Syzygial/NixMachines
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
bb1560f6bb64e00113f6171b47a8c94780da41f7
NixMachines/machines/hippocampus/oci/jelly.nix
David Crompton 4713c05ca4 Fix Many PIA/Wireguard 
It logs out every restart

Token needs to regen

The linuxserver/wiregard contianer stopped working

So, we switch to a dedicated container for this, and also changed username and passwd becase.., well those also stopped working
2023-12-06 13:28:49 -05:00

227 lines
5.4 KiB
Nix
Raw Blame History

{ config, pkgs, ...}: {
imports = [
../modules/pods.nix
];
config = let
baseEnv = {
TZ = "America/Toronto";
PUID = "1000";
PGID = "1000";
};
dataDir = "/jelly/data";
configDir = "/jelly/conf";
in {
sops.secrets.jellyfin-pia = {};
virtualisation.oci-containers = let
cnt = config.virtualisation.oci-containers.containers;
getPorts = l: builtins.concatMap (c: cnt."${c}".ports) l;
in {
containers = {
wireguard = {
image = "thrnz/docker-wireguard-pia";
volumes = [
# "${configDir}/wireguard:/config"
"${configDir}/wireguard_pia:/pia"
];
ports = getPorts [
"deluge"
"sonarr"
"radarr"
"jellyseerr"
"bazarr"
"readarr"
"prowlarr"
];
environment = {
TZ = "America/Toronto";
LOC = "ca";
};
extraOptions = [
"--cap-add=ALL"
"--pull=newer"
"--dns=1.1.1.1"
"--env-file=${config.sops.secrets.jellyfin-pia.path}"
"--sysctl=net.ipv4.conf.all.src_valid_mark=1"
"--sysctl=net.ipv6.conf.lo.disable_ipv6=1"
"--sysctl=net.ipv6.conf.all.disable_ipv6=1"
"--sysctl=net.ipv6.conf.default.disable_ipv6=1"
];
};
deluge = {
image = "linuxserver/deluge:latest";
volumes = [
"${dataDir}:/data"
"${configDir}/deluge:/config"
];
ports = [
"8112:8112"
"34325:34325"
"34325:34325/udp"
"51413:51413"
"51413:51413/udp"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"wireguard"
];
};
jellyfin = {
image = "jellyfin/jellyfin:latest";
volumes = [
"${dataDir}:/data"
"${configDir}/jellyfin:/config"
];
ports = [
"8096:8096"
];
environment = baseEnv // {
JELLYFIN_PublishedServerUrl = "127.0.0.1";
# NVIDIA_VISIBLE_DEVICES = "all";
};
extraOptions = [
# "--runtime=nvidia"
# "--gpus=all"
"--pull=newer"
];
};
jellyseerr = {
image = "fallenbagel/jellyseerr:latest";
volumes = [
"${dataDir}:/data"
"${configDir}/jellyseerr:/app/config"
];
ports = [
"5055:5055"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"sonarr"
"radarr"
];
};
radarr = {
image = "linuxserver/radarr:latest";
volumes = [
"${dataDir}:/data"
"${configDir}/radarr:/config"
];
ports = [
"7878:7878"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"prowlarr"
];
};
sonarr = {
image = "linuxserver/sonarr:latest";
volumes = [
"${dataDir}:/data"
"${configDir}/sonarr:/config"
];
ports = [
"8989:8989"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"prowlarr"
];
};
bazarr = {
image = "linuxserver/bazarr:latest";
volumes = [
"${dataDir}:/data"
"${configDir}/bazarr:/config"
];
ports = [
"6767:6767"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"prowlarr"
];
};
readarr = {
image = "linuxserver/readarr:nightly";
volumes = [
"${dataDir}:/data"
"${configDir}/readarr:/config"
];
ports = [
"8787:8787"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"prowlarr"
];
};
prowlarr = {
image = "linuxserver/prowlarr:nightly";
volumes = [
"${configDir}/prowlarr:/config"
];
ports = [
"9696:9696"
];
environment = baseEnv // {
};
extraOptions = [
"--pull=newer"
"--network" "container:wireguard"
];
dependsOn = [
"deluge"
];
};
};
};
# TODO: Submit PR for nvidia podman services
# systemd.services.podman-jellyfin.path = [pkgs.nvidia-podman];
};
}
Reference in New Issue View Git Blame Copy Permalink