Add Flaresolverr

flake.nix

@@ -3,6 +3,7 @@
 
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
+    nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
 
     home-manager = {
       url = "github:nix-community/home-manager/release-25.11";
@@ -28,6 +29,7 @@
   outputs =
     {
       nixpkgs,
+      nixpkgs-unstable,
       home-manager,
       sops-nix,
       disko,
@@ -38,6 +40,22 @@
         plexy = nixpkgs.lib.nixosSystem {
           system = "x86_64-linux";
           modules = [
+            {
+              nixpkgs = {
+                overlays = [
+                  (final: prev: {
+                    unstable = import nixpkgs-unstable {
+                      inherit (final) config;
+                      inherit (final.stdenv.hostPlatform) system;
+                    };
+                  })
+                ];
+              };
+            }
+            {
+              disabledModules = [ "services/misc/jellyseerr.nix" ];
+            }
+            (import "${nixpkgs-unstable}/nixos/modules/services/misc/seerr.nix")
             ./hosts/plexy
             home-manager.nixosModules.home-manager
             {

hosts/plexy/default.nix

@@ -41,7 +41,7 @@
       configurationLimit = 8;
     };
     efi.canTouchEfiVariables = true;
-    timeout = 1;
+    timeout = 0;
   };
 
   nixpkgs.hostPlatform = "x86_64-linux";
@@ -49,8 +49,9 @@
   hardware.graphics = {
     enable = true;
     extraPackages = with pkgs; [
-      intel-media-driver
-      intel-vaapi-driver
+      intel-media-driver # VAAPI
+      intel-compute-runtime # OpenCL
+      libvdpau-va-gl # VDPAU
     ];
   };
 
@@ -64,8 +65,16 @@
       22
       80
       443
+      873 # rsyncd
+      5055 # Seerr
       5201 # iperf3
+      8096 # Jellyfin
       15835 # Glance
+      15836 # qBittorrent (Web UI)
+      15837 # Radarr
+      15838 # Sonarr
+      15839 # Prowlarr
+      17650 # qBittorrent (torrent)
     ];
   };
 
@@ -78,9 +87,18 @@
 
     secrets = {
       "vaultwarden.env" = { };
+      "rsyncd.secrets" = { };
     };
   };
 
+  virtualisation.docker.enable = true;
+
+  environment.systemPackages = [
+    pkgs.jellyfin
+    pkgs.jellyfin-web
+    pkgs.jellyfin-ffmpeg
+  ];
+
   services = {
     openssh = {
       enable = true;
@@ -90,6 +108,33 @@
     iperf3 = {
       enable = true;
     };
+    rsyncd = {
+      enable = true;
+      settings = {
+        globalSection = {
+          address = "0.0.0.0";
+          gid = "users";
+          "max connections" = 5;
+          uid = "wekuz";
+        };
+        sections = {
+          media = {
+            path = "/storage/media";
+            comment = "Media storage";
+            "read only" = false;
+            "auth users" = "wekuz";
+            "secrets file" = config.sops.secrets."rsyncd.secrets".path;
+          };
+          torrents = {
+            path = "/storage/torrents";
+            comment = "Torrents storage";
+            "read only" = false;
+            "auth users" = "wekuz";
+            "secrets file" = config.sops.secrets."rsyncd.secrets".path;
+          };
+        };
+      };
+    };
     vaultwarden = {
       enable = true;
       environmentFile = config.sops.secrets."vaultwarden.env".path;
@@ -107,21 +152,161 @@
       enable = true;
       settings = import ./glance.nix;
     };
+    jellyfin = {
+      enable = true;
+    };
+    seerr = {
+      enable = true;
+      package = pkgs.unstable.seerr;
+    };
+    qbittorrent = {
+      enable = true;
+      torrentingPort = 17650;
+      webuiPort = 15836;
+      serverConfig = {
+        Application.FileLogger = {
+          Enabled = true;
+          Path = "/var/log/qBittorrent";
+          Backup = true;
+          MaxSizeBytes = 65536;
+          DeleteOld = true;
+          Age = 14;
+          AgeType = 0;
+        };
+        BitTorrent.Session = {
+          AddTorrentStopped = false;
+          Preallocation = true;
+          AddExtensionToIncompleteFiles = false;
+          DisableAutoTMMByDefault = false;
+
+          MaxConnections = 1000;
+          MaxConnectionsPerTorrent = 200;
+          MaxUploads = 64;
+          MaxUploadsPerTorrent = 26;
+
+          GlobalDLSpeedLimit = 6000;
+          GlobalUPSpeedLimit = 6000;
+          AlternativeGlobalDLSpeedLimit = 0;
+          AlternativeGlobalUPSpeedLimit = 0;
+          BandwidthSchedulerEnabled = true;
+          DefaultSavePath = "/storage/torrents";
+
+          MaxActiveCheckingTorrents = 1;
+
+          QueueingSystemEnabled = true;
+          MaxActiveDownloads = 3;
+          MaxActiveUploads = 10;
+          MaxActiveTorrents = 200;
+          IgnoreSlowTorrentsForQueueing = true;
+          SlowTorrentsDownloadRate = 500;
+          SlowTorrentsUploadRate = 100;
+          SlowTorrentsInactivityTimer = 60;
+
+          GlobalMaxRatio = -1;
+          GlobalMaxSeedingMinutes = -1;
+          GlobalMaxInactiveSeedingMinutes = -1;
+          ShareLimitAction = "Stop";
+
+          Interface = "";
+          InterfaceAddress = "";
+          InterfaceName = "";
+        };
+        Network = {
+          PortForwardingEnabled = false;
+        };
+        Preferences = {
+          General = {
+            Locale = "en";
+            StatusbarExternalIPDisplayed = true;
+          };
+          Scheduler = {
+            end_time = "@Variant(\\0\\0\\0\\xf\\x1\\x65\\xe@)"; # 02:00
+            start_time = "@Variant(\\0\\0\\0\\xf\\0m\\xdd\\0)"; # 06:30
+          };
+          WebUI = {
+            Address = "*";
+            Username = "admin";
+            Password_PBKDF2 = "@ByteArray(IM7ih6pLNXBv6it48lI1Lg==:VyczL0q0C89RNfXkzcvdZemfXjdG53xBSY66gqIl56dA0OcrvvxOQdW8jOzvY3lFjR+WDBG3Q/ejsG4w8O5RRA==)";
+            LocalHostAuth = false;
+          };
+        };
+        Core.AutoDeleteAddedTorrentFile = "never";
+        LegalNotice.Accepted = true;
+      };
+    };
+    radarr = {
+      enable = true;
+      settings = {
+        server.port = 15837;
+      };
+    };
+    sonarr = {
+      enable = true;
+      settings = {
+        server.port = 15838;
+      };
+    };
+    prowlarr = {
+      enable = true;
+      settings = {
+        server.port = 15839;
+      };
+    };
+    flaresolverr = {
+      enable = true;
+      port = 15840;
+    };
   };
 
   environment.variables.EDITOR = "nvim";
 
-  users.users.wekuz = {
+  users = {
+    groups = {
+      media = { };
+    };
+    users = {
+      wekuz = {
         isNormalUser = true;
         extraGroups = [
           "wheel"
           "networkmanager"
           "docker"
+          "media"
         ];
         openssh.authorizedKeys.keys = [
           "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBs3aPxyJpVGytuVSO3va2WybKNFMR241o8DCJQbBEWV"
         ];
       };
+      jellyfin = {
+        extraGroups = [
+          "media"
+        ];
+      };
+      qbittorrent = {
+        extraGroups = [
+          "media"
+        ];
+      };
+      radarr = {
+        extraGroups = [
+          "media"
+        ];
+      };
+      sonarr = {
+        extraGroups = [
+          "media"
+        ];
+      };
+    };
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /storage 0755 root root -"
+    "d /storage/media 2775 wekuz media -"
+    "d /storage/media/movies 2775 wekuz media -"
+    "d /storage/media/tv 2775 wekuz media -"
+    "d /storage/torrents 2775 wekuz media -"
+  ];
 
   system.stateVersion = "25.11";
 }

hosts/plexy/disko-config.nix

@@ -54,6 +54,33 @@
           };
         };
       };
+      storagedisk = {
+        type = "disk";
+        device = "/dev/disk/by-id/ata-HGST_HUS722T2TALA604_WMC6N0P31NKZ";
+        content = {
+          type = "gpt";
+          partitions = {
+            primary = {
+              size = "100%";
+              content = {
+                type = "btrfs";
+                extraArgs = [ "-f" ]; # Override existing partition
+                subvolumes = {
+                  "@storage" = {
+                    mountOptions = [
+                      "compress=zstd"
+                      "noatime"
+                    ];
+                    mountpoint = "/storage";
+                  };
+                };
+
+                mountpoint = "/part-storage";
+              };
+            };
+          };
+        };
+      };
     };
   };
 }

hosts/plexy/home.nix

@@ -5,7 +5,7 @@
   home.homeDirectory = "/home/wekuz";
 
   home.packages = with pkgs; [
-    neofetch
+    fastfetch
 
     # Utilities
     neovim

hosts/plexy/secrets.yaml

@@ -1,4 +1,5 @@
 vaultwarden.env: ENC[AES256_GCM,data:PLNb5cFoJaOyUo5U/gpXH0RGVwwQxL3kCE/OLw7MaLWazuBGHIPUEhH+kDMP2cfF916D63w8Ddgb/oH+lHGCw235YwgoqZ9yjWYPG4VB2Jdw+17LeCbirdh3zv8nNzFnSZDJmhz5Pj82+iswju6sYO/H7UfZ3aeASWonKW9LGHVltKSY1rAVhZRu4SvhqPiAxNpEzN0/EDTl46RIxrgEoUraN+Ie8fh1wU9SKevExkPU3NXGO1gG2tWRxclMPgc=,iv:es40/5HpBAhOy2xmU/yCUD43fVVsAXk6qJ3OasKjK3U=,tag:bneErU9pPZkQ2VzbQ1NrJA==,type:str]
+rsyncd.secrets: ENC[AES256_GCM,data:VjHRoZa6/lDtCheKSJyM,iv:kxygNaKOuK0iH/bFY/uKxcbMcYSR8nWDUx+4aDNqTMk=,tag:uYYPWAPCWtvLLGwmOWyH+A==,type:str]
 sops:
     age:
         - recipient: age1sqssntfzzlhcgp0wuf9wmeavg0hmwmq349npsq8vaxj9sxey5s9ssc82sw
@@ -10,7 +11,7 @@ sops:
             eDUxR1V0ZEFSYnZTYnYzakFydEliaFUKoa/gHecAy01vTk7I02KMGGPHZBql5K48
             hkLDjoWK9dkGRX8kqRd028cuMCQRenLpULEECWp6oV+evUdMf7wRtg==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-12-30T19:34:00Z"
-    mac: ENC[AES256_GCM,data:kFttJIQM/Zyd9xeiJpdEVoJ2AhlbuvtUxGBkQTQeEvrJsClAUM7s288XhkG02IxpH9bt2U6AgF60K/3E3qEdFHpM9WKTso/n6mXeD5WUyo9XD1XiWMPZ07arRLH0ajRWHOlIadKm7hvPhEWiWxVg9+sc0BHtjTGMLgvRhUyMPgM=,iv:gsMvU3lxVFSF8bJK5u9cNFSYDT5OZPmWqehv0ozB5Uo=,tag:XsfLCSTlqSgeKy609lMmLQ==,type:str]
+    lastmodified: "2026-04-03T15:46:07Z"
+    mac: ENC[AES256_GCM,data:gh9Voy28Lo4G1qwQ7/WVAt/L3SAXIY5bs5fdCE0Oywi0ZV4YTJI5VCAcfxuE0Fc3DXdHF0/LORGjKa2l0yp5msMdBVpzI46FBiwYvU+w7EfEoEmhu0yMLf0SZmXkVLEq8u2uVFHGVbR1dOKcdFef+qTIGTlz4cE9VQ01xg/nh7g=,iv:fasXOAm2hjB4ULKT4vPOFnFpAcEgSeNvNM7Zrnk6MvM=,tag:1hWtpuTVdC3H8flA1m0Z0A==,type:str]
     unencrypted_suffix: _unencrypted
-    version: 3.11.0
+    version: 3.12.2