alyraffauf/nixcfg
1
0
Fork 0
mirror of https://github.com/alyraffauf/nixcfg.git synced 2024-11-25 13:51:54 -05:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

added port options for oci containers

Browse source
This commit is contained in:
Aly Raffauf 2024-04-22 21:49:08 -04:00
parent 3ed4b57417
commit 8bbc321005
6 changed files with 44 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
hosts/mauville/default.nix
View file

@ -10,7 +10,6 @@
domain = "raffauflabs.com"; domain = "raffauflabs.com";
mediaDirectory = "/mnt/Media"; mediaDirectory = "/mnt/Media";
archiveDirectory = "/mnt/Archive"; archiveDirectory = "/mnt/Archive";
openPorts = [80 443 51413 9091];
in { in {
imports = [./hardware-configuration.nix ./home.nix]; imports = [./hardware-configuration.nix ./home.nix];
@ -59,9 +58,12 @@ in {
}; };
networking = { networking = {
firewall = { firewall = let
allowedTCPPorts = openPorts; transmissionPort = config.alyraffauf.containers.oci.transmission.port;
allowedUDPPorts = openPorts; bitTorrentPort = config.alyraffauf.containers.oci.transmission.bitTorrentPort;
in {
allowedTCPPorts = [80 443 transmissionPort bitTorrentPort];
allowedUDPPorts = [bitTorrentPort];
}; };
# My router doesn't expose settings for NAT loopback # My router doesn't expose settings for NAT loopback
# So we have to use this workaround. # So we have to use this workaround.
@ -102,7 +104,7 @@ in {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:8080"; proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.freshRSS.port}";
proxyWebsockets = true; # needed if you need to use WebSocket proxyWebsockets = true; # needed if you need to use WebSocket
extraConfig = '' extraConfig = ''
proxy_buffering off; proxy_buffering off;
@ -126,7 +128,7 @@ in {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:32400"; proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.plexMediaServer.port}";
proxyWebsockets = true; # needed if you need to use WebSocket proxyWebsockets = true; # needed if you need to use WebSocket
extraConfig = '' extraConfig = ''
proxy_buffering off; proxy_buffering off;
@ -138,7 +140,7 @@ in {
enableACME = true; enableACME = true;
forceSSL = true; forceSSL = true;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:13378"; proxyPass = "http://127.0.0.1:${toString config.alyraffauf.containers.oci.audiobookshelf.port}";
# proxyWebsockets = true; # This breaks audiobookshelf. # proxyWebsockets = true; # This breaks audiobookshelf.
extraConfig = '' extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

7
nixosModules/containers/oci/audiobookshelf/default.nix
View file

@ -12,12 +12,17 @@
default = "/mnt/Media"; default = "/mnt/Media";
type = lib.types.str; type = lib.types.str;
}; };
alyraffauf.containers.oci.audiobookshelf.port = lib.mkOption {
description = "Port for audiobookshelf.";
default = 13378;
type = lib.types.int;
};
}; };
config = lib.mkIf config.alyraffauf.containers.oci.audiobookshelf.enable { config = lib.mkIf config.alyraffauf.containers.oci.audiobookshelf.enable {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
audiobookshelf = { audiobookshelf = {
ports = ["0.0.0.0:13378:80"]; ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.audiobookshelf.port}:80"];
image = "ghcr.io/advplyr/audiobookshelf:latest"; image = "ghcr.io/advplyr/audiobookshelf:latest";
environment = {TZ = "America/New_York";}; environment = {TZ = "America/New_York";};
volumes = ["abs_config:/config" "abs_metadata:/metadata" "${config.alyraffauf.containers.oci.audiobookshelf.mediaDirectory}:/Media"]; volumes = ["abs_config:/config" "abs_metadata:/metadata" "${config.alyraffauf.containers.oci.audiobookshelf.mediaDirectory}:/Media"];

7
nixosModules/containers/oci/freshRSS/default.nix
View file

@ -7,12 +7,17 @@
options = { options = {
alyraffauf.containers.oci.freshRSS.enable = alyraffauf.containers.oci.freshRSS.enable =
lib.mkEnableOption "Enable FreshRSS news client."; lib.mkEnableOption "Enable FreshRSS news client.";
alyraffauf.containers.oci.freshRSS.port = lib.mkOption {
description = "Port for FreshRSS.";
default = 8080;
type = lib.types.int;
};
}; };
config = lib.mkIf config.alyraffauf.containers.oci.freshRSS.enable { config = lib.mkIf config.alyraffauf.containers.oci.freshRSS.enable {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
freshrss = { freshrss = {
ports = ["0.0.0.0:8080:80"]; ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.freshRSS.port}:80"];
image = "freshrss/freshrss:latest"; image = "freshrss/freshrss:latest";
environment = { environment = {
TZ = "America/New_York"; TZ = "America/New_York";

7
nixosModules/containers/oci/jellyfin/default.nix
View file

@ -17,12 +17,17 @@
default = "/mnt/Archive"; default = "/mnt/Archive";
type = lib.types.str; type = lib.types.str;
}; };
alyraffauf.containers.oci.jellyfin.port = lib.mkOption {
description = "Port for Jellyfin.";
default = 8096;
type = lib.types.int;
};
}; };
config = lib.mkIf config.alyraffauf.containers.oci.jellyfin.enable { config = lib.mkIf config.alyraffauf.containers.oci.jellyfin.enable {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
jellyfin = { jellyfin = {
ports = ["0.0.0.0:8096:8096"]; ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.jellyfin.port}:8096"];
image = "jellyfin/jellyfin"; image = "jellyfin/jellyfin";
environment = {TZ = "America/New_York";}; environment = {TZ = "America/New_York";};
volumes = [ volumes = [

7
nixosModules/containers/oci/plexMediaServer/default.nix
View file

@ -17,12 +17,17 @@
default = "/mnt/Archive"; default = "/mnt/Archive";
type = lib.types.str; type = lib.types.str;
}; };
alyraffauf.containers.oci.plexMediaServer.port = lib.mkOption {
description = "Port for Plex Media Server.";
default = 32400;
type = lib.types.int;
};
}; };
config = lib.mkIf config.alyraffauf.containers.oci.plexMediaServer.enable { config = lib.mkIf config.alyraffauf.containers.oci.plexMediaServer.enable {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
plexMediaServer = { plexMediaServer = {
ports = ["0.0.0.0:32400:32400"]; ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.plexMediaServer.port}:32400"];
image = "plexinc/pms-docker:public"; image = "plexinc/pms-docker:public";
environment = {TZ = "America/New_York";}; environment = {TZ = "America/New_York";};
volumes = [ volumes = [

12
nixosModules/containers/oci/transmission/default.nix
View file

@ -17,12 +17,22 @@
default = "/mnt/Archive"; default = "/mnt/Archive";
type = lib.types.str; type = lib.types.str;
}; };
alyraffauf.containers.oci.transmission.port = lib.mkOption {
description = "Port for Transmission.";
default = 9091;
type = lib.types.int;
};
alyraffauf.containers.oci.transmission.bitTorrentPort = lib.mkOption {
description = "Port for BitTorrent p2p services..";
default = 5143;
type = lib.types.int;
};
}; };
config = lib.mkIf config.alyraffauf.containers.oci.transmission.enable { config = lib.mkIf config.alyraffauf.containers.oci.transmission.enable {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
transmission = { transmission = {
ports = ["0.0.0.0:9091:9091" "0.0.0.0:51413:51413"]; ports = ["0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.port}:9091" "0.0.0.0:${toString config.alyraffauf.containers.oci.transmission.bitTorrentPort}:51413"];
image = "linuxserver/transmission:latest"; image = "linuxserver/transmission:latest";
environment = { environment = {
PGID = "1000"; PGID = "1000";