates for media 2025-03-16 13:59:47 -04:00			`boot = {`
			`loader = {`
			`systemd-boot = {`
			`enable = true;`
			`configurationLimit = 4;`
			`};`
			`efi.canTouchEfiVariables = true;`
			`};`
			`kernelPackages = pkgs.linuxPackages_latest;`
			`kernelModules = [`
			`"i2c-dev"`
			`"amd_3d_vcache"`
			`"uinput"`
			`];`

			`supportedFilesystems = [ "nfs" ];`
			`};`
setting up media server 2025-03-10 13:52:39 -04:00
switching all smb to nfs 2025-04-05 14:46:17 -04:00			`networking.hostName = "media-server";`
			`networking.networkmanager.enable = true;`
switching all smb to nfs 2025-04-05 14:11:59 -04:00			`networking.firewall.allowedTCPPorts = [ 80 443 2049 ];`
setting up media server 2025-03-10 13:52:39 -04:00
			`# Set your time zone.`
			`time.timeZone = "America/Toronto";`

wheel 2025-04-15 11:24:21 -04:00			`security.sudo = {`
			`enable = true;`
			`wheelNeedsPassword = false;`
			`};`

setting up media server 2025-03-10 13:52:39 -04:00			`users.users.media = {`
			`isNormalUser = true;`
switching all smb to nfs 2025-04-05 14:46:17 -04:00			`extraGroups = [ "wheel" "input" "audio" "video" "network" "networkmanager" ];`
setting up media server 2025-03-10 13:52:39 -04:00			`};`

			`environment.systemPackages = with pkgs; [`
			`wget`
			`curl`
media server stuff 2025-03-10 22:23:34 -04:00			`cifs-utils`
trying to get taskwarrior web to work nicely 2025-04-03 12:43:22 -04:00			`caddy`
setting up media server 2025-03-10 13:52:39 -04:00			`];`

			`fonts = {`
			`enableDefaultPackages = true;`
			`fontDir.enable = true;`
			`fontconfig = {`
			`enable = true;`
			`useEmbeddedBitmaps = true;`
			`};`
setting up media server 2025-03-10 13:59:58 -04:00			`};`
setting up media server 2025-03-10 13:52:39 -04:00

setting up media server 2025-03-10 13:59:58 -04:00			`hardware = {`
			`amdgpu.initrd.enable = true;`
			`enableAllFirmware = true;`
			`uinput.enable = true;`
			`};`
setting up media server 2025-03-10 13:52:39 -04:00
setting up media server 2025-03-10 13:59:58 -04:00			`services.power-profiles-daemon = {`
			`enable = true;`
			`package = pkgs.power-profiles-daemon;`
			`};`
setting up media server 2025-03-10 13:52:39 -04:00
trying to fix xwayland satellite service 2025-03-11 10:32:47 -04:00			`services.getty.autologinUser = "media";`

setting up media server 2025-03-10 13:59:58 -04:00			`# enable the OpenSSH daemon.`
			`services.openssh.enable = true;`
			`programs.ssh.startAgent = true;`
adding sops for taskchamp 2025-03-29 14:36:03 -04:00
setting up media server 2025-03-10 13:59:58 -04:00			`services.resolved = {`
			`enable = true;`
			`extraConfig = ''`
setting up media server 2025-03-10 13:52:39 -04:00			`LLMNR=no`
			`ReadEtcHosts=no`
			`DNSSEC=no`
			`'';`
setting up media server 2025-03-10 13:59:58 -04:00			`};`
			`services.avahi = {`
			`enable = true;`
			`publish.enable = true;`
			`publish.userServices = true;`
			`openFirewall = true;`
			`nssmdns4 = true;`
			`};`
switching all smb to nfs 2025-04-05 13:53:10 -04:00
			`services.rpcbind.enable = true;`

			`services.nfs = {`
			`server = {`
			`enable = true;`
			`exports = ''`
switching all smb to nfs 2025-04-05 14:15:56 -04:00			`/export/import *(rw,fsid=0,no_subtree_check,nohide,insecure,crossmnt)`
switching all smb to nfs 2025-04-05 13:53:10 -04:00			`'';`
media server stuff 2025-03-10 18:50:05 -04:00			`};`
setting up media server 2025-03-10 13:59:58 -04:00			`};`
switching all smb to nfs 2025-04-05 13:53:10 -04:00
taskwarrior web package 2025-04-02 18:24:17 -04:00			`programs.nix-ld.enable = true;`

setting up media server 2025-03-10 14:11:00 -04:00			`programs.nh = {`
			`enable = true;`
			`clean = {`
			`enable = true;`
			`dates = "daily";`
			`extraArgs = "--keep 4";`
			`};`
			`flake = "/home/media-server/nixos-config";`
			`package = pkgs.nh;`
			`};`
setting up media server 2025-03-10 13:52:39 -04:00
setting up media server 2025-03-10 13:59:58 -04:00			`# enable fish and launch it from bash for interactive shells`
			`programs.fish.enable = true;`
			`environment.pathsToLink = [ "/share/fish" ];`
			`programs.bash = {`
			`interactiveShellInit = ''`
setting up media server 2025-03-10 13:52:39 -04:00			`if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]`
			`then`
			`shopt -q login_shell && LOGIN_OPTION='--login' \|\| LOGIN_OPTION=""`
			`exec ${pkgs.fish}/bin/fish $LOGIN_OPTION`
			`fi`
			`'';`
setting up media server 2025-03-10 13:59:58 -04:00			`};`
setting up media server 2025-03-10 13:52:39 -04:00
setting up media server 2025-03-10 13:59:58 -04:00			`programs.git = {`
			`enable = true;`
			`};`
setting up media server 2025-03-10 13:52:39 -04:00
setting up media server 2025-03-10 14:17:53 -04:00			`services.tailscale.enable = true;`
			`systemd.services.tailscaled.after = [ "NetworkManager-wait-online.service" ];`
setting up media server 2025-03-10 14:16:39 -04:00
setting up media server 2025-03-10 15:42:03 -04:00			`nixarr = {`
			`enable = true;`

setting up media server 2025-03-10 17:30:58 -04:00			`# mediaDir = "/mnt/filez/media";`
setting up media server 2025-03-10 15:42:03 -04:00			`stateDir = "/data/media/.state/nixarr";`

setting up media server 2025-03-10 17:30:58 -04:00			`mediaUsers = [`
			`"media"`
setting up media server 2025-03-10 17:32:31 -04:00			`"plex"`
media server stuff 2025-03-10 22:41:09 -04:00			`"sonarr"`
			`"radarr"`
			`"lidarr"`
			`"bazarr"`
			`"prowlarr"`
setting up media server 2025-03-10 17:30:58 -04:00			`];`

setting up media server 2025-03-10 15:42:03 -04:00			`transmission = {`
			`enable = true;`
flake and torrent 2025-03-26 13:04:12 -04:00			`flood.enable = true;`
beets 2025-03-11 11:53:06 -04:00			`openFirewall = true;`
perms for transmission 2025-03-12 16:18:17 -04:00			`extraSettings = {`
email and small tweaks 2025-03-27 12:23:31 -04:00			`incomplete-dir = "/mnt/filez/media/downloads/torrents/incomplete";`
			`download-dir = "/mnt/filez/media/downloads/torrents";`
perms for transmission 2025-03-12 16:18:17 -04:00			`};`
setting up media server 2025-03-10 15:42:03 -04:00			`};`

beets 2025-03-11 11:44:36 -04:00			`sabnzbd = {`
			`enable = true;`
beets 2025-03-11 11:53:06 -04:00			`openFirewall = true;`
servarr 2025-03-11 12:11:25 -04:00			`whitelistHostnames = [ "media-server" ];`
beets 2025-03-11 11:44:36 -04:00			`};`

setting up media server 2025-03-10 15:42:03 -04:00			`bazarr.enable = true;`
			`lidarr.enable = true;`
			`prowlarr.enable = true;`
			`radarr.enable = true;`
			`readarr.enable = true;`
			`sonarr.enable = true;`
			`jellyseerr.enable = true;`
			`};`

			`services.plex = {`
			`enable = true;`
setting up media server 2025-03-10 17:42:27 -04:00			`openFirewall = true;`
setting up media server 2025-03-10 15:42:03 -04:00			`};`
setting up media server 2025-03-10 14:16:39 -04:00
niri startup and new templates 2025-03-13 17:49:17 -04:00			`systemd.targets.sleep.enable = false;`
			`systemd.targets.suspend.enable = false;`
			`systemd.targets.hibernate.enable = false;`
			`systemd.targets.hybrid-sleep.enable = false;`
sleep for media server 2025-03-12 10:50:28 -04:00
			`systemd.sleep.extraConfig = ''`
			`AllowSuspend=no`
			`AllowHibernation=no`
			`AllowSuspendThenHibernate=no`
			`AllowHybridSleep=no`
			`'';`
media server stuff 2025-03-10 20:33:10 -04:00
setting up media server 2025-03-10 13:59:58 -04:00			# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
			`system.stateVersion = "25.05"; # Did you read the comment?`
setting up media server 2025-03-10 13:52:39 -04:00
starting to setup media-server 2025-02-20 16:23:09 -05:00			`}`