switched to docker containers

nixos
Moritz Böhme 2021-10-03 16:30:35 +02:00
parent ff8212fff3
commit 9fe9cbed9e
3 changed files with 60 additions and 40 deletions

View File

@ -2,4 +2,5 @@
{ {
imports = [ ./media.nix ]; imports = [ ./media.nix ];
virtualisation.docker.enable = true;
} }

View File

@ -1,53 +1,72 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
{ {
containers.radarr = { virtualisation.oci-containers.containers = {
config = { config, pkgs, ... }: { services.radarr.enable = true; }; "transmission" = {
bindMounts = { image = "haugene/transmission-openvpn";
"/dowloads" = { environmentFiles = [ /run/secrets/nordvpn ];
hostPath = "/var/lib/Transmission/Downloads/completed/"; environment = {
isReadOnly = true; "LOCAL_NETWORK" = "192.168.0.0/24";
}; "OPENVPN_PROVIDER" = "NORDVPN";
}; "TRANSMISSION_ALT_SPEED_DOWN" = "20000";
}; "TRANSMISSION_ALT_SPEED_TIME_ENABLED" = "true";
containers.sonarr = { "TRANSMISSION_ALT_SPEED_UP" = "2000";
config = { config, pkgs, ... }: { services.sonarr.enable = true; }; "TRANSMISSION_MAX_PEERS_GLOBAL" = "1000";
bindMounts = { "TRANSMISSION_PEER_LIMIT_GLOBAL" = "1000";
"/dowloads" = { "TRANSMISSION_PEER_LIMIT_PER_TORRENT" = "100";
hostPath = "/var/lib/Transmission/Downloads/completed/"; "TRANSMISSION_RATIO_LIMIT" = "10";
isReadOnly = true; "TRANSMISSION_RATIO_LIMIT_ENABLED" = "true";
}; "TZ" = "DE";
}; "ENABLE_UFW" = "true";
}; "PUID" = "1000";
containers.jackett = { "PGID" = "100";
config = { config, pkgs, ... }: { services.jackett.enable = true; };
};
containers.transmission = {
config = { config, pkgs, ... }: {
# services.openvpn = { servers = { nordvpn = { }; }; };
networking.firewall = {
enable = true;
# extraStopCommands = ''
# sudo iptables -N ALLOWVPN
# sudo iptables -N BLOCKALL
# # allow access for the interfaces loopback, tun, and tap
# sudo iptables -A OUTPUT -o tun+ -j ACCEPT;
# sudo iptables -A OUTPUT -o tap+ -j ACCEPT;
# sudo iptables -A OUTPUT -o lo+ -j ACCEPT;
# # route outgoing data via our created chains
# sudo iptables -A OUTPUT -j ALLOWVPN;
# sudo iptables -A OUTPUT -j BLOCKALL;
# # block all disallowed connections
# sudo iptables -A BLOCKALL -j DROP
# '';
};
};
bindMounts = {
"/var/lib/transmission" = { hostPath = "/home/moritz/Transmission/"; };
}; };
ports = [ "9091:9091" ];
volumes = [ "/home/moritz/Docker/Transmission:/data/" ];
extraOptions = [ "--cap-add=NET_ADMIN" ];
}; };
"jackett" = {
image = "linuxserver/jackett";
environment = {
"PUID" = "1000";
"PGID" = "100";
"TZ" = "DE";
};
volumes = [
"/home/moritz/Docker/jackett/config:/config"
"/home/moritz/Docker/jackett/blackhole:/downloads"
];
ports = [ "9117:9117" ];
};
"radarr" = {
image = "linuxserver/radarr";
environment = {
"PUID" = "1000";
"PGID" = "100";
"TZ" = "DE";
};
volumes = [
"/auto/media/movies:/movies"
"/home/moritz/Docker/transmission/completed/movies:/downloads"
"/home/moritz/Docker/radarr"
];
ports = [ "7878:7878" ];
};
"sonarr" = {
image = "linuxserver/sonarr";
environment = {
"PUID" = "1000";
"PGID" = "100";
"TZ" = "DE";
};
volumes = [
"/auto/media/tv:/tv"
"/home/moritz/Docker/transmission/completed/movies:/downloads"
"/home/moritz/Docker/sonarr"
];
ports = [ "8989:8989" ];
};
};
} }

Binary file not shown.