Skip to content

Commit

Permalink
tiny1: add calibre server
Browse files Browse the repository at this point in the history
  • Loading branch information
hyshka committed Nov 24, 2024
1 parent 6aeb2b0 commit d23e81a
Show file tree
Hide file tree
Showing 7 changed files with 96 additions and 2 deletions.
6 changes: 6 additions & 0 deletions .sops.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,12 @@ creation_rules:
- *tiny1
pgp:
- *hyshka
- path_regex: hosts/tiny1/services/[^/]+\.(sqlite)$
key_groups:
- age:
- *tiny1
pgp:
- *hyshka
- path_regex: hosts/common/secrets.ya?ml$
key_groups:
- age:
Expand Down
10 changes: 10 additions & 0 deletions hosts/tiny1/services/caddy.nix
Original file line number Diff line number Diff line change
Expand Up @@ -130,6 +130,16 @@
reverse_proxy http://127.0.0.1:8085
}
@library host library.home.hyshka.com
handle @library {
reverse_proxy http://127.0.0.1:8083
}
@books host books.home.hyshka.com
handle @books {
reverse_proxy http://127.0.0.1:8084
}
# Fallback for otherwise unhandled domains
handle {
abort
Expand Down
26 changes: 26 additions & 0 deletions hosts/tiny1/services/calibre-users.sqlite

Large diffs are not rendered by default.

47 changes: 47 additions & 0 deletions hosts/tiny1/services/calibre.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
{config, ...}: {
# First, run calibre-server with auth disabled
# Then, generate a users database
# calibre-server --userdb ./calibre-users.sqlite --manage-users
# Finally, encrypt the binary as a secret
# to encrypt a binary: sops -e ./calibre-users.sqlite > hosts/tiny1/services/calibre-users.sqlite

sops.secrets.calibre-userdb = {
owner = config.services.calibre-server.user;
group = "mediacenter";
format = "binary";
sopsFile = ./calibre-users.sqlite;
};

services.calibre-server = {
enable = true;
group = "mediacenter";
port = 8083;
# Need to listen on local and docker interfaces for Readarr
#host = "127.0.0.1";
auth = {
mode = "basic";
enable = true;
userDb = config.sops.secrets.calibre-userdb.path;
};
libraries = [
"/mnt/storage/mediacenter/media/books"
];
};

# Open port to sync with koreader
networking.firewall.allowedTCPPorts = [8083 8084];
services.calibre-web = {
enable = true;
group = "mediacenter";
listen = {
ip = "0.0.0.0";
port = 8084;
};
options = {
enableBookConversion = true;
enableBookUploading = true;
calibreLibrary = "/mnt/storage/mediacenter/media/books";
reverseProxyAuth.enable = true;
};
};
}
1 change: 1 addition & 0 deletions hosts/tiny1/services/default.nix
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{
imports = [
./calibre.nix
#./ddclient.nix
./docker.nix
./glances.nix
Expand Down
7 changes: 5 additions & 2 deletions hosts/tiny1/services/media/default.nix
Original file line number Diff line number Diff line change
@@ -1,11 +1,14 @@
{
{config, ...}: {
imports = [
./docker-compose.nix
];

# docker interface for mediacenter network, allows docker to access ntfy
# TODO: avoid hard-coding the interface
networking.firewall.interfaces."br-65ee147cd7f3".allowedTCPPorts = [8010];
# TODO: 8010 for ntfy
networking.firewall.interfaces."br-0a93fdcc1a12".allowedTCPPorts = [
config.services.calibre-server.port
];

users = {
groups = {
Expand Down
1 change: 1 addition & 0 deletions hosts/tiny1/services/media/docker-compose.nix
Original file line number Diff line number Diff line change
Expand Up @@ -248,6 +248,7 @@
];
log-driver = "journald";
extraOptions = [
"--add-host=host.docker.internal:host-gateway"
"--network-alias=readarr"
"--network=media_default"
];
Expand Down

0 comments on commit d23e81a

Please sign in to comment.