modular container configs

2024-10-01 12:52:39 -04:00 · 2024-10-01 12:52:39 -04:00 · 9d37d9f070
commit 9d37d9f070
parent fc743d61cc
8 changed files with 159 additions and 102 deletions
--- a/nixos-configurations/zeus.nix
+++ b/nixos-configurations/zeus.nix
@ -23,8 +23,14 @@ in
    ezModules.networkd-base
    ezModules.smartd
    ezModules.plymouth
+    ezModules.docker-calibre
+    ezModules.docker-calibre-web
+    ezModules.docker-homeassistant
+    ezModules.docker-jellyfin
+    ezModules.docker-postgres
    ezModules.docker-proxy
    ezModules.docker-swag
+    ezModules.docker-zwave
  ];

  boot = {
@ -118,13 +124,6 @@ in
    { device = "/dev/disk/by-uuid/aecf6400-9c9f-43f9-8c57-08f3c8a633e7"; }
    { device = "/dev/disk/by-uuid/3fca7d18-441c-4f39-adad-ffd882b1f210"; }
  ];
-
-  sops = {
-    secrets."tailscale/authkey" = { };
-    templates."docker.env".content = ''
-      TAILSCALE_AUTHKEY=${config.sops.placeholder."tailscale/authkey"}
-    '';
-  };
  networking = {
    hostName = "zeus"; # Define your hostname.
    hostId = "9e95b576";
@ -183,101 +182,6 @@ in
      autoPrune.enable = true;
    };
    oci-containers.containers = {
-      jellyfin = {
-        image = "lscr.io/linuxserver/jellyfin:latest";
-        volumes = [
-          "jellyfin-config:/config"
-          "/video-data/media:/data/media"
-          "jellyfin-tailscale:/var/lib/tailscale"
-        ];
-        environment = {
-          DOCKER_MODS = "ghcr.io/tailscale-dev/docker-mod:main";
-          TAILSCALE_STATE_DIR = "/var/lib/tailscale";
-          TAILSCALE_HOSTNAME = "jellyfin";
-          TAILSCALE_SERVE_PORT = "8096";
-          TAILSCALE_SERVE_MODE = "http";
-          TZ = "America/New_York";
-        };
-        environmentFiles = [ config.sops.templates."docker.env".path ];
-        labels.swag = "enable";
-        ports = [
-          "1900:1900/udp"
-          "7359:7359/udp"
-        ];
-        extraOptions = [
-          "--pull=newer"
-          "--network=www"
-        ];
-      };
-      zwave-js-ui = {
-        image = "my-zwave-js-ui:latest";
-        imageFile = pkgs.dockerTools.buildLayeredImage {
-          name = "my-zwave-js-ui";
-          tag = "latest";
-          contents = [ pkgs.cacert ];
-          config.Cmd = [ "${inputs.self.packages.${pkgs.stdenv.system}.zwave-js-ui}/bin/zwave-js-ui" ];
-        };
-        volumes = [ "zwave-config:/usr/src/app/store" ];
-        environment = {
-          TZ = "America/New_York";
-          STORE_DIR = "/usr/src/app/store";
-          ZWAVEJS_EXTERNAL_CONFIG = "/usr/src/app/store/.config-db";
-        };
-        labels = {
-          swag = "enable";
-          swag_url = "zwave.icanttype.org";
-          swag_port = "8091";
-        };
-        extraOptions = [
-          "--network=www"
-          "--device=/dev/ttyACM0:/dev/zwave"
-        ];
-      };
-      homeassistant = {
-        image = "lscr.io/linuxserver/homeassistant:latest";
-        volumes = [ "homeassistant-config:/config" ];
-        environment.TZ = "America/New_York";
-        labels.swag = "enable";
-        extraOptions = [
-          "--pull=newer"
-          "--network=www"
-          "--network=lan"
-        ];
-      };
-      postgres = {
-        image = "docker.io/library/postgres:15";
-        volumes = [ "postgres-15:/var/lib/postgresql/data" ];
-        extraOptions = [
-          "--pull=newer"
-          "--network=www"
-        ];
-      };
-      calibre = {
-        image = "lscr.io/linuxserver/calibre:latest";
-        volumes = [
-          "calibre-config:/config"
-          "/video-data:/data"
-        ];
-        environment.TZ = "America/New_York";
-        labels.swag = "enable";
-        extraOptions = [
-          "--pull=newer"
-          "--network=www"
-        ];
-      };
-      calibre-web = {
-        image = "lscr.io/linuxserver/calibre-web:latest";
-        volumes = [
-          "calibre-web-config:/config"
-          "/video-data:/data"
-        ];
-        environment.TZ = "America/New_York";
-        labels.swag = "enable";
-        extraOptions = [
-          "--pull=newer"
-          "--network=www"
-        ];
-      };
      flaresolverr = {
        image = "ghcr.io/flaresolverr/flaresolverr:latest";
        environment.LOG_LEVEL = "info";
--- a/nixos-modules/docker-calibre-web.nix
+++ b/nixos-modules/docker-calibre-web.nix
@ -0,0 +1,21 @@
+{
+  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
+    oci-containers.containers = {
+      calibre-web = {
+        image = "lscr.io/linuxserver/calibre-web:latest";
+        volumes = [
+          "calibre-web-config:/config"
+          "/video-data:/data"
+        ];
+        environment.TZ = "America/New_York";
+        labels.swag = "enable";
+        extraOptions = [
+          "--pull=newer"
+          "--network=www"
+        ];
+      };
+    };
+  };
+}
--- a/nixos-modules/docker-calibre.nix
+++ b/nixos-modules/docker-calibre.nix
@ -0,0 +1,21 @@
+{
+  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
+    oci-containers.containers = {
+      calibre = {
+        image = "lscr.io/linuxserver/calibre:latest";
+        volumes = [
+          "calibre-config:/config"
+          "/video-data:/data"
+        ];
+        environment.TZ = "America/New_York";
+        labels.swag = "enable";
+        extraOptions = [
+          "--pull=newer"
+          "--network=www"
+        ];
+      };
+    };
+  };
+}
--- a/nixos-modules/docker-homeassistant.nix
+++ b/nixos-modules/docker-homeassistant.nix
@ -0,0 +1,19 @@
+{
+  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
+    oci-containers.containers = {
+      homeassistant = {
+        image = "lscr.io/linuxserver/homeassistant:latest";
+        volumes = [ "homeassistant-config:/config" ];
+        environment.TZ = "America/New_York";
+        labels.swag = "enable";
+        extraOptions = [
+          "--pull=newer"
+          "--network=www"
+          "--network=lan"
+        ];
+      };
+    };
+  };
+}
--- a/nixos-modules/docker-jellyfin.nix
+++ b/nixos-modules/docker-jellyfin.nix
@ -0,0 +1,41 @@
+{ config, ... }:
+{
+  sops = {
+    secrets."tailscale/authkey" = { };
+    templates."docker.env".content = ''
+      TAILSCALE_AUTHKEY=${config.sops.placeholder."tailscale/authkey"}
+    '';
+  };
+  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
+    oci-containers.containers = {
+      jellyfin = {
+        image = "lscr.io/linuxserver/jellyfin:latest";
+        volumes = [
+          "jellyfin-config:/config"
+          "/video-data/media:/data/media"
+          "jellyfin-tailscale:/var/lib/tailscale"
+        ];
+        environment = {
+          DOCKER_MODS = "ghcr.io/tailscale-dev/docker-mod:main";
+          TAILSCALE_STATE_DIR = "/var/lib/tailscale";
+          TAILSCALE_HOSTNAME = "jellyfin";
+          TAILSCALE_SERVE_PORT = "8096";
+          TAILSCALE_SERVE_MODE = "http";
+          TZ = "America/New_York";
+        };
+        environmentFiles = [ config.sops.templates."docker.env".path ];
+        labels.swag = "enable";
+        ports = [
+          "1900:1900/udp"
+          "7359:7359/udp"
+        ];
+        extraOptions = [
+          "--pull=newer"
+          "--network=www"
+        ];
+      };
+    };
+  };
+}
--- a/nixos-modules/docker-postgres.nix
+++ b/nixos-modules/docker-postgres.nix
@ -0,0 +1,16 @@
+{
+  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
+    oci-containers.containers = {
+      postgres = {
+        image = "docker.io/library/postgres:15";
+        volumes = [ "postgres-15:/var/lib/postgresql/data" ];
+        extraOptions = [
+          "--pull=newer"
+          "--network=www"
+        ];
+      };
+    };
+  };
+}
--- a/nixos-modules/docker-swag.nix
+++ b/nixos-modules/docker-swag.nix
@ -1,5 +1,7 @@
 {
  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
    oci-containers.containers = {
      swag = {
        image = "lscr.io/linuxserver/swag:latest";
--- a/nixos-modules/docker-zwave.nix
+++ b/nixos-modules/docker-zwave.nix
@ -0,0 +1,33 @@
+{ inputs, pkgs, ... }:
+{
+  virtualisation = {
+    containers.enable = true;
+    podman.enable = true;
+    oci-containers.containers = {
+      zwave-js-ui = {
+        image = "my-zwave-js-ui:latest";
+        imageFile = pkgs.dockerTools.buildLayeredImage {
+          name = "my-zwave-js-ui";
+          tag = "latest";
+          contents = [ pkgs.cacert ];
+          config.Cmd = [ "${inputs.self.packages.${pkgs.stdenv.system}.zwave-js-ui}/bin/zwave-js-ui" ];
+        };
+        volumes = [ "zwave-config:/usr/src/app/store" ];
+        environment = {
+          TZ = "America/New_York";
+          STORE_DIR = "/usr/src/app/store";
+          ZWAVEJS_EXTERNAL_CONFIG = "/usr/src/app/store/.config-db";
+        };
+        labels = {
+          swag = "enable";
+          swag_url = "zwave.icanttype.org";
+          swag_port = "8091";
+        };
+        extraOptions = [
+          "--network=www"
+          "--device=/dev/ttyACM0:/dev/zwave"
+        ];
+      };
+    };
+  };
+}