better containers
This commit is contained in:
parent
f0cf9411e4
commit
6c9382eb9b
4 changed files with 146 additions and 82 deletions
|
@ -67,7 +67,7 @@
|
||||||
hosts.nixos-laptop.modules = [ ./hosts/nixos-laptop ];
|
hosts.nixos-laptop.modules = [ ./hosts/nixos-laptop ];
|
||||||
hosts.nixos-desktop.modules = [
|
hosts.nixos-desktop.modules = [
|
||||||
./hosts/nixos-desktop
|
./hosts/nixos-desktop
|
||||||
# self.nixosModules.containers
|
self.nixosModules.containers
|
||||||
self.nixosModules.gaming
|
self.nixosModules.gaming
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
|
@ -1,87 +1,148 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
let
|
||||||
|
dockerDir = "/home/moritz/Docker/";
|
||||||
|
mediaDir = "/media/media/";
|
||||||
|
puid = "1000";
|
||||||
|
pgid = "100";
|
||||||
|
timeZone = "Europe/Berlin";
|
||||||
|
in {
|
||||||
|
home-manager.users.moritz = {
|
||||||
|
home.packages = with pkgs; [ docker-compose ];
|
||||||
|
home.file = {
|
||||||
|
"Media/compose.yml".text = ''
|
||||||
|
version: '3.9'
|
||||||
|
services:
|
||||||
|
transmission-openvpn:
|
||||||
|
container_name: transmission
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
volumes:
|
||||||
|
- "${dockerDir}/Transmission:/data/"
|
||||||
|
environment:
|
||||||
|
- LOCAL_NETWORK=192.168.0.0/24
|
||||||
|
- OPENVPN_PROVIDER=NORDVPN
|
||||||
|
- OPENVPN_USERNAME=''${OPENVPN_USERNAME}
|
||||||
|
- OPENVPN_PASSWORD=''${OPENVPN_PASSWORD}
|
||||||
|
- TRANSMISSION_ALT_SPEED_DOWN=70000
|
||||||
|
- TRANSMISSION_ALT_SPEED_TIME_ENABLED=true
|
||||||
|
- TRANSMISSION_ALT_SPEED_UP=2000
|
||||||
|
- TRANSMISSION_MAX_PEERS_GLOBAL=1000
|
||||||
|
- TRANSMISSION_PEER_LIMIT_GLOBAL=1000
|
||||||
|
- TRANSMISSION_PEER_LIMIT_PER_TORRENT=100
|
||||||
|
- TRANSMISSION_RATIO_LIMIT=10
|
||||||
|
- TRANSMISSION_RATIO_LIMIT_ENABLED=true
|
||||||
|
- TZ=${timeZone}
|
||||||
|
- ENABLE_UFW=true
|
||||||
|
- UFW_ALLOW_GW_NET=true
|
||||||
|
- PUID=${puid}
|
||||||
|
- PGID=${pgid}
|
||||||
|
logging:
|
||||||
|
driver: json-file
|
||||||
|
options:
|
||||||
|
max-size: 10m
|
||||||
|
ports:
|
||||||
|
- '9091:9091'
|
||||||
|
image: haugene/transmission-openvpn
|
||||||
|
restart: unless-stopped
|
||||||
|
networks:
|
||||||
|
- default
|
||||||
|
|
||||||
{
|
jackett:
|
||||||
virtualisation.oci-containers.containers = {
|
image: lscr.io/linuxserver/jackett
|
||||||
"transmission" = {
|
container_name: jackett
|
||||||
image = "haugene/transmission-openvpn";
|
environment:
|
||||||
environmentFiles = [ /run/secrets/nordvpn ];
|
- PUID=${puid}
|
||||||
environment = {
|
- PGID=${pgid}
|
||||||
"LOCAL_NETWORK" = "192.168.0.0/24";
|
- TZ=${timeZone}
|
||||||
"OPENVPN_PROVIDER" = "NORDVPN";
|
- AUTO_UPDATE=true #optional
|
||||||
"TRANSMISSION_ALT_SPEED_DOWN" = "70000";
|
volumes:
|
||||||
"TRANSMISSION_ALT_SPEED_TIME_ENABLED" = "true";
|
- "${dockerDir}/Jackett/config:/config"
|
||||||
"TRANSMISSION_ALT_SPEED_UP" = "2000";
|
- "${dockerDir}/Jackett/blackhole:/downloads"
|
||||||
"TRANSMISSION_MAX_PEERS_GLOBAL" = "1000";
|
ports:
|
||||||
"TRANSMISSION_PEER_LIMIT_GLOBAL" = "1000";
|
- 9117:9117
|
||||||
"TRANSMISSION_PEER_LIMIT_PER_TORRENT" = "100";
|
restart: unless-stopped
|
||||||
"TRANSMISSION_RATIO_LIMIT" = "10";
|
networks:
|
||||||
"TRANSMISSION_RATIO_LIMIT_ENABLED" = "true";
|
- default
|
||||||
"TZ" = "DE";
|
|
||||||
"ENABLE_UFW" = "true";
|
|
||||||
"UFW_ALLOW_GW_NET" = "true";
|
|
||||||
"PUID" = "1000";
|
|
||||||
"PGID" = "100";
|
|
||||||
};
|
|
||||||
ports = [ "9091:9091" ];
|
|
||||||
volumes = [ "/home/moritz/Docker/Transmission:/data/" ];
|
|
||||||
extraOptions = [ "--cap-add=NET_ADMIN" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
"jackett" = {
|
radarr:
|
||||||
image = "linuxserver/jackett";
|
image: lscr.io/linuxserver/radarr
|
||||||
environment = {
|
container_name: radarr
|
||||||
"PUID" = "1000";
|
environment:
|
||||||
"PGID" = "100";
|
- PUID=${puid}
|
||||||
"TZ" = "DE";
|
- PGID=${pgid}
|
||||||
};
|
- TZ=${timeZone}
|
||||||
volumes = [
|
volumes:
|
||||||
"/home/moritz/Docker/Jackett/config:/config"
|
- "${mediaDir}/movies:/movies"
|
||||||
"/home/moritz/Docker/Jackett/blackhole:/downloads"
|
- "${dockerDir}/Transmission/completed/movies:/downloads"
|
||||||
];
|
- "${dockerDir}/Radarr:/config"
|
||||||
ports = [ "9117:9117" ];
|
ports:
|
||||||
};
|
- 7878:7878
|
||||||
|
restart: unless-stopped
|
||||||
|
networks:
|
||||||
|
- default
|
||||||
|
|
||||||
"radarr" = {
|
sonarr:
|
||||||
image = "linuxserver/radarr";
|
image: lscr.io/linuxserver/sonarr
|
||||||
environment = {
|
container_name: sonarr
|
||||||
"PUID" = "1000";
|
environment:
|
||||||
"PGID" = "100";
|
- PUID=${puid}
|
||||||
"TZ" = "DE";
|
- PGID=${pgid}
|
||||||
};
|
- TZ=${timeZone}
|
||||||
volumes = [
|
volumes:
|
||||||
"/media/media/movies:/movies"
|
- "${mediaDir}/tv:/tv"
|
||||||
"/home/moritz/Docker/Transmission/completed/movies:/downloads"
|
- "${dockerDir}/Transmission/completed/tv:/downloads"
|
||||||
"/home/moritz/Docker/Radarr:/config"
|
- "${dockerDir}/Sonarr:/config"
|
||||||
];
|
ports:
|
||||||
ports = [ "7878:7878" ];
|
- 8989:8989
|
||||||
};
|
restart: unless-stopped
|
||||||
"sonarr" = {
|
networks:
|
||||||
image = "linuxserver/sonarr";
|
- default
|
||||||
environment = {
|
|
||||||
"PUID" = "1000";
|
bazarr:
|
||||||
"PGID" = "100";
|
image: lscr.io/linuxserver/bazarr
|
||||||
"TZ" = "DE";
|
container_name: bazarr
|
||||||
};
|
environment:
|
||||||
volumes = [
|
- PUID=${puid}
|
||||||
"/media/media/tv:/tv"
|
- PGID=${pgid}
|
||||||
"/home/moritz/Docker/Transmission/completed/tv:/downloads"
|
- TZ=${timeZone}
|
||||||
"/home/moritz/Docker/Sonarr:/config"
|
volumes:
|
||||||
];
|
- "${mediaDir}/tv:/tv"
|
||||||
ports = [ "8989:8989" ];
|
- "${mediaDir}/movies:/movies"
|
||||||
};
|
- "${dockerDir}/Bazarr:/config"
|
||||||
"bazarr" = {
|
ports:
|
||||||
image = "linuxserver/bazarr";
|
- 6767:6767
|
||||||
environment = {
|
restart: unless-stopped
|
||||||
"PUID" = "1000";
|
networks:
|
||||||
"PGID" = "100";
|
- default
|
||||||
"TZ" = "DE";
|
|
||||||
};
|
networks:
|
||||||
volumes = [
|
default:
|
||||||
"/media/media/tv:/tv"
|
driver: bridge
|
||||||
"/media/media/movies:/movies"
|
'';
|
||||||
"/home/moritz/Docker/Bazarr:/config"
|
"Media/start.sh" = {
|
||||||
];
|
text = ''
|
||||||
ports = [ "6767:6767" ];
|
#!/usr/bin/env bash
|
||||||
|
sudo docker-compose --env-file /run/secrets/nordvpn --file /home/moritz/Media/compose.yml down
|
||||||
|
sudo docker-compose --env-file /run/secrets/nordvpn --file /home/moritz/Media/compose.yml up -d
|
||||||
|
'';
|
||||||
|
executable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
};
|
||||||
|
# "bazarr" = {
|
||||||
|
# image = "linuxserver/bazarr";
|
||||||
|
# environment = {
|
||||||
|
# "PUID" = "1000";
|
||||||
|
# "PGID" = "100";
|
||||||
|
# "TZ" = "DE";
|
||||||
|
# };
|
||||||
|
# volumes = [
|
||||||
|
# "/media/media/tv:/tv"
|
||||||
|
# "/media/media/movies:/movies"
|
||||||
|
# "/home/moritz/Docker/Bazarr:/config"
|
||||||
|
# ];
|
||||||
|
# ports = [ "6767:6767" ];
|
||||||
|
# extraOptions = [ "--ip=172.17.0.6" ];
|
||||||
|
# };
|
||||||
|
# };
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,7 +3,10 @@
|
||||||
{
|
{
|
||||||
services.sshd.enable = true;
|
services.sshd.enable = true;
|
||||||
age.secrets = {
|
age.secrets = {
|
||||||
nordvpn.file = ../../secrets/nordvpn.age;
|
nordvpn = {
|
||||||
|
file = ../../secrets/nordvpn.age;
|
||||||
|
owner = "1000";
|
||||||
|
};
|
||||||
davfs = {
|
davfs = {
|
||||||
file = ../../secrets/davfs.age;
|
file = ../../secrets/davfs.age;
|
||||||
mode = "600";
|
mode = "600";
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports = [ ./dunst ./emacs ./agenix.nix ./picom.nix ];
|
imports = [ ./dunst ./emacs ./agenix.nix ./diskstation ./picom.nix ];
|
||||||
|
|
||||||
home-manager.users.moritz.services = { kdeconnect.enable = true; };
|
home-manager.users.moritz.services = { kdeconnect.enable = true; };
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue