better containers

This commit is contained in:
Moritz Böhme 2021-10-31 15:24:02 +01:00
parent f0cf9411e4
commit 6c9382eb9b
4 changed files with 146 additions and 82 deletions

View file

@ -67,7 +67,7 @@
hosts.nixos-laptop.modules = [ ./hosts/nixos-laptop ]; hosts.nixos-laptop.modules = [ ./hosts/nixos-laptop ];
hosts.nixos-desktop.modules = [ hosts.nixos-desktop.modules = [
./hosts/nixos-desktop ./hosts/nixos-desktop
# self.nixosModules.containers self.nixosModules.containers
self.nixosModules.gaming self.nixosModules.gaming
]; ];

View file

@ -1,87 +1,148 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let
dockerDir = "/home/moritz/Docker/";
mediaDir = "/media/media/";
puid = "1000";
pgid = "100";
timeZone = "Europe/Berlin";
in {
home-manager.users.moritz = {
home.packages = with pkgs; [ docker-compose ];
home.file = {
"Media/compose.yml".text = ''
version: '3.9'
services:
transmission-openvpn:
container_name: transmission
cap_add:
- NET_ADMIN
volumes:
- "${dockerDir}/Transmission:/data/"
environment:
- LOCAL_NETWORK=192.168.0.0/24
- OPENVPN_PROVIDER=NORDVPN
- OPENVPN_USERNAME=''${OPENVPN_USERNAME}
- OPENVPN_PASSWORD=''${OPENVPN_PASSWORD}
- TRANSMISSION_ALT_SPEED_DOWN=70000
- TRANSMISSION_ALT_SPEED_TIME_ENABLED=true
- TRANSMISSION_ALT_SPEED_UP=2000
- TRANSMISSION_MAX_PEERS_GLOBAL=1000
- TRANSMISSION_PEER_LIMIT_GLOBAL=1000
- TRANSMISSION_PEER_LIMIT_PER_TORRENT=100
- TRANSMISSION_RATIO_LIMIT=10
- TRANSMISSION_RATIO_LIMIT_ENABLED=true
- TZ=${timeZone}
- ENABLE_UFW=true
- UFW_ALLOW_GW_NET=true
- PUID=${puid}
- PGID=${pgid}
logging:
driver: json-file
options:
max-size: 10m
ports:
- '9091:9091'
image: haugene/transmission-openvpn
restart: unless-stopped
networks:
- default
{ jackett:
virtualisation.oci-containers.containers = { image: lscr.io/linuxserver/jackett
"transmission" = { container_name: jackett
image = "haugene/transmission-openvpn"; environment:
environmentFiles = [ /run/secrets/nordvpn ]; - PUID=${puid}
environment = { - PGID=${pgid}
"LOCAL_NETWORK" = "192.168.0.0/24"; - TZ=${timeZone}
"OPENVPN_PROVIDER" = "NORDVPN"; - AUTO_UPDATE=true #optional
"TRANSMISSION_ALT_SPEED_DOWN" = "70000"; volumes:
"TRANSMISSION_ALT_SPEED_TIME_ENABLED" = "true"; - "${dockerDir}/Jackett/config:/config"
"TRANSMISSION_ALT_SPEED_UP" = "2000"; - "${dockerDir}/Jackett/blackhole:/downloads"
"TRANSMISSION_MAX_PEERS_GLOBAL" = "1000"; ports:
"TRANSMISSION_PEER_LIMIT_GLOBAL" = "1000"; - 9117:9117
"TRANSMISSION_PEER_LIMIT_PER_TORRENT" = "100"; restart: unless-stopped
"TRANSMISSION_RATIO_LIMIT" = "10"; networks:
"TRANSMISSION_RATIO_LIMIT_ENABLED" = "true"; - default
"TZ" = "DE";
"ENABLE_UFW" = "true";
"UFW_ALLOW_GW_NET" = "true";
"PUID" = "1000";
"PGID" = "100";
};
ports = [ "9091:9091" ];
volumes = [ "/home/moritz/Docker/Transmission:/data/" ];
extraOptions = [ "--cap-add=NET_ADMIN" ];
};
"jackett" = { radarr:
image = "linuxserver/jackett"; image: lscr.io/linuxserver/radarr
environment = { container_name: radarr
"PUID" = "1000"; environment:
"PGID" = "100"; - PUID=${puid}
"TZ" = "DE"; - PGID=${pgid}
}; - TZ=${timeZone}
volumes = [ volumes:
"/home/moritz/Docker/Jackett/config:/config" - "${mediaDir}/movies:/movies"
"/home/moritz/Docker/Jackett/blackhole:/downloads" - "${dockerDir}/Transmission/completed/movies:/downloads"
]; - "${dockerDir}/Radarr:/config"
ports = [ "9117:9117" ]; ports:
}; - 7878:7878
restart: unless-stopped
networks:
- default
"radarr" = { sonarr:
image = "linuxserver/radarr"; image: lscr.io/linuxserver/sonarr
environment = { container_name: sonarr
"PUID" = "1000"; environment:
"PGID" = "100"; - PUID=${puid}
"TZ" = "DE"; - PGID=${pgid}
}; - TZ=${timeZone}
volumes = [ volumes:
"/media/media/movies:/movies" - "${mediaDir}/tv:/tv"
"/home/moritz/Docker/Transmission/completed/movies:/downloads" - "${dockerDir}/Transmission/completed/tv:/downloads"
"/home/moritz/Docker/Radarr:/config" - "${dockerDir}/Sonarr:/config"
]; ports:
ports = [ "7878:7878" ]; - 8989:8989
}; restart: unless-stopped
"sonarr" = { networks:
image = "linuxserver/sonarr"; - default
environment = {
"PUID" = "1000"; bazarr:
"PGID" = "100"; image: lscr.io/linuxserver/bazarr
"TZ" = "DE"; container_name: bazarr
}; environment:
volumes = [ - PUID=${puid}
"/media/media/tv:/tv" - PGID=${pgid}
"/home/moritz/Docker/Transmission/completed/tv:/downloads" - TZ=${timeZone}
"/home/moritz/Docker/Sonarr:/config" volumes:
]; - "${mediaDir}/tv:/tv"
ports = [ "8989:8989" ]; - "${mediaDir}/movies:/movies"
}; - "${dockerDir}/Bazarr:/config"
"bazarr" = { ports:
image = "linuxserver/bazarr"; - 6767:6767
environment = { restart: unless-stopped
"PUID" = "1000"; networks:
"PGID" = "100"; - default
"TZ" = "DE";
}; networks:
volumes = [ default:
"/media/media/tv:/tv" driver: bridge
"/media/media/movies:/movies" '';
"/home/moritz/Docker/Bazarr:/config" "Media/start.sh" = {
]; text = ''
ports = [ "6767:6767" ]; #!/usr/bin/env bash
sudo docker-compose --env-file /run/secrets/nordvpn --file /home/moritz/Media/compose.yml down
sudo docker-compose --env-file /run/secrets/nordvpn --file /home/moritz/Media/compose.yml up -d
'';
executable = true;
}; };
}; };
};
# "bazarr" = {
# image = "linuxserver/bazarr";
# environment = {
# "PUID" = "1000";
# "PGID" = "100";
# "TZ" = "DE";
# };
# volumes = [
# "/media/media/tv:/tv"
# "/media/media/movies:/movies"
# "/home/moritz/Docker/Bazarr:/config"
# ];
# ports = [ "6767:6767" ];
# extraOptions = [ "--ip=172.17.0.6" ];
# };
# };
} }

View file

@ -3,7 +3,10 @@
{ {
services.sshd.enable = true; services.sshd.enable = true;
age.secrets = { age.secrets = {
nordvpn.file = ../../secrets/nordvpn.age; nordvpn = {
file = ../../secrets/nordvpn.age;
owner = "1000";
};
davfs = { davfs = {
file = ../../secrets/davfs.age; file = ../../secrets/davfs.age;
mode = "600"; mode = "600";

View file

@ -1,7 +1,7 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
imports = [ ./dunst ./emacs ./agenix.nix ./picom.nix ]; imports = [ ./dunst ./emacs ./agenix.nix ./diskstation ./picom.nix ];
home-manager.users.moritz.services = { kdeconnect.enable = true; }; home-manager.users.moritz.services = { kdeconnect.enable = true; };