romm?
This commit is contained in:
parent
a4b35d95ff
commit
0822532a3a
4 changed files with 119 additions and 0 deletions
|
@ -18,3 +18,4 @@ local-data: "readarr.icanttype.org. IN A 10.42.69.100"
|
||||||
local-data: "qbittorrent.icanttype.org. IN A 10.42.69.100"
|
local-data: "qbittorrent.icanttype.org. IN A 10.42.69.100"
|
||||||
local-data: "calibre.icanttype.org. IN A 10.42.69.100"
|
local-data: "calibre.icanttype.org. IN A 10.42.69.100"
|
||||||
local-data: "calibre-web.icanttype.org. IN A 10.42.69.100"
|
local-data: "calibre-web.icanttype.org. IN A 10.42.69.100"
|
||||||
|
local-data: "romm.icanttype.org. IN A 10.42.69.100"
|
|
@ -35,6 +35,7 @@ in
|
||||||
ezModules.docker-qbittorrent
|
ezModules.docker-qbittorrent
|
||||||
ezModules.docker-radarr
|
ezModules.docker-radarr
|
||||||
ezModules.docker-readarr
|
ezModules.docker-readarr
|
||||||
|
ezModules.docker-romm
|
||||||
ezModules.docker-runner
|
ezModules.docker-runner
|
||||||
ezModules.docker-sonarr
|
ezModules.docker-sonarr
|
||||||
ezModules.docker-static-web
|
ezModules.docker-static-web
|
||||||
|
|
81
nixos-modules/docker-romm.nix
Normal file
81
nixos-modules/docker-romm.nix
Normal file
|
@ -0,0 +1,81 @@
|
||||||
|
{ config, ... }:
|
||||||
|
{
|
||||||
|
sops = {
|
||||||
|
secrets = {
|
||||||
|
authKey = {
|
||||||
|
sopsFile = ../secrets/zeus/romm.yaml;
|
||||||
|
};
|
||||||
|
"db/root" = {
|
||||||
|
sopsFile = ../secrets/zeus/romm.yaml;
|
||||||
|
};
|
||||||
|
"db/user" = {
|
||||||
|
sopsFile = ../secrets/zeus/romm.yaml;
|
||||||
|
};
|
||||||
|
"igdb/client" = {
|
||||||
|
sopsFile = ../secrets/zeus/romm.yaml;
|
||||||
|
};
|
||||||
|
"igdb/secret" = {
|
||||||
|
sopsFile = ../secrets/zeus/romm.yaml;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
templates = {
|
||||||
|
"romm.env".content = ''
|
||||||
|
DB_PASSWD=${config.sops.placeholder."db/user"}
|
||||||
|
IGDB_CLIENT_ID=${config.sops.placeholder."igdb/client"}
|
||||||
|
IGDB_CLIENT_SECRET=${config.sops.placeholder."igdb/secret"}
|
||||||
|
ROMM_AUTH_SECRET_KEY=${config.sops.placeholder.authKey}
|
||||||
|
'';
|
||||||
|
"romm-db.env".content = ''
|
||||||
|
MYSQL_ROOT_PASSWORD=${config.sops.placeholder."db/root"}
|
||||||
|
MYSQL_PASSWORD=${config.sops.placeholder."db/user"}
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
virtualisation = {
|
||||||
|
containers.enable = true;
|
||||||
|
podman.enable = true;
|
||||||
|
oci-containers.containers = {
|
||||||
|
romm = {
|
||||||
|
image = "rommapp/romm:latest";
|
||||||
|
volumes = [
|
||||||
|
"romm_resources:/romm/resources"
|
||||||
|
"romm_redis_data:/redis-data"
|
||||||
|
"romm_library:/romm/library"
|
||||||
|
"romm_assets:/romm/assets"
|
||||||
|
"romm_config:/romm/config"
|
||||||
|
];
|
||||||
|
environment = {
|
||||||
|
TZ = "America/New_York";
|
||||||
|
DB_HOST = "romm-db";
|
||||||
|
DB_NAME = "romm";
|
||||||
|
DB_USER = "romm-user";
|
||||||
|
};
|
||||||
|
environmentFiles = [ config.sops.templates."romm.env".path ];
|
||||||
|
labels = {
|
||||||
|
swag = "enable";
|
||||||
|
swag_url = "romm.icanttype.org";
|
||||||
|
swag_port = "8080";
|
||||||
|
};
|
||||||
|
extraOptions = [
|
||||||
|
"--pull=newer"
|
||||||
|
"--network=www,romm"
|
||||||
|
];
|
||||||
|
dependsOn = [ "romm-db" ];
|
||||||
|
};
|
||||||
|
romm-db = {
|
||||||
|
image = "mariadb:latest";
|
||||||
|
volumes = [ "romm_maria_db:/var/lib/mysql" ];
|
||||||
|
environment = {
|
||||||
|
TZ = "America/New_York";
|
||||||
|
MYSQL_DATABASE = "romm";
|
||||||
|
MYSQL_USER = "romm-user";
|
||||||
|
};
|
||||||
|
environmentFiles = [ config.sops.templates."romm-db.env".path ];
|
||||||
|
extraOptions = [
|
||||||
|
"--pull=newer"
|
||||||
|
"--network=romm"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
36
secrets/zeus/romm.yaml
Normal file
36
secrets/zeus/romm.yaml
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
authKey: ENC[AES256_GCM,data:o2R+msPLlnpkXWU/i0QnTDsvE44z64TT0DsXA0x/zaBZSx1qi0PpEeAAjSQmLYrvbRgocDRid8077108OjQ8Kg==,iv:MYYY7iH5cr/2mVnbk/jW8u4ZjkBn9vouJIiO35lcmbs=,tag:vVSkQOnVgypv7AdR1ASTkQ==,type:str]
|
||||||
|
db:
|
||||||
|
root: ENC[AES256_GCM,data:u+1EJVLRmXsVpwzZY6Zd2Cwfjm8u1nbRRhyMZvN4U1E=,iv:B0xaunsSVUnz5wsm4dC4KqD+oBeJrEmmzPW3THZSD9g=,tag:uyIrI5HMg19q9YQjhs6Gyw==,type:str]
|
||||||
|
user: ENC[AES256_GCM,data:aGyV6nSbBr4Ob6R7JHL60JBUnUrIJYNYeKBIuEhrM5c=,iv:ZcbHzTxkqHbgTUDVm/ZVw85Vf8JvcgKEQwh/uQS2KfA=,tag:IwBYPqJMieNss/sMrUXnfw==,type:str]
|
||||||
|
igdb:
|
||||||
|
client: ENC[AES256_GCM,data:kyjgRyHyPwOPN3cURV8r9mTQvgRAi3lSd9ikFPO+,iv:JZnWLNSYr1WKwCcs31jlYuUATrI/qNjCocnhCHxyg8w=,tag:JvIY6Dq7H82bM/aVKw/93A==,type:str]
|
||||||
|
secret: ENC[AES256_GCM,data:56AIYjgou3lLDdOQS+a5FZQLuW245WT9elf04hJu,iv:nrUytWeeD/bW3D3SAH2jddQta2kZEui0KC09wT/eskQ=,tag:ZTzLz48Sa4iTZCHWqrvA0A==,type:str]
|
||||||
|
sops:
|
||||||
|
kms: []
|
||||||
|
gcp_kms: []
|
||||||
|
azure_kv: []
|
||||||
|
hc_vault: []
|
||||||
|
age:
|
||||||
|
- recipient: age15va8dthvmn30ymex0kkrrk034aq25drmsx4mkmf480a8uq4tvcyqw5s4uk
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHOFFYU2FUZUZKdXQ1bkwv
|
||||||
|
NWRpeE43K1VGUm5QR1lmTHpGNll5UXBrcVdRCnUzOVdTd3FKUjVYaE9qYVpVbVZt
|
||||||
|
WXRhdnZOMHJqNTl1Rlh2UTR3QnBuL0kKLS0tIHg0SWtFaFA4Q3daU1Z0UmZ5aGJR
|
||||||
|
M1BvK3JrQTlYUktVbTFrRjlDZE14TGcKwmZlC74I5BPi5kjZcfKDnycqIHNlXS95
|
||||||
|
kJ5c3+Aq/wdW+3D+q3QGPZznzYksMxqaukjF+Cfbd/IL4dKMbsLNkw==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
- recipient: age1y06hfa8ctp3tr7g2rukmst4cl064hxaqfsx8w0yq4tgmcrv7qvksct7mnl
|
||||||
|
enc: |
|
||||||
|
-----BEGIN AGE ENCRYPTED FILE-----
|
||||||
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqck5jSlJwdldiR3RVblhC
|
||||||
|
UmI3aWIrSGw5cWR1VnAwb0ZnWDZDanMyTkVvCm1nQzJTTjhwQ1pxNU9rL3NZQ0xH
|
||||||
|
QlZoRER3MFIydGhzU3E1cExJYVRMVXMKLS0tIGs3djNBT1kwTHhLdkx0UHVpZENs
|
||||||
|
OUNESEtTanEzZk1Naml0S2pRMG5Ldk0KBCelEV1mRWe3D3/AktblJqsjcs3cBpSc
|
||||||
|
0G54hNgqPGUMmhl3JDtOwaSTJUeStNVK/W6TP6ijoagfOpyb4qfKSQ==
|
||||||
|
-----END AGE ENCRYPTED FILE-----
|
||||||
|
lastmodified: "2024-10-25T01:53:59Z"
|
||||||
|
mac: ENC[AES256_GCM,data:sTcMgCBo58qW7c+ZXeA2/DbaDNBMEDlayb1jzS/4VBqM+anBZMTpgzmwf3I3hnilW6FKHftSkqxRS6VaTVmBp5Ps81EO39lSWKwjKQI1IZ1ZM4V2/mEfIIqzxLaEuXzXWvVSL2FSUy+d4q4LuUa/MrdD9OVy70vL9YnaC2P0U9U=,iv:d8Cu6r4mmqNTlWRhGGucMZZ9/iD0uIiJZ4g6uNCnvfg=,tag:3qY46WZPWzmrw3KuMWDEyQ==,type:str]
|
||||||
|
pgp: []
|
||||||
|
unencrypted_suffix: _unencrypted
|
||||||
|
version: 3.8.1
|
Loading…
Reference in a new issue