mirror of
https://github.com/alyraffauf/nixcfg.git
synced 2024-11-25 15:51:54 -05:00
added port options for oci containers
This commit is contained in:
parent
3ed4b57417
commit
8bbc321005
|
@ -10,7 +10,6 @@
|
||||||
domain = "raffauflabs.com";
|
domain = "raffauflabs.com";
|
||||||
mediaDirectory = "/mnt/Media";
|
mediaDirectory = "/mnt/Media";
|
||||||
archiveDirectory = "/mnt/Archive";
|
archiveDirectory = "/mnt/Archive";
|
||||||
openPorts = [80 443 51413 9091];
|
|
||||||
in {
|
in {
|
||||||
imports = [./hardware-configuration.nix ./home.nix];
|
imports = [./hardware-configuration.nix ./home.nix];
|
||||||
|
|
||||||
|
@ -59,9 +58,12 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
firewall = {
|
firewall = let
|
||||||
allowedTCPPorts = openPorts;
|
transmissionPort = config.alyraffauf.containers.oci.transmission.port;
|
||||||
allowedUDPPorts = openPorts;
|
bitTorrentPort = config.alyraffauf.containers.oci.transmission.bitTorrentPort;
|
||||||
|
in {
|
||||||
|
allowedTCPPorts = [80 443 transmissionPort bitTorrentPort];
|
||||||
|
allowedUDPPorts = [bitTorrentPort];
|
||||||
};
|
};
|
||||||
# My router doesn't expose settings for NAT loopback
|
# My router doesn't expose settings for NAT loopback
|
||||||
# So we have to use this workaround.
|
# So we have to use this workaround.
|
||||||
|
@ -102,7 +104,7 @@ in {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:8080";
|
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.freshRSS.port}";
|
||||||
proxyWebsockets = true; # needed if you need to use WebSocket
|
proxyWebsockets = true; # needed if you need to use WebSocket
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_buffering off;
|
proxy_buffering off;
|
||||||
|
@ -126,7 +128,7 @@ in {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:32400";
|
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.plexMediaServer.port}";
|
||||||
proxyWebsockets = true; # needed if you need to use WebSocket
|
proxyWebsockets = true; # needed if you need to use WebSocket
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_buffering off;
|
proxy_buffering off;
|
||||||
|
@ -138,7 +140,7 @@ in {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://127.0.0.1:13378";
|
proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.audiobookshelf.port}";
|
||||||
# proxyWebsockets = true; # This breaks audiobookshelf.
|
# proxyWebsockets = true; # This breaks audiobookshelf.
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
|
@ -12,12 +12,17 @@
|
||||||
default = "/mnt/Media";
|
default = "/mnt/Media";
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
};
|
};
|
||||||
|
alyraffauf.containers.oci.audiobookshelf.port = lib.mkOption {
|
||||||
|
description = "Port for audiobookshelf.";
|
||||||
|
default = 13378;
|
||||||
|
type = lib.types.int;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf config.alyraffauf.containers.oci.audiobookshelf.enable {
|
config = lib.mkIf config.alyraffauf.containers.oci.audiobookshelf.enable {
|
||||||
virtualisation.oci-containers.containers = {
|
virtualisation.oci-containers.containers = {
|
||||||
audiobookshelf = {
|
audiobookshelf = {
|
||||||
ports = ["0.0.0.0:13378:80"];
|
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.audiobookshelf.port}:80"];
|
||||||
image = "ghcr.io/advplyr/audiobookshelf:latest";
|
image = "ghcr.io/advplyr/audiobookshelf:latest";
|
||||||
environment = {TZ = "America/New_York";};
|
environment = {TZ = "America/New_York";};
|
||||||
volumes = ["abs_config:/config" "abs_metadata:/metadata" "${config.alyraffauf.containers.oci.audiobookshelf.mediaDirectory}:/Media"];
|
volumes = ["abs_config:/config" "abs_metadata:/metadata" "${config.alyraffauf.containers.oci.audiobookshelf.mediaDirectory}:/Media"];
|
||||||
|
|
|
@ -7,12 +7,17 @@
|
||||||
options = {
|
options = {
|
||||||
alyraffauf.containers.oci.freshRSS.enable =
|
alyraffauf.containers.oci.freshRSS.enable =
|
||||||
lib.mkEnableOption "Enable FreshRSS news client.";
|
lib.mkEnableOption "Enable FreshRSS news client.";
|
||||||
|
alyraffauf.containers.oci.freshRSS.port = lib.mkOption {
|
||||||
|
description = "Port for FreshRSS.";
|
||||||
|
default = 8080;
|
||||||
|
type = lib.types.int;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf config.alyraffauf.containers.oci.freshRSS.enable {
|
config = lib.mkIf config.alyraffauf.containers.oci.freshRSS.enable {
|
||||||
virtualisation.oci-containers.containers = {
|
virtualisation.oci-containers.containers = {
|
||||||
freshrss = {
|
freshrss = {
|
||||||
ports = ["0.0.0.0:8080:80"];
|
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.freshRSS.port}:80"];
|
||||||
image = "freshrss/freshrss:latest";
|
image = "freshrss/freshrss:latest";
|
||||||
environment = {
|
environment = {
|
||||||
TZ = "America/New_York";
|
TZ = "America/New_York";
|
||||||
|
|
|
@ -17,12 +17,17 @@
|
||||||
default = "/mnt/Archive";
|
default = "/mnt/Archive";
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
};
|
};
|
||||||
|
alyraffauf.containers.oci.jellyfin.port = lib.mkOption {
|
||||||
|
description = "Port for Jellyfin.";
|
||||||
|
default = 8096;
|
||||||
|
type = lib.types.int;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf config.alyraffauf.containers.oci.jellyfin.enable {
|
config = lib.mkIf config.alyraffauf.containers.oci.jellyfin.enable {
|
||||||
virtualisation.oci-containers.containers = {
|
virtualisation.oci-containers.containers = {
|
||||||
jellyfin = {
|
jellyfin = {
|
||||||
ports = ["0.0.0.0:8096:8096"];
|
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.jellyfin.port}:8096"];
|
||||||
image = "jellyfin/jellyfin";
|
image = "jellyfin/jellyfin";
|
||||||
environment = {TZ = "America/New_York";};
|
environment = {TZ = "America/New_York";};
|
||||||
volumes = [
|
volumes = [
|
||||||
|
|
|
@ -17,12 +17,17 @@
|
||||||
default = "/mnt/Archive";
|
default = "/mnt/Archive";
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
};
|
};
|
||||||
|
alyraffauf.containers.oci.plexMediaServer.port = lib.mkOption {
|
||||||
|
description = "Port for Plex Media Server.";
|
||||||
|
default = 32400;
|
||||||
|
type = lib.types.int;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf config.alyraffauf.containers.oci.plexMediaServer.enable {
|
config = lib.mkIf config.alyraffauf.containers.oci.plexMediaServer.enable {
|
||||||
virtualisation.oci-containers.containers = {
|
virtualisation.oci-containers.containers = {
|
||||||
plexMediaServer = {
|
plexMediaServer = {
|
||||||
ports = ["0.0.0.0:32400:32400"];
|
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.plexMediaServer.port}:32400"];
|
||||||
image = "plexinc/pms-docker:public";
|
image = "plexinc/pms-docker:public";
|
||||||
environment = {TZ = "America/New_York";};
|
environment = {TZ = "America/New_York";};
|
||||||
volumes = [
|
volumes = [
|
||||||
|
|
|
@ -17,12 +17,22 @@
|
||||||
default = "/mnt/Archive";
|
default = "/mnt/Archive";
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
};
|
};
|
||||||
|
alyraffauf.containers.oci.transmission.port = lib.mkOption {
|
||||||
|
description = "Port for Transmission.";
|
||||||
|
default = 9091;
|
||||||
|
type = lib.types.int;
|
||||||
|
};
|
||||||
|
alyraffauf.containers.oci.transmission.bitTorrentPort = lib.mkOption {
|
||||||
|
description = "Port for BitTorrent p2p services..";
|
||||||
|
default = 5143;
|
||||||
|
type = lib.types.int;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf config.alyraffauf.containers.oci.transmission.enable {
|
config = lib.mkIf config.alyraffauf.containers.oci.transmission.enable {
|
||||||
virtualisation.oci-containers.containers = {
|
virtualisation.oci-containers.containers = {
|
||||||
transmission = {
|
transmission = {
|
||||||
ports = ["0.0.0.0:9091:9091" "0.0.0.0:51413:51413"];
|
ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.port}:9091" "0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.bitTorrentPort}:51413"];
|
||||||
image = "linuxserver/transmission:latest";
|
image = "linuxserver/transmission:latest";
|
||||||
environment = {
|
environment = {
|
||||||
PGID = "1000";
|
PGID = "1000";
|
||||||
|
|
Loading…
Reference in a new issue