Skip to content

Commit

Permalink
Updated docs
Browse files Browse the repository at this point in the history
  • Loading branch information
@rasmus-kirk
rasmus-kirk committed Mar 4, 2024
1 parent 324e23f commit f76b9bf
Show file tree
Hide file tree
Showing 3 changed files with 166 additions and 122 deletions.
220 changes: 110 additions & 110 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,12 +38,12 @@ To run services through a VPN, you must provide a wg-quick config file,
that is provided by most VPN providers:

```nix {.numberLines}
nixarr.vpn = {
enable = true;
# IMPORTANT: This file must _not_ be in the config git directory
# You can usually get this wireguard file from your VPN provider
wgConf = "/data/.secret/wg.conf";
}
nixarr.vpn = {
enable = true;
# IMPORTANT: This file must _not_ be in the config git directory
# You can usually get this wireguard file from your VPN provider
wgConf = "/data/.secret/wg.conf";
}
```

It is possible, _but not recommended_, to run the "*Arrs" behind a VPN,
Expand All @@ -64,33 +64,33 @@ If you want to know how to setup DDNS with Njalla, or how to manage secrets in n
To use this module, add it to your flake inputs in your nix flake file, like shown in this example flake:

```nix {.numberLines}
{
description = "Your nix flake";
{
description = "Your nix flake";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixarr.url = "github:rasmus-kirk/nixarr";
};
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixarr.url = "github:rasmus-kirk/nixarr";
};
outputs = {
nixpkgs,
nixarr,
...
}@inputs: {
nixosConfigurations = {
servarr = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./nixos/servarr/configuration.nix
nixarr.nixosModules.default
];
specialArgs = { inherit inputs; };
outputs = {
nixpkgs,
nixarr,
...
}@inputs: {
nixosConfigurations = {
servarr = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./nixos/servarr/configuration.nix
nixarr.nixosModules.default
];
specialArgs = { inherit inputs; };
};
};
};
};
}
}
```

## Examples
Expand All @@ -102,45 +102,45 @@ This example does the following:
- Runs all "*Arrs" supported by this module

```nix {.numberLines}
nixarr = {
enable = true;
# These two values are also the default, but you can set them to whatever
# else you want
mediaDir = "/data/media";
stateDir = "/data/media/.state";
vpn = {
nixarr = {
enable = true;
# IMPORTANT: This file must _not_ be in the config git directory
# You can usually get this wireguard file from your VPN provider
wgConf = "/data/.secret/wg.conf";
};
# These two values are also the default, but you can set them to whatever
# else you want
mediaDir = "/data/media";
stateDir = "/data/media/.state";
jellyfin = {
enable = true;
# These options set up a nginx HTTPS reverse proxy, so you can access
# Jellyfin on your domain with HTTPS
expose.https = {
vpn = {
enable = true;
domainName = "your.domain.com";
acmeMail = "[email protected]"; # Required for ACME-bot
# IMPORTANT: This file must _not_ be in the config git directory
# You can usually get this wireguard file from your VPN provider
wgConf = "/data/.secret/wg.conf";
};
};
transmission = {
enable = true;
vpn.enable = true;
peerPort = 50000; # Set this to the port forwarded by your VPN
};
jellyfin = {
enable = true;
# These options set up a nginx HTTPS reverse proxy, so you can access
# Jellyfin on your domain with HTTPS
expose.https = {
enable = true;
domainName = "your.domain.com";
acmeMail = "[email protected]"; # Required for ACME-bot
};
};
# It is possible for this module to run the *Arrs through a VPN, but it
# is generally not recommended, as it can cause rate-limiting issues.
sonarr.enable = true;
radarr.enable = true;
prowlarr.enable = true;
readarr.enable = true;
lidarr.enable = true;
};
transmission = {
enable = true;
vpn.enable = true;
peerPort = 50000; # Set this to the port forwarded by your VPN
};
# It is possible for this module to run the *Arrs through a VPN, but it
# is generally not recommended, as it can cause rate-limiting issues.
sonarr.enable = true;
radarr.enable = true;
prowlarr.enable = true;
readarr.enable = true;
lidarr.enable = true;
};
```

Another example where port forwarding is not an option. This is useful if,
Expand All @@ -153,70 +153,70 @@ example does the following:
- Runs all the supported "*Arrs"

```nix {.numberLines}
nixarr = {
enable = true;
vpn = {
nixarr = {
enable = true;
wgConf = "/data/.secret/wg.conf";
};
jellyfin = {
enable = true;
vpn.enable = true;
vpn = {
enable = true;
wgConf = "/data/.secret/wg.conf";
};
# Access the Jellyfin web-ui from the internet.
# Get this port from your VPN provider
expose.vpn = {
jellyfin = {
enable = true;
port = 12345;
vpn.enable = true;
# Access the Jellyfin web-ui from the internet.
# Get this port from your VPN provider
expose.vpn = {
enable = true;
port = 12345;
};
};
};
# Setup SSH service that runs through VPN.
# Lets you connect through ssh from the internet without having access to
# port forwarding
openssh.vpn.enable = true;
# Setup SSH service that runs through VPN.
# Lets you connect through ssh from the internet without having access to
# port forwarding
openssh.expose.vpn.enable = true;
transmission = {
enable = true;
vpn.enable = true;
peerPort = 50000; # Set this to the port forwarded by your VPN
transmission = {
enable = true;
vpn.enable = true;
peerPort = 50000; # Set this to the port forwarded by your VPN
};
sonarr.enable = true;
radarr.enable = true;
prowlarr.enable = true;
readarr.enable = true;
lidarr.enable = true;
};
sonarr.enable = true;
radarr.enable = true;
prowlarr.enable = true;
readarr.enable = true;
lidarr.enable = true;
};
# The `openssh.vpn.enable` option does not enable openssh, so we do that here:
# We disable password authentication as it's generally insecure.
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
# Get this port from your VPN provider
ports = [ 54321 ]
};
# Adds your public keys as trusted devices
users.extraUsers.username.openssh.authorizedKeys.keyFiles = [
./path/to/public/key/machine.pub}
];
# The `openssh.vpn.enable` option does not enable openssh, so we do that here:
# We disable password authentication as it's generally insecure.
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
# Get this port from your VPN provider
ports = [ 54321 ]
};
# Adds your public keys as trusted devices
users.extraUsers.username.openssh.authorizedKeys.keyFiles = [
./path/to/public/key/machine.pub}
];
```

In both examples, you don't have access to the "*Arrs" or torrent client
without being on your home network or accessing them through localhost. If
you have SSH setup you can use SSH tunneling. Simply run:

```sh
ssh -N user@ip \
-L 6001:localhost:9091 \
-L 6002:localhost:9696 \
-L 6003:localhost:8989 \
-L 6004:localhost:7878 \
-L 6005:localhost:8686 \
-L 6006:localhost:8787
ssh -N user@ip \
-L 6001:localhost:9091 \
-L 6002:localhost:9696 \
-L 6003:localhost:8989 \
-L 6004:localhost:7878 \
-L 6005:localhost:8686 \
-L 6006:localhost:8787
```

Replace `user` with your user and `ip` with the public ip, or domain if set
Expand Down
39 changes: 39 additions & 0 deletions docs/pandoc/lua/indent-code-blocks.lua
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
-- pandoc_indent_nix_blocks.lua
-- This Pandoc Lua filter indents all lines in code blocks by 2 spaces
-- TODO: This indents _all_ code blocks, not just example and default...

--if dump_debug then
-- local debug_file = io.open("pandoc_debug.log", "a")
--end
--
--function debug(msg)
-- if debug_file then
-- debug_file:write(msg .. "\n")
-- end
--end

function CodeBlock(block)
-- Check if the code block language is unmarked
if #block.classes == 0 then
-- Split the block text into lines
local lines = {}
for line in block.text:gmatch("[^\r\n]+") do
table.insert(lines, line)
end

-- Indent each line by 2 spaces
for i, line in ipairs(lines) do
lines[i] = " " .. line
end

-- Join the lines back together and update the block text
block.text = table.concat(lines, '\n')

-- Return the modified block
return block
end
end

return {
{CodeBlock = CodeBlock}
}
29 changes: 17 additions & 12 deletions mkDocs.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,17 +53,34 @@ in
"$file_path"
}
# Make home page
pandoc \
--metadata date="$(date -u '+%Y-%m-%d - %H:%M:%S %Z')" \
--standalone \
--highlight-style docs/pandoc/gruvbox.theme \
--template docs/pandoc/template.html \
--css docs/pandoc/style.css \
-V lang=en \
-V --mathjax \
-f markdown+smart \
-o $out/index.html \
README.md
# Make wiki pages
find docs/wiki -type f -name "*.md" | while IFS= read -r file; do
buildwiki "$file"
done
# Make options
cd $out
pandoc \
--standalone \
--metadata title="Nixarr - Option Documentation" \
--metadata date="$(date -u '+%Y-%m-%d - %H:%M:%S %Z')" \
--highlight-style docs/pandoc/gruvbox.theme \
--template docs/pandoc/template.html \
--css docs/pandoc/style.css \
--lua-filter docs/pandoc/lua/indent-code-blocks.lua \
--lua-filter docs/pandoc/lua/anchor-links.lua \
--lua-filter docs/pandoc/lua/code-default-to-nix.lua \
--lua-filter docs/pandoc/lua/remove-utils.lua \
Expand All @@ -76,17 +93,5 @@ in
-f markdown+smart \
-o $out/options.html \
"$tmpdir"/nixos-options.md
pandoc \
--metadata date="$(date -u '+%Y-%m-%d - %H:%M:%S %Z')" \
--standalone \
--highlight-style docs/pandoc/gruvbox.theme \
--template docs/pandoc/template.html \
--css docs/pandoc/style.css \
-V lang=en \
-V --mathjax \
-f markdown+smart \
-o $out/index.html \
README.md
'';
}

0 comments on commit f76b9bf

Please sign in to comment.