From cc57af4546b7e601a8a2d8bd49bf04bdfe0f6839 Mon Sep 17 00:00:00 2001
From: Natsu Kagami <nki@nkagami.me>
Date: Sat, 11 Jun 2022 15:53:34 -0400
Subject: [PATCH] Working navidrome

---
 modules/cloud/traefik/config.nix  | 20 +++++++++++++++++---
 nki-home/configuration.nix        | 11 +++++++++--
 nki-personal-do/configuration.nix |  7 +++++++
 3 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/modules/cloud/traefik/config.nix b/modules/cloud/traefik/config.nix
index 8da7eda..9f7b7ba 100644
--- a/modules/cloud/traefik/config.nix
+++ b/modules/cloud/traefik/config.nix
@@ -38,6 +38,11 @@ let
         default = null;
         description = "The filter syntax for the router. Overrides `host` and `path` if provided";
       };
+      localHost = mkOption {
+        type = types.nullOr types.str;
+        description = "The local host of the service. Must be an IP if protocol is TCP. Default to localhost/127.0.0.1";
+        default = null;
+      };
       port = mkOption {
         type = types.port;
         description = "The port that the service is listening on";
@@ -91,9 +96,18 @@ let
         else abort "Cannot have middlewares on tcp routers"
       );
       services."${name}-service".loadBalancer.servers = [
-        (if host.protocol == "http" then
-          { url = "http://localhost:${toString host.port}"; }
-        else { address = "127.0.0.1:${toString host.port}"; }
+        (
+          let
+            localhost =
+              if isNull host.localHost then
+                (
+                  if host.protocol == "http" then "localhost"
+                  else "127.0.0.1"
+                ) else host.localHost;
+          in
+          if host.protocol == "http" then
+            { url = "http://${localhost}:${toString host.port}"; }
+          else { address = "${localhost}:${toString host.port}"; }
         )
       ];
     } // (if (host.middlewares != [ ]) then {
diff --git a/nki-home/configuration.nix b/nki-home/configuration.nix
index 30b0ea4..c32d828 100644
--- a/nki-home/configuration.nix
+++ b/nki-home/configuration.nix
@@ -188,7 +188,7 @@
   services.openssh.enable = true;
 
   # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [ 22 ];
+  networking.firewall.allowedTCPPorts = [ 22 4533 ];
   networking.firewall.allowedUDPPorts = [ 22 ];
   # Or disable the firewall altogether.
   # networking.firewall.enable = false;
@@ -231,7 +231,6 @@
   # Before changing this value read the documentation for this option
   # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
   system.stateVersion = "21.05"; # Did you read the comment?
-  system.autoUpgrade.channel = "https://nixos.org/channels/nixos-21.05/";
 
   # tinc network
   sops.secrets."tinc/ed25519-private-key" = { };
@@ -249,5 +248,13 @@
   hardware.opengl.driSupport = true;
   # For 32 bit applications
   hardware.opengl.driSupport32Bit = true;
+
+  # Music server
+  services.navidrome.enable = true;
+  services.navidrome.settings = {
+    Address = "11.0.0.2";
+    MusicFolder = "/mnt/Stuff/Music";
+  };
+  systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = lib.mkAfter [ "/etc" ];
 }
 
diff --git a/nki-personal-do/configuration.nix b/nki-personal-do/configuration.nix
index 3d0b27c..81e05e3 100644
--- a/nki-personal-do/configuration.nix
+++ b/nki-personal-do/configuration.nix
@@ -58,6 +58,13 @@
   cloud.traefik.certsDumper.enable = true;
   cloud.conduit.enable = true;
 
+  # Navidrome back to the PC
+  cloud.traefik.hosts.navidrome = {
+    host = "navidrome.nkagami.me";
+    port = 4533;
+    localHost = "11.0.0.2";
+  };
+
   # Mail
   sops.secrets.mail-users = { owner = "maddy"; };
   cloud.mail = {