From 57eb8d23c67dee0f270ef961f25b1aa47ceb202b Mon Sep 17 00:00:00 2001 From: Chris Dombroski Date: Tue, 1 Oct 2024 17:42:47 -0400 Subject: [PATCH] Full modular containers --- nixos-configurations/zeus.nix | 151 ++------------------------ nixos-modules/docker-dind.nix | 22 ++++ nixos-modules/docker-flaresolverr.nix | 16 +++ nixos-modules/docker-forgejo.nix | 25 +++++ nixos-modules/docker-prowlarr.nix | 18 +++ nixos-modules/docker-qbittorrent.nix | 29 +++++ nixos-modules/docker-radarr.nix | 21 ++++ nixos-modules/docker-readarr.nix | 21 ++++ nixos-modules/docker-runner.nix | 22 ++++ nixos-modules/docker-sonarr.nix | 21 ++++ nixos-modules/docker-static-web.nix | 23 ++++ 11 files changed, 229 insertions(+), 140 deletions(-) create mode 100644 nixos-modules/docker-dind.nix create mode 100644 nixos-modules/docker-flaresolverr.nix create mode 100644 nixos-modules/docker-forgejo.nix create mode 100644 nixos-modules/docker-prowlarr.nix create mode 100644 nixos-modules/docker-qbittorrent.nix create mode 100644 nixos-modules/docker-radarr.nix create mode 100644 nixos-modules/docker-readarr.nix create mode 100644 nixos-modules/docker-runner.nix create mode 100644 nixos-modules/docker-sonarr.nix create mode 100644 nixos-modules/docker-static-web.nix diff --git a/nixos-configurations/zeus.nix b/nixos-configurations/zeus.nix index 58a4a2c..3fbe055 100644 --- a/nixos-configurations/zeus.nix +++ b/nixos-configurations/zeus.nix @@ -25,10 +25,20 @@ in ezModules.plymouth ezModules.docker-calibre ezModules.docker-calibre-web + ezModules.docker-dind + ezModules.docker-flaresolverr + ezModules.docker-forgejo ezModules.docker-homeassistant ezModules.docker-jellyfin ezModules.docker-postgres + ezModules.docker-prowlarr ezModules.docker-proxy + ezModules.docker-qbittorrent + ezModules.docker-radarr + ezModules.docker-readarr + ezModules.docker-runner + ezModules.docker-sonarr + ezModules.docker-static-web ezModules.docker-swag ezModules.docker-zwave ]; @@ -181,146 +191,7 @@ in defaultNetwork.settings.dns_enabled = true; autoPrune.enable = true; }; - oci-containers.containers = { - flaresolverr = { - image = "ghcr.io/flaresolverr/flaresolverr:latest"; - environment.LOG_LEVEL = "info"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - qbittorrent = { - image = "lscr.io/linuxserver/qbittorrent:latest"; - volumes = [ - "qbittorrent-config:/config" - "/video-data/torrent:/data/torrent" - ]; - environment = { - TZ = "America/New_York"; - UMASK_SET = "000"; - DELUGE_LOGLEVEL = "error"; - }; - labels.swag = "enable"; - ports = [ - "34996:34996" - "34996:34996/udp" - ]; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - prowlarr = { - image = "lscr.io/linuxserver/prowlarr:latest"; - volumes = [ "prowlarr-config:/config" ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - readarr = { - image = "lscr.io/linuxserver/readarr:develop"; - volumes = [ - "readarr-config:/config" - "/video-data:/data" - ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - radarr = { - image = "lscr.io/linuxserver/radarr:latest"; - volumes = [ - "radarr-config:/config" - "/video-data:/data" - ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - sonarr = { - image = "lscr.io/linuxserver/sonarr:latest"; - volumes = [ - "sonarr-config:/config" - "/video-data:/data" - ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - static = { - image = "docker.io/library/nginx:alpine"; - volumes = [ - "/srv/docker/nginx/static:/usr/share/nginx/html:ro" - "/srv/docker/nginx/config/static/default.conf:/etc/nginx/config.d/default.conf:ro" - ]; - labels = { - swag = "enable"; - swag_url = "www.icanttype.org"; - }; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - forgejo = { - image = "codeberg.org/forgejo/forgejo:8"; - volumes = [ - "forgejo-data:/data" - "/etc/localtime:/etc/localtime:ro" - ]; - labels = { - swag = "enable"; - swag_url = "git.icanttype.org"; - swag_port = "3000"; - }; - ports = [ "10022:22" ]; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - docker_dind = { - image = "docker.io/library/docker:dind"; - cmd = [ - "dockerd" - "-H" - "tcp://0.0.0.0:2375" - "--tls=false" - ]; - extraOptions = [ - "--pull=newer" - "--privileged" - "--network=www" - ]; - }; - runner = { - image = "code.forgejo.org/forgejo/runner:3.4.1"; - dependsOn = [ "docker_dind" ]; - environment.DOCKER_HOST = "tcp://docker_dind:2375"; - volumes = [ "forgejo-runner:/data" ]; - cmd = [ - "forgejo-runner" - "daemon" - ]; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - }; + oci-containers.containers = { }; }; networking.firewall = { interfaces."podman+" = { diff --git a/nixos-modules/docker-dind.nix b/nixos-modules/docker-dind.nix new file mode 100644 index 0000000..d969ccc --- /dev/null +++ b/nixos-modules/docker-dind.nix @@ -0,0 +1,22 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + docker_dind = { + image = "docker.io/library/docker:dind"; + cmd = [ + "dockerd" + "-H" + "tcp://0.0.0.0:2375" + "--tls=false" + ]; + extraOptions = [ + "--pull=newer" + "--privileged" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-flaresolverr.nix b/nixos-modules/docker-flaresolverr.nix new file mode 100644 index 0000000..6eebd24 --- /dev/null +++ b/nixos-modules/docker-flaresolverr.nix @@ -0,0 +1,16 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + flaresolverr = { + image = "ghcr.io/flaresolverr/flaresolverr:latest"; + environment.LOG_LEVEL = "info"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-forgejo.nix b/nixos-modules/docker-forgejo.nix new file mode 100644 index 0000000..e148766 --- /dev/null +++ b/nixos-modules/docker-forgejo.nix @@ -0,0 +1,25 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + forgejo = { + image = "codeberg.org/forgejo/forgejo:8"; + volumes = [ + "forgejo-data:/data" + "/etc/localtime:/etc/localtime:ro" + ]; + labels = { + swag = "enable"; + swag_url = "git.icanttype.org"; + swag_port = "3000"; + }; + ports = [ "10022:22" ]; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-prowlarr.nix b/nixos-modules/docker-prowlarr.nix new file mode 100644 index 0000000..99e28eb --- /dev/null +++ b/nixos-modules/docker-prowlarr.nix @@ -0,0 +1,18 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + prowlarr = { + image = "lscr.io/linuxserver/prowlarr:latest"; + volumes = [ "prowlarr-config:/config" ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-qbittorrent.nix b/nixos-modules/docker-qbittorrent.nix new file mode 100644 index 0000000..51713cd --- /dev/null +++ b/nixos-modules/docker-qbittorrent.nix @@ -0,0 +1,29 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + qbittorrent = { + image = "lscr.io/linuxserver/qbittorrent:latest"; + volumes = [ + "qbittorrent-config:/config" + "/video-data/torrent:/data/torrent" + ]; + environment = { + TZ = "America/New_York"; + UMASK_SET = "000"; + DELUGE_LOGLEVEL = "error"; + }; + labels.swag = "enable"; + ports = [ + "34996:34996" + "34996:34996/udp" + ]; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-radarr.nix b/nixos-modules/docker-radarr.nix new file mode 100644 index 0000000..edd76e8 --- /dev/null +++ b/nixos-modules/docker-radarr.nix @@ -0,0 +1,21 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + radarr = { + image = "lscr.io/linuxserver/radarr:latest"; + volumes = [ + "radarr-config:/config" + "/video-data:/data" + ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-readarr.nix b/nixos-modules/docker-readarr.nix new file mode 100644 index 0000000..3e76873 --- /dev/null +++ b/nixos-modules/docker-readarr.nix @@ -0,0 +1,21 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + readarr = { + image = "lscr.io/linuxserver/readarr:develop"; + volumes = [ + "readarr-config:/config" + "/video-data:/data" + ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-runner.nix b/nixos-modules/docker-runner.nix new file mode 100644 index 0000000..d2c750d --- /dev/null +++ b/nixos-modules/docker-runner.nix @@ -0,0 +1,22 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + runner = { + image = "code.forgejo.org/forgejo/runner:3.4.1"; + dependsOn = [ "docker_dind" ]; + environment.DOCKER_HOST = "tcp://docker_dind:2375"; + volumes = [ "forgejo-runner:/data" ]; + cmd = [ + "forgejo-runner" + "daemon" + ]; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-sonarr.nix b/nixos-modules/docker-sonarr.nix new file mode 100644 index 0000000..1668324 --- /dev/null +++ b/nixos-modules/docker-sonarr.nix @@ -0,0 +1,21 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + sonarr = { + image = "lscr.io/linuxserver/sonarr:latest"; + volumes = [ + "sonarr-config:/config" + "/video-data:/data" + ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-static-web.nix b/nixos-modules/docker-static-web.nix new file mode 100644 index 0000000..e91a4fb --- /dev/null +++ b/nixos-modules/docker-static-web.nix @@ -0,0 +1,23 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + static = { + image = "docker.io/library/nginx:alpine"; + volumes = [ + "/srv/docker/nginx/static:/usr/share/nginx/html:ro" + "/srv/docker/nginx/config/static/default.conf:/etc/nginx/config.d/default.conf:ro" + ]; + labels = { + swag = "enable"; + swag_url = "www.icanttype.org"; + }; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +}