From 9d37d9f07050639a4d98f47965feabc7e4396ed2 Mon Sep 17 00:00:00 2001 From: Chris Dombroski Date: Tue, 1 Oct 2024 12:52:39 -0400 Subject: [PATCH] modular container configs --- nixos-configurations/zeus.nix | 108 ++----------------------- nixos-modules/docker-calibre-web.nix | 21 +++++ nixos-modules/docker-calibre.nix | 21 +++++ nixos-modules/docker-homeassistant.nix | 19 +++++ nixos-modules/docker-jellyfin.nix | 41 ++++++++++ nixos-modules/docker-postgres.nix | 16 ++++ nixos-modules/docker-swag.nix | 2 + nixos-modules/docker-zwave.nix | 33 ++++++++ 8 files changed, 159 insertions(+), 102 deletions(-) create mode 100644 nixos-modules/docker-calibre-web.nix create mode 100644 nixos-modules/docker-calibre.nix create mode 100644 nixos-modules/docker-homeassistant.nix create mode 100644 nixos-modules/docker-jellyfin.nix create mode 100644 nixos-modules/docker-postgres.nix create mode 100644 nixos-modules/docker-zwave.nix diff --git a/nixos-configurations/zeus.nix b/nixos-configurations/zeus.nix index b41780f..58a4a2c 100644 --- a/nixos-configurations/zeus.nix +++ b/nixos-configurations/zeus.nix @@ -23,8 +23,14 @@ in ezModules.networkd-base ezModules.smartd ezModules.plymouth + ezModules.docker-calibre + ezModules.docker-calibre-web + ezModules.docker-homeassistant + ezModules.docker-jellyfin + ezModules.docker-postgres ezModules.docker-proxy ezModules.docker-swag + ezModules.docker-zwave ]; boot = { @@ -118,13 +124,6 @@ in { device = "/dev/disk/by-uuid/aecf6400-9c9f-43f9-8c57-08f3c8a633e7"; } { device = "/dev/disk/by-uuid/3fca7d18-441c-4f39-adad-ffd882b1f210"; } ]; - - sops = { - secrets."tailscale/authkey" = { }; - templates."docker.env".content = '' - TAILSCALE_AUTHKEY=${config.sops.placeholder."tailscale/authkey"} - ''; - }; networking = { hostName = "zeus"; # Define your hostname. hostId = "9e95b576"; @@ -183,101 +182,6 @@ in autoPrune.enable = true; }; oci-containers.containers = { - jellyfin = { - image = "lscr.io/linuxserver/jellyfin:latest"; - volumes = [ - "jellyfin-config:/config" - "/video-data/media:/data/media" - "jellyfin-tailscale:/var/lib/tailscale" - ]; - environment = { - DOCKER_MODS = "ghcr.io/tailscale-dev/docker-mod:main"; - TAILSCALE_STATE_DIR = "/var/lib/tailscale"; - TAILSCALE_HOSTNAME = "jellyfin"; - TAILSCALE_SERVE_PORT = "8096"; - TAILSCALE_SERVE_MODE = "http"; - TZ = "America/New_York"; - }; - environmentFiles = [ config.sops.templates."docker.env".path ]; - labels.swag = "enable"; - ports = [ - "1900:1900/udp" - "7359:7359/udp" - ]; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - zwave-js-ui = { - image = "my-zwave-js-ui:latest"; - imageFile = pkgs.dockerTools.buildLayeredImage { - name = "my-zwave-js-ui"; - tag = "latest"; - contents = [ pkgs.cacert ]; - config.Cmd = [ "${inputs.self.packages.${pkgs.stdenv.system}.zwave-js-ui}/bin/zwave-js-ui" ]; - }; - volumes = [ "zwave-config:/usr/src/app/store" ]; - environment = { - TZ = "America/New_York"; - STORE_DIR = "/usr/src/app/store"; - ZWAVEJS_EXTERNAL_CONFIG = "/usr/src/app/store/.config-db"; - }; - labels = { - swag = "enable"; - swag_url = "zwave.icanttype.org"; - swag_port = "8091"; - }; - extraOptions = [ - "--network=www" - "--device=/dev/ttyACM0:/dev/zwave" - ]; - }; - homeassistant = { - image = "lscr.io/linuxserver/homeassistant:latest"; - volumes = [ "homeassistant-config:/config" ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - "--network=lan" - ]; - }; - postgres = { - image = "docker.io/library/postgres:15"; - volumes = [ "postgres-15:/var/lib/postgresql/data" ]; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - calibre = { - image = "lscr.io/linuxserver/calibre:latest"; - volumes = [ - "calibre-config:/config" - "/video-data:/data" - ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; - calibre-web = { - image = "lscr.io/linuxserver/calibre-web:latest"; - volumes = [ - "calibre-web-config:/config" - "/video-data:/data" - ]; - environment.TZ = "America/New_York"; - labels.swag = "enable"; - extraOptions = [ - "--pull=newer" - "--network=www" - ]; - }; flaresolverr = { image = "ghcr.io/flaresolverr/flaresolverr:latest"; environment.LOG_LEVEL = "info"; diff --git a/nixos-modules/docker-calibre-web.nix b/nixos-modules/docker-calibre-web.nix new file mode 100644 index 0000000..d05347f --- /dev/null +++ b/nixos-modules/docker-calibre-web.nix @@ -0,0 +1,21 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + calibre-web = { + image = "lscr.io/linuxserver/calibre-web:latest"; + volumes = [ + "calibre-web-config:/config" + "/video-data:/data" + ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-calibre.nix b/nixos-modules/docker-calibre.nix new file mode 100644 index 0000000..2a2bf3d --- /dev/null +++ b/nixos-modules/docker-calibre.nix @@ -0,0 +1,21 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + calibre = { + image = "lscr.io/linuxserver/calibre:latest"; + volumes = [ + "calibre-config:/config" + "/video-data:/data" + ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-homeassistant.nix b/nixos-modules/docker-homeassistant.nix new file mode 100644 index 0000000..e7df7e9 --- /dev/null +++ b/nixos-modules/docker-homeassistant.nix @@ -0,0 +1,19 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + homeassistant = { + image = "lscr.io/linuxserver/homeassistant:latest"; + volumes = [ "homeassistant-config:/config" ]; + environment.TZ = "America/New_York"; + labels.swag = "enable"; + extraOptions = [ + "--pull=newer" + "--network=www" + "--network=lan" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-jellyfin.nix b/nixos-modules/docker-jellyfin.nix new file mode 100644 index 0000000..0b95c4d --- /dev/null +++ b/nixos-modules/docker-jellyfin.nix @@ -0,0 +1,41 @@ +{ config, ... }: +{ + sops = { + secrets."tailscale/authkey" = { }; + templates."docker.env".content = '' + TAILSCALE_AUTHKEY=${config.sops.placeholder."tailscale/authkey"} + ''; + }; + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + jellyfin = { + image = "lscr.io/linuxserver/jellyfin:latest"; + volumes = [ + "jellyfin-config:/config" + "/video-data/media:/data/media" + "jellyfin-tailscale:/var/lib/tailscale" + ]; + environment = { + DOCKER_MODS = "ghcr.io/tailscale-dev/docker-mod:main"; + TAILSCALE_STATE_DIR = "/var/lib/tailscale"; + TAILSCALE_HOSTNAME = "jellyfin"; + TAILSCALE_SERVE_PORT = "8096"; + TAILSCALE_SERVE_MODE = "http"; + TZ = "America/New_York"; + }; + environmentFiles = [ config.sops.templates."docker.env".path ]; + labels.swag = "enable"; + ports = [ + "1900:1900/udp" + "7359:7359/udp" + ]; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-postgres.nix b/nixos-modules/docker-postgres.nix new file mode 100644 index 0000000..d686b9f --- /dev/null +++ b/nixos-modules/docker-postgres.nix @@ -0,0 +1,16 @@ +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + postgres = { + image = "docker.io/library/postgres:15"; + volumes = [ "postgres-15:/var/lib/postgresql/data" ]; + extraOptions = [ + "--pull=newer" + "--network=www" + ]; + }; + }; + }; +} diff --git a/nixos-modules/docker-swag.nix b/nixos-modules/docker-swag.nix index 389494b..4367318 100644 --- a/nixos-modules/docker-swag.nix +++ b/nixos-modules/docker-swag.nix @@ -1,5 +1,7 @@ { virtualisation = { + containers.enable = true; + podman.enable = true; oci-containers.containers = { swag = { image = "lscr.io/linuxserver/swag:latest"; diff --git a/nixos-modules/docker-zwave.nix b/nixos-modules/docker-zwave.nix new file mode 100644 index 0000000..d9599e1 --- /dev/null +++ b/nixos-modules/docker-zwave.nix @@ -0,0 +1,33 @@ +{ inputs, pkgs, ... }: +{ + virtualisation = { + containers.enable = true; + podman.enable = true; + oci-containers.containers = { + zwave-js-ui = { + image = "my-zwave-js-ui:latest"; + imageFile = pkgs.dockerTools.buildLayeredImage { + name = "my-zwave-js-ui"; + tag = "latest"; + contents = [ pkgs.cacert ]; + config.Cmd = [ "${inputs.self.packages.${pkgs.stdenv.system}.zwave-js-ui}/bin/zwave-js-ui" ]; + }; + volumes = [ "zwave-config:/usr/src/app/store" ]; + environment = { + TZ = "America/New_York"; + STORE_DIR = "/usr/src/app/store"; + ZWAVEJS_EXTERNAL_CONFIG = "/usr/src/app/store/.config-db"; + }; + labels = { + swag = "enable"; + swag_url = "zwave.icanttype.org"; + swag_port = "8091"; + }; + extraOptions = [ + "--network=www" + "--device=/dev/ttyACM0:/dev/zwave" + ]; + }; + }; + }; +}