44 lines
1.2 KiB
Nix
44 lines
1.2 KiB
Nix
{ config, ... }:
|
|
{
|
|
sops = {
|
|
secrets."tailscale/authkey" = { };
|
|
templates."docker.env".content = ''
|
|
TAILSCALE_AUTHKEY=${config.sops.placeholder."tailscale/authkey"}
|
|
'';
|
|
};
|
|
virtualisation = {
|
|
containers.enable = true;
|
|
podman.enable = true;
|
|
oci-containers.containers = {
|
|
jellyfin = {
|
|
image = "lscr.io/linuxserver/jellyfin:latest";
|
|
volumes = [
|
|
"jellyfin-config:/config"
|
|
"/video-data/media:/data/media"
|
|
"jellyfin-tailscale:/var/lib/tailscale"
|
|
];
|
|
environment = {
|
|
DOCKER_MODS = "ghcr.io/tailscale-dev/docker-mod:main";
|
|
TAILSCALE_STATE_DIR = "/var/lib/tailscale";
|
|
TAILSCALE_HOSTNAME = "jellyfin";
|
|
TAILSCALE_SERVE_PORT = "8096";
|
|
TAILSCALE_SERVE_MODE = "http";
|
|
TZ = "America/New_York";
|
|
PUID = "920";
|
|
PGID = "911";
|
|
UMASK = "002";
|
|
};
|
|
environmentFiles = [ config.sops.templates."docker.env".path ];
|
|
labels.swag = "enable";
|
|
ports = [
|
|
"1900:1900/udp"
|
|
"7359:7359/udp"
|
|
];
|
|
extraOptions = [
|
|
"--pull=newer"
|
|
"--network=www"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|