alyraffauf/nixcfg
1
0
Fork 0
mirror of https://github.com/alyraffauf/nixcfg.git synced 2024-11-22 01:33:55 -05:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

added port options for oci containers

Browse source
This commit is contained in:
Aly Raffauf 2024-04-22 21:49:08 -04:00
parent 3ed4b57417
commit 8bbc321005
6 changed files with 44 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
hosts/mauville/default.nix
View file

@ -10,7 +10,6 @@
domain = "raffauflabs.com";
mediaDirectory = "/mnt/Media";
archiveDirectory = "/mnt/Archive";
openPorts = [80 443 51413 9091];
in {
imports = [./hardware-configuration.nix ./home.nix];
@ -59,9 +58,12 @@ in {
};
networking = {
firewall = {
allowedTCPPorts = openPorts;
allowedUDPPorts = openPorts;
firewall = let
transmissionPort = config.alyraffauf.containers.oci.transmission.port;
bitTorrentPort = config.alyraffauf.containers.oci.transmission.bitTorrentPort;
in {
allowedTCPPorts = [80 443 transmissionPort bitTorrentPort];
allowedUDPPorts = [bitTorrentPort];
};
# My router doesn't expose settings for NAT loopback
# So we have to use this workaround.
@ -102,7 +104,7 @@ in {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8080";
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.freshRSS.port}";
proxyWebsockets = true; # needed if you need to use WebSocket
extraConfig = ''
proxy_buffering off;
@ -126,7 +128,7 @@ in {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:32400";
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.plexMediaServer.port}";
proxyWebsockets = true; # needed if you need to use WebSocket
extraConfig = ''
proxy_buffering off;
@ -138,7 +140,7 @@ in {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:13378";
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.audiobookshelf.port}";
# proxyWebsockets = true; # This breaks audiobookshelf.
extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

7
nixosModules/containers/oci/audiobookshelf/default.nix
View file

@ -12,12 +12,17 @@
default = "/mnt/Media";
type = lib.types.str;
};
alyraffauf.containers.oci.audiobookshelf.port = lib.mkOption {
description = "Port for audiobookshelf.";
default = 13378;
type = lib.types.int;
};
};
config = lib.mkIf config.alyraffauf.containers.oci.audiobookshelf.enable {
virtualisation.oci-containers.containers = {
audiobookshelf = {
ports = ["0.0.0.0:13378:80"];
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.audiobookshelf.port}:80"];
image = "ghcr.io/advplyr/audiobookshelf:latest";
environment = {TZ = "America/New_York";};
volumes = ["abs_config:/config" "abs_metadata:/metadata" "${config.alyraffauf.containers.oci.audiobookshelf.mediaDirectory}:/Media"];

7
nixosModules/containers/oci/freshRSS/default.nix
View file

@ -7,12 +7,17 @@
options = {
alyraffauf.containers.oci.freshRSS.enable =
lib.mkEnableOption "Enable FreshRSS news client.";
alyraffauf.containers.oci.freshRSS.port = lib.mkOption {
description = "Port for FreshRSS.";
default = 8080;
type = lib.types.int;
};
};
config = lib.mkIf config.alyraffauf.containers.oci.freshRSS.enable {
virtualisation.oci-containers.containers = {
freshrss = {
ports = ["0.0.0.0:8080:80"];
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.freshRSS.port}:80"];
image = "freshrss/freshrss:latest";
environment = {
TZ = "America/New_York";

7
nixosModules/containers/oci/jellyfin/default.nix
View file

@ -17,12 +17,17 @@
default = "/mnt/Archive";
type = lib.types.str;
};
alyraffauf.containers.oci.jellyfin.port = lib.mkOption {
description = "Port for Jellyfin.";
default = 8096;
type = lib.types.int;
};
};
config = lib.mkIf config.alyraffauf.containers.oci.jellyfin.enable {
virtualisation.oci-containers.containers = {
jellyfin = {
ports = ["0.0.0.0:8096:8096"];
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.jellyfin.port}:8096"];
image = "jellyfin/jellyfin";
environment = {TZ = "America/New_York";};
volumes = [

7
nixosModules/containers/oci/plexMediaServer/default.nix
View file

@ -17,12 +17,17 @@
default = "/mnt/Archive";
type = lib.types.str;
};
alyraffauf.containers.oci.plexMediaServer.port = lib.mkOption {
description = "Port for Plex Media Server.";
default = 32400;
type = lib.types.int;
};
};
config = lib.mkIf config.alyraffauf.containers.oci.plexMediaServer.enable {
virtualisation.oci-containers.containers = {
plexMediaServer = {
ports = ["0.0.0.0:32400:32400"];
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.plexMediaServer.port}:32400"];
image = "plexinc/pms-docker:public";
environment = {TZ = "America/New_York";};
volumes = [

12
nixosModules/containers/oci/transmission/default.nix
View file

@ -17,12 +17,22 @@
default = "/mnt/Archive";
type = lib.types.str;
};
alyraffauf.containers.oci.transmission.port = lib.mkOption {
description = "Port for Transmission.";
default = 9091;
type = lib.types.int;
};
alyraffauf.containers.oci.transmission.bitTorrentPort = lib.mkOption {
description = "Port for BitTorrent p2p services..";
default = 5143;
type = lib.types.int;
};
};
config = lib.mkIf config.alyraffauf.containers.oci.transmission.enable {
virtualisation.oci-containers.containers = {
transmission = {
ports = ["0.0.0.0:9091:9091" "0.0.0.0:51413:51413"];
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.port}:9091" "0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.bitTorrentPort}:51413"];
image = "linuxserver/transmission:latest";
environment = {
PGID = "1000";