Working navidrome

2022-06-11 15:53:34 -04:00 · 2022-06-11 15:53:34 -04:00 · cc57af4546
parent dff7e69dab
commit cc57af4546
3 changed files with 33 additions and 5 deletions
--- a/modules/cloud/traefik/config.nix
+++ b/modules/cloud/traefik/config.nix
@ -38,6 +38,11 @@ let
        default = null;
        description = "The filter syntax for the router. Overrides `host` and `path` if provided";
      };
+      localHost = mkOption {
+        type = types.nullOr types.str;
+        description = "The local host of the service. Must be an IP if protocol is TCP. Default to localhost/127.0.0.1";
+        default = null;
+      };
      port = mkOption {
        type = types.port;
        description = "The port that the service is listening on";
@ -91,9 +96,18 @@ let
        else abort "Cannot have middlewares on tcp routers"
      );
      services."${name}-service".loadBalancer.servers = [
-        (if host.protocol == "http" then
-          { url = "http://localhost:${toString host.port}"; }
-        else { address = "127.0.0.1:${toString host.port}"; }
+        (
+          let
+            localhost =
+              if isNull host.localHost then
+                (
+                  if host.protocol == "http" then "localhost"
+                  else "127.0.0.1"
+                ) else host.localHost;
+          in
+          if host.protocol == "http" then
+            { url = "http://${localhost}:${toString host.port}"; }
+          else { address = "${localhost}:${toString host.port}"; }
        )
      ];
    } // (if (host.middlewares != [ ]) then {
--- a/nki-home/configuration.nix
+++ b/nki-home/configuration.nix
@ -188,7 +188,7 @@
  services.openssh.enable = true;

  # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [ 22 ];
+  networking.firewall.allowedTCPPorts = [ 22 4533 ];
  networking.firewall.allowedUDPPorts = [ 22 ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;
@ -231,7 +231,6 @@
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "21.05"; # Did you read the comment?
-  system.autoUpgrade.channel = "https://nixos.org/channels/nixos-21.05/";

  # tinc network
  sops.secrets."tinc/ed25519-private-key" = { };
@ -249,5 +248,13 @@
  hardware.opengl.driSupport = true;
  # For 32 bit applications
  hardware.opengl.driSupport32Bit = true;
+
+  # Music server
+  services.navidrome.enable = true;
+  services.navidrome.settings = {
+    Address = "11.0.0.2";
+    MusicFolder = "/mnt/Stuff/Music";
+  };
+  systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = lib.mkAfter [ "/etc" ];
 }

--- a/nki-personal-do/configuration.nix
+++ b/nki-personal-do/configuration.nix
@ -58,6 +58,13 @@
  cloud.traefik.certsDumper.enable = true;
  cloud.conduit.enable = true;

+  # Navidrome back to the PC
+  cloud.traefik.hosts.navidrome = {
+    host = "navidrome.nkagami.me";
+    port = 4533;
+    localHost = "11.0.0.2";
+  };
+
  # Mail
  sops.secrets.mail-users = { owner = "maddy"; };
  cloud.mail = {