reinstall

services/ChatGPT-nextcloud.nix

@@ -0,0 +1,56 @@
+  #
+  # Nextcloud Service Configuration
+  #
+  services.nextcloud = {
+    enable = true;
+    # The hostname Nextcloud will use. This should be how you access it in your browser.
+    # If you don't have a domain, use your server's IP address.
+    hostName = "nextcloud.local"; # <--- IMPORTANT: Change to your actual domain or IP
+
+    # Use the built-in web server (Apache in this case) provided by the Nextcloud module.
+    # This means you don't need to configure services.httpd or services.nginx separately.
+    inheritBuiltinWebserver = true;
+
+    # Directory where Nextcloud will store user data.
+    # Ensure this path is on a persistent storage volume.
+    dataDir = "/var/lib/nextcloud/data"; # <--- IMPORTANT: Ensure this path is suitable for your setup
+
+    # Database configuration: PostgreSQL is recommended for production.
+    database = {
+      type = "postgresql";
+      createLocally = true; # NixOS will manage and create the PostgreSQL database
+      userName = "nextcloud"; # Database username for Nextcloud
+      # Securely store the database password in a file.
+      # You MUST create this file before rebuilding your system (see instructions below).
+      passwordFile = "/run/keys/nextcloud-db-password";
+    };
+
+    # Nextcloud application-specific configuration options.
+    # These map directly to Nextcloud's config.php settings.
+    config = {
+      # The host Nextcloud will use for internal redirects. Should match hostName.
+      overwritehost = "nextcloud.local"; # <--- IMPORTANT: Adjust if using a different hostname/IP
+
+      # List of trusted domains/IPs from which Nextcloud can be accessed.
+      # Add your server's IP address and any domain names you'll use.
+      trusted_domains = [
+        "nextcloud.local" # <--- IMPORTANT: Add your domain or IP here
+        "192.168.1.100"   # <--- IMPORTANT: Replace with your server's actual IP address
+      ];
+
+      # Configure local memory caching for performance. APCu is recommended.
+      memcache.local = "\\OC\\Memcache\\APCu";
+    };
+
+    # PHP FPM options required by Nextcloud for optimal performance.
+    phpOptions = {
+      "opcache.enable" = true;
+      "opcache.interned_strings_buffer" = 8;
+      "opcache.max_accelerated_files" = 10000;
+      "opcache.memory_consumption" = 128;
+      "opcache.save_comments" = 1;
+      "opcache.revalidate_freq" = 1;
+      "apc.enable_cli" = 1;
+    };
+  };
+

services/calibre-web.nix

@@ -0,0 +1,37 @@
+{ config, pkgs, ... }:
+{
+
+  # Calibre-Web
+  # more options: https://mynixos.com/nixpkgs/options/services.calibre-web
+  services.calibre-web= {
+    enable = true;
+    listen = {
+      ip = "0.0.0.0";
+      port = 8083;
+    };
+    openFirewall = true;
+    options = {
+      enableBookUploading = true;
+      enableBookConversion = true;
+      # No " " around absolute path
+      # Make sure a calibre library .db file is in this folder
+      # Example file: https://github.com/janeczku/calibre-web/raw/master/library/metadata.db
+      calibreLibrary =/home/elias/books;
+    };
+  };
+
+#Using Caddy on VPS. Don't need this.
+services.nginx.enable = false;
+
+# CACHE_DIRECTORY environment variable
+# explanation: https://github.com/janeczku/calibre-web/issues/3343
+# https://github.com/janeczku/calibre-web/issues/3278
+systemd.services.calibre-web = {
+      environment = {
+        CACHE_DIR = "/var/cache/calibre-web";
+      };
+      serviceConfig = {
+        CacheDirectory = "calibre-web";
+      };
+    };
+}

services/cryptpad.nix

@@ -0,0 +1,9 @@
+{ config, pkgs, ... }:
+{
+
+# not finished
+  services.cryptpad= {
+    enable = true;
+  };
+
+}

services/fail2ban.nix

@@ -0,0 +1,21 @@
+{ config, pkgs, ... }:
+{
+
+  services.fail2ban = {
+    enable = true;
+   # Ban IP after 5 failures
+    maxretry = 5;
+    ignoreIP = [
+      # Whitelist some subnets
+      "100.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"
+    ];
+    bantime = "24h"; # Ban IPs for one day on the first ban
+    bantime-increment = {
+      enable = true; # Enable increment of bantime after each violation
+      formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
+      #multipliers = "1 2 4 8 16 32 64";
+      maxtime = "168h"; # Do not ban for more than 1 week
+      overalljails = true; # Calculate the bantime based on all the violations
+    };
+  };
+}

services/glances.nix

@@ -0,0 +1,10 @@
+{ config, pkgs, ... }:
+{
+
+  services.glances = {
+    enable = true;
+    port = 61208;
+    openFirewall = true;
+  };
+
+}

services/immich.nix

@@ -0,0 +1,9 @@
+{ config, pkgs, ... }:
+{
+
+  services.immich = {
+    enable = true;
+    port = 2283;
+  };
+
+}

services/jellyfin.nix

@@ -0,0 +1,16 @@
+{ config, pkgs, ... }:
+{
+
+  services.jellyfin = {
+    enable = true;
+    openFirewall = true;
+    dataDir = "/var/lib/jellyfin"; #default
+  };
+
+  environment.systemPackages = [
+    pkgs.jellyfin
+    pkgs.jellyfin-web
+    pkgs.jellyfin-ffmpeg
+  ];
+
+}

services/nextcloud-reset.sh

@@ -0,0 +1,9 @@
+#!/run/current-system/sw/bin/bash
+sudo systemctl stop postgresql
+sudo systemctl stop nextcloud-setup
+sudo systemctl stop nextcloud-cron
+sudo systemctl stop phpfm-nextcloud
+sudo systemctl stop redis-nextcloud
+sudo rm -rf /var/lib/nextcloud
+#sudo rm -rf /var/lib/postgresql
+sudo rm -rf /var/lib/redis-nextcloud

services/nextcloud.nix

@@ -0,0 +1,62 @@
+{ config, pkgs, ... }:
+{
+# BASIC CONFIG
+# user is root
+environment.etc."nextcloud-admin-pass".text = "CHANGE_RIGHT_AWAY";
+	
+/*
+services.nextcloud = {
+  enable = true;
+  hostName = "localhost";
+  config.adminpassFile = "/etc/nextcloud-admin-pass";
+};
+*/
+
+
+services.nextcloud = {
+    enable = true;
+    configureRedis = true;
+    package = pkgs.nextcloud31;
+    hostName = "nextcloud.knossos";
+#    datadir = "/var/lib/nextcloud/";
+    settings = {
+      overwriteprotocol = "https";
+      trusted_proxies = [ "localhost" "127.0.0.1" "100.82.24.89" ];
+      trusted_domains = [ "nextcloud.knossos.arkadi.one" ];
+    };
+    config = {
+      dbtype = "pgsql";
+      dbuser = "nextcloud";
+      dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
+      dbname = "nextcloud";
+      adminpassFile = "/etc/nextcloud-admin-pass";
+      adminuser = "admin";
+    };
+};
+
+  services.postgresql = {
+    enable = true;
+    ensureDatabases = [ "nextcloud" ];
+    ensureUsers = [
+    { name = "nextcloud";
+    ensureDBOwnership = true;
+    }
+    ];
+  };
+
+  # ensure that postgres is running *before* running the setup
+  systemd.services."nextcloud-setup" = {
+    requires = ["postgresql.service"];
+    after = ["postgresql.service"];
+  };
+
+
+# CALIBRE-WEB already disabled?
+
+#  services.nginx.enable = true;
+#  services.nginx.virtualHosts."nextcloud.knossos" ={ 
+#    listen = [ { addr = "127.0.0.1"; port = 8009; } ];
+#    forceSSL = false;
+#  };
+
+}

services/nextcloud/lup-nextcloud.nix

@@ -0,0 +1,47 @@
+# nextcloud.nix
+# from Linux Unplugged
+{ config, pkgs, ... }:
+{
+    services.nextcloud = {
+      enable = true;
+      hostName = "nextcloud.knossos.arkadi.one";
+      # Need to manually increment with every major upgrade.
+      package = pkgs.nextcloud30;
+      # Let NixOS install and configure the database automatically.
+      database.createLocally = true;
+      # Let NixOS install and configure Redis caching automatically.
+      configureRedis = true;
+      # Increase the maximum file upload size.
+      maxUploadSize = "16G";
+      https = true;
+      autoUpdateApps.enable = true;
+      extraAppsEnable = true;
+      extraApps = with config.services.nextcloud.package.packages.apps; {
+        # List of apps we want to install and are already packaged in
+        # https://github.com/NixOS/nixpkgs/blob/master/pkgs/servers/nextcloud/packages/nextcloud-apps.json
+        inherit calendar contacts notes onlyoffice tasks cookbook;
+      };
+
+      settings = {
+        #overwriteprotocol = "https";
+        trusted_proxies = [ "localhost" "127.0.0.1" "100.82.24.89" ];
+        #trusted_domains = [ "nextcloud.knossos.arkadi.one" ];
+      };
+      config = {
+        dbtype = "pgsql";
+        adminuser = "admin";
+        adminpassFile = "/var/lib/secrets/nextcloud-admin-pass";
+      };
+      # Suggested by Nextcloud's health check.
+      phpOptions."opcache.interned_strings_buffer" = "16";
+    };
+/*
+    # Nightly database backups.
+    postgresqlBackup = {
+      enable = true;
+      startAt = "*-*-* 01:15:00";
+    };
+*/
+  services.nginx.virtualHosts."nextcloud.knossos.arkadi.one".listen = [ { addr = "127.0.0.1"; port = 8009; } ];
+
+}

services/nextcloud/nextcloud.nix

@@ -0,0 +1,48 @@
+{ config, pkgs, ... }:
+{
+services.nextcloud = {
+    enable = true;
+    configureRedis = true;
+    package = pkgs.nextcloud31;
+    hostName = "nextcloud.knossos";
+    datadir = "/var/lib/nextcloud/";
+    settings = {
+      overwriteprotocol = "https";
+      trusted_proxies = [ "localhost" "127.0.0.1" "100.82.24.89" ];
+      trusted_domains = [ "nextcloud.knossos.arkadi.one" ];
+    };
+    config = {
+      dbtype = "pgsql";
+      dbuser = "nextcloud";
+      dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
+      dbname = "nextcloud";
+      adminpassFile = "/var/lib/secrets/nextcloud/nextcloud-admin-pass";
+      adminuser = "admin";
+    };
+};
+
+  services.postgresql = {
+    enable = true;
+    ensureDatabases = [ "nextcloud" ];
+    ensureUsers = [
+    { name = "nextcloud";
+    ensureDBOwnership = true;
+    }
+    ];
+  };
+
+  # ensure that postgres is running *before* running the setup
+  systemd.services."nextcloud-setup" = {
+    requires = ["postgresql.service"];
+    after = ["postgresql.service"];
+  };
+
+# CALIBRE-WEB already disabled?
+
+#  services.nginx.enable = true;
+#  services.nginx.virtualHosts."nextcloud.knossos" ={ 
+#    listen = [ { addr = "127.0.0.1"; port = 8009; } ];
+#    forceSSL = false;
+#  };
+
+}

services/oldnextcloud.nix

@@ -0,0 +1,15 @@
+{ config, pkgs, ... }:
+{
+
+services.nextcloud = {
+  enable = true;
+  package = pkgs.nextcloud31;
+  hostName = "nextcloud.knossos";
+  config.adminpassFile = "/var/lib/nextcloud-admin-pass";
+  config.dbtype = "sqlite";
+};
+
+
+services.nginx.virtualHosts."nextcloud.knossos".listen = [ { addr = "127.0.0.1"; port = 8009; } ];
+
+}

services/transmission-settings.json

@@ -0,0 +1,18 @@
+# Put this file in /var/lib/secrets/transmission/settings.json
+
+{
+    "peer-port": 51413,
+    "encryption": 1,
+
+    "rpc-enabled": true,
+    "rpc-bind-address": "0.0.0.0",
+    "rpc-host-whitelist-enabled": true,
+    "rpc-host-whitelist": "*.knossos.arkadi.one,knossos,*.arkadi.one",
+    "rpc-whitelist-enabled": true,
+    "rpc-whitelist": "127.0.0.1,192.168.*.*,100.*.*.*",
+    "rpc-authentication-required": true,
+    "rpc-username": "elias",
+    "rpc-password": "family-name-spark727"
+
+}
+

services/transmission.nix

@@ -0,0 +1,29 @@
+{ config, pkgs, ... }:
+{
+# https://mynixos.com/nixpkgs/options/services.transmission
+
+  services.transmission = {
+    enable = true;
+    credentialsFile = "/var/lib/secrets/transmission/settings.json";
+    openFirewall = true;
+    # openPeerPorts = true;
+    openRPCPort = true;
+  };
+
+# NOTE
+# credentialsFile example in transmission-settings.json in this directory
+# move and put into: /var/lib/secrets/transmission/settings.json
+
+# =====
+# NOTES TO FIX
+#added user here: https://mynixos.com/nixpkgs/option/services.transmission.credentialsFile
+
+#git hub issue
+#https://mynixos.com/nixpkgs/option/services.transmission.credentialsFile
+#config options
+#https://github.com/transmission/transmission/blob/main/docs/Editing-Configuration-Files.md
+#settings.json options
+
+
+
+}