From 9c6da58b21639c13754e07b5a01a10a1feea9c79 Mon Sep 17 00:00:00 2001
From: tootbrute <tootbrute@tutanota.com>
Date: Thu, 17 Apr 2025 13:52:29 +0800
Subject: [PATCH] added Transmission, added VPS-caddy files

---
 README.md                    | 14 ++++++++++----
 VPS-caddy/Caddyfile          | 30 ++++++++++++++++++++++++++++++
 VPS-caddy/Dockerfile         |  8 ++++++++
 VPS-caddy/README.md          |  7 +++++++
 VPS-caddy/docker-compose.yml | 23 +++++++++++++++++++++++
 configuration.nix            |  1 +
 services/jellyfin.nix        |  1 +
 services/transmission.nix    |  8 +++++++-
 8 files changed, 87 insertions(+), 5 deletions(-)
 create mode 100644 VPS-caddy/Caddyfile
 create mode 100644 VPS-caddy/Dockerfile
 create mode 100644 VPS-caddy/README.md
 create mode 100644 VPS-caddy/docker-compose.yml

diff --git a/README.md b/README.md
index f6fcf4c..6b68f24 100644
--- a/README.md
+++ b/README.md
@@ -1,15 +1,21 @@
 # NixOS - Knossos
 
-Test system.
+My test system.
+
 ## Goals
 - Learn Nix.
 - Attempt to make homelab, a la Yunohost...but declarative
 - Try to avoid Docker
 
 ## Tasks
-[ x ] - ZFS root file system
-[ x ]- Tailscale --> VPS --> domain name
-[ ] - Need an auth system
+- [X] ZFS for root file system
+- [X] Tailscale
+- [ ]--> --> domain name
+- [X] Setup Jellyfin
+- [X] Setup calibre-web
+- [ ] Setup Transmission
+- [ ] Setup Nextcloud
+- [ ] Setup systemwide auth system - LDAP? OAuth?
 
 ## System Information
 ```
diff --git a/VPS-caddy/Caddyfile b/VPS-caddy/Caddyfile
new file mode 100644
index 0000000..97e1593
--- /dev/null
+++ b/VPS-caddy/Caddyfile
@@ -0,0 +1,30 @@
+{
+        email youremail@email.com
+}
+
+
+*.home.mydomain.com {
+
+        vars {
+                # IP address of My Tailscale Server
+                tailscale_ip 100.0.0.0
+        }
+
+        tls {
+               dns gandi APIKEYHERE
+        }
+
+        @jellyfin host jellyfin.home.mydomain.com
+        handle @jellyfin {
+                reverse_proxy {vars.tailscale_ip}:8096
+        }
+        @books host books.home.mydomain.com
+        handle @books {
+                reverse_proxy {vars.tailscale_ip}:8083
+        }
+        # Fallback for otherwise unhandled domains
+        handle {
+                abort
+        }
+}
+
diff --git a/VPS-caddy/Dockerfile b/VPS-caddy/Dockerfile
new file mode 100644
index 0000000..4bbd555
--- /dev/null
+++ b/VPS-caddy/Dockerfile
@@ -0,0 +1,8 @@
+FROM caddy:2.8.4-builder-alpine AS builder
+
+RUN xcaddy build \
+--with github.com/caddy-dns/gandi
+
+FROM caddy:2.8.4-alpine
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
diff --git a/VPS-caddy/README.md b/VPS-caddy/README.md
new file mode 100644
index 0000000..004f8f2
--- /dev/null
+++ b/VPS-caddy/README.md
@@ -0,0 +1,7 @@
+# Run Your Homelab Behind your VPS
+https://blog.arkadi.one/p/run-your-homelab-behind-your-vps/
+
+## Files in this directory:
+- Dockerfile - to build a custom Caddy executable with gandi registrar module
+- docker-compose.yml - to run Caddy
+- Caddyfile - your caddy settings for a wildcard DNS
diff --git a/VPS-caddy/docker-compose.yml b/VPS-caddy/docker-compose.yml
new file mode 100644
index 0000000..c0a04c7
--- /dev/null
+++ b/VPS-caddy/docker-compose.yml
@@ -0,0 +1,23 @@
+services:
+  caddy:
+    build: .
+    container_name: Caddy
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 80:80
+      - 443:443
+      - 443:443/udp
+    env_file:
+      - secrets.env
+    volumes:
+	    # I don't like using Docker volumes
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - ./data:/data
+      - ./config:/config
+    restart: unless-stopped
+    networks:
+      - caddy
+networks:
+  caddy:
+    name: caddy
diff --git a/configuration.nix b/configuration.nix
index 4ac61ae..b8ce25a 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -15,6 +15,7 @@
       ./services/calibre-web.nix
       ./services/glances.nix
       ./services/fail2ban.nix
+      ./services/transmission.nix
     ];
   # Bootloader.
   boot.loader.systemd-boot.enable = true;
diff --git a/services/jellyfin.nix b/services/jellyfin.nix
index 0313b62..18cee76 100644
--- a/services/jellyfin.nix
+++ b/services/jellyfin.nix
@@ -4,6 +4,7 @@
   services.jellyfin = {
     enable = true;
     openFirewall = true;
+    dataDir = "/var/lib/jellyfin"; #default
   };
 
   environment.systemPackages = [
diff --git a/services/transmission.nix b/services/transmission.nix
index db46574..cf77f56 100644
--- a/services/transmission.nix
+++ b/services/transmission.nix
@@ -3,9 +3,15 @@
 # https://mynixos.com/nixpkgs/options/services.transmission
 
 
-  services.transmission {
+  services.transmission = {
     enable = true;
+    package = pkgs.transmission_4;
     openFirewall = true;
+    openPeerPorts = true;
+    openRPCPort = true;
+    settings = {
+      rpc-bind-address = "0.0.0.0";
+    };
   };
 
 }